Geo Restriction on Application Gateway

Question

Hi Team, Wondering if there is a explicit way of allowing certain geo location to access the web portal hosted behind the application gateway. Lets say if I want the users from US and Europe to access the web app hosted behind the application gateway, how can I control this on the application gateway

Answer 1

@Devapriya Gnanavel Thank you for reaching out to Microsoft Q&A.

I understand that you want to know how to apply Geo Restriction on Application Gateway. You can achieve this by using Custom rules for Web Application Firewall v2 on Azure Application Gateway.

Custom rules allow you to create tailored rules to suit the exact needs of your applications and security policies. You can restrict access to your web applications by country/region.

To create a geo-filtering custom rule in the Azure portal, simply select Geo location as the Match Type, and then select the country/region or countries/regions you want to allow/block from your application. When creating geomatch rules with Azure PowerShell or Azure Resource Manager, use the match variable RemoteAddr and the operator Geomatch.

Here is an example of How to allow traffic only from the US using the GeoMatch operator. Hope this helps.

Please let us know if you have any further questions and we will be glad to assist you further. Thank you!

Remember:

Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.

Want a reminder to come back and check responses? Here is how to subscribe to a notification.