Did you resolve this issue?
I have the same error for no reason.
403 error even after allowing IP in network restriction
A bit of information regarding my setup.
I have a web app, which I have been using for the past couple of years. I use the application gateway's frontend Ip configuration to access my web app. For this, I added the frontend IP address to the network restriction rules of my web app. It has been working fine. since today morning, I keep getting an error on the application gateway saying that the backend is unhealthy with the following error message
"Received invalid status code: 403 in the backend server’s HTTP response. As per the health probe configuration, 200-399 is the acceptable status code. Either modify probe configuration or resolve backend issues"
After some research, I found that I can use the "Diagnose and solve problems"(Which client IPs got rejected due to IP restriction?) option in the web app to find out which requests from which IP addresses have been blocked.
In the logs i see that ipv6 addresses like "fde2:8daa:2000:f05a:6a20:100:a88:f306"(not the exact one). But, i have put ipv4 address of frontend of app gateway.
This started happening today morning. Please help me out
Hi mates, I am facing the same issue with no luck at the moment.
In my case I am using a private endpoint linked to the App Service, so only traffic from internal network is allowed.
Checking restricted IPs I see a lot of blocked traffic from an IPv6 address, I suppose that this come from App Gateway health probes.
Finally, if I test a health probe separately I get a 200 response status, but backend health pane keeps displaying a 403 code.
All suggestions are absolutely welcome.
Sign in to comment
Sort by: Most helpful
@Fernando Gutiérrez Aguilera What do you have configured for the backend? Is it a FQDN? If so, please try adding the IPv4 address of the backend and see if that helps as Application Gateway does not support Ipv6 addresses if the FQDN resolves to IPv6.