Azure application gateway with Web App - Gateway IP wont work

Question

Hello Team,

I have Azure web app and i wanted to configure Azure Application gateway so that all the public IP traffic are routed through application gateway.

For that i have created Application gateway and vNET, later I go to Web App Service - Networking
and for Access Restriction rule added for that Application gateway vNET.

So while I hit the https://*****.azurewebsites.net it showing "Error 403 - Forbidden" that's seems Correct behavior as now access the site through app gateway only.

but while I hit the application gateway Frontend public IP address "137...214" then it will auto redirected to https://********.azurewebsites.net:80/ with append 80 port and while i remove 80 it showing same Error 403.

I am looking for solution to call web App via application gateway IP - Any suggestion ?
also How it will be configured in case of Custom domain usage

Thanks,

Answer 1

You'll likely want to review your configuration. If the redirect is happening, likely you'll want to configure your backend pool to use the custom domain in the host header but still route the request to the web app using the http setting to override host header to your custom domain. Then on the backend web app make sure you have the custom domain mapped.

https://learn.microsoft.com/en-us/azure/application-gateway/configure-web-app-portal#edit-http-settings-for-app-service

Answer 2

Have you allowed the public IP address of the application gateway? Unless you are using private endpoints it will be the public IP address of the application gateway that you need to allow in the web app access restrictions.

Some more info can be found here:
https://learn.microsoft.com/en-us/azure/app-service/app-service-ip-restrictions#set-a-service-endpoint-based-rule

Answer 3

Check the PS script added at the end of the below document and see it helps
rewrite-http-headers-url