This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 23%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKR%3C/text%3E%3C/svg%3E)
A bit of information regarding my setup.
I have a web app, which I have been using for the past couple of years. I use the application gateway's frontend Ip configuration to access my web app. For this, I added the frontend IP address to the network restriction rules of my web app. It has been working fine. since today morning, I keep getting an error on the application gateway saying that the backend is unhealthy with the following error message
"Received invalid status code: 403 in the backend server’s HTTP response. As per the health probe configuration, 200-399 is the acceptable status code. Either modify probe configuration or resolve backend issues"
After some research, I found that I can use the "Diagnose and solve problems"(Which client IPs got rejected due to IP restriction?) option in the web app to find out which requests from which IP addresses have been blocked.
In the logs i see that ipv6 addresses like "fde2:8daa:2000:f05a:6a20:100:a88:f306"(not the exact one). But, i have put ipv4 address of frontend of app gateway.
This started happening today morning. Please help me out
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 38%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFG%3C/text%3E%3C/svg%3E)
Hi mates, I am facing the same issue with no luck at the moment.
In my case I am using a private endpoint linked to the App Service, so only traffic from internal network is allowed.
Checking restricted IPs I see a lot of blocked traffic from an IPv6 address, I suppose that this come from App Gateway health probes.
Finally, if I test a health probe separately I get a 200 response status, but backend health pane keeps displaying a 403 code.
All suggestions are absolutely welcome.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 36%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
@Fernando Gutiérrez Aguilera What do you have configured for the backend? Is it a FQDN? If so, please try adding the IPv4 address of the backend and see if that helps as Application Gateway does not support Ipv6 addresses if the FQDN resolves to IPv6.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 43%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESH%3C/text%3E%3C/svg%3E)
Hello,
Did you resolve this issue?
I have the same error for no reason.
@Serhiy Hryhorchuk What do you have configured for the backend? Is it a FQDN? If so, please try adding the IPv4 address of the backend and see if that helps as Application Gateway does not support Ipv6 addresses if the FQDN resolves to IPv6.