Azure Application Gateway and FortiGate Firewall are in different VNET, all incoming and outgoing traffic is going via firewall. do we need to configure any Azure firewall policy any advice on this??

Ramasamy Balasubramanian 0 Reputation points
2024-06-13T17:37:54.2833333+00:00

FortiGate Firewall - VNET A

Application Gateway - VNET B

all the incoming and out going traffic communication happens via FortiGate Firewall on VNET A.. does it require any Azure firewall policy on Application gateway ??

Thanks..Kindly suggest,

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,008 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Vahid Ghafarpour 20,480 Reputation points
    2024-06-13T17:59:38.6433333+00:00

    Thanks for posting your question in the Microsoft Q&A forum.

    Since FortiGate Firewall is already managing traffic, I believe you don’t necessarily need an Azure firewall policy on the Application Gateway.

    However, consider the following points:

    • Network Security Groups (NSGs): Ensure that NSGs are configured correctly to allow traffic between VNET A and VNET B.
    • Application Security: If your web applications require additional protection, consider enabling WAF on the Application Gateway.
    • Routing: Set up proper routing so that traffic flows through FortiGate (via UDRs) when reaching the Application Gateway.

    ** Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful **

    0 comments No comments