Azure Firewall: Identifying SourceIPs with High SNAT Port Utilization
I received an alert that the SNAT port utilization for my Azure Firewall is high. Is there a way to see which SourceIPs are consuming more SNAT port data? I tried using a Kusto query but was unsuccessful. Can anyone help me identify the SourceIPs with…
Trouble Opening Port 443 (HTTPS) in Azure Despite Configuring NSG: Need Assistance!
I've correctly set up inbound rules in the Network Security Group (NSG) on Azure to open ports 80 and 9000, and both are functioning as expected. However, I'm encountering difficulties opening port 443 (HTTPS). Even after adding a specific inbound rule…
Missing description field for Azure Firewall Policy Rule Collection Group rules
In the reference documentation for creating rules in rule collection groups in Azure Firewall Policy the description field is listed as valid for individual rules:…
How to create a Workspace Managed Virtual Network Isolation if the Microsoft Documentation is outdated?
Hello! I am following the step by step to configure an Azure Machine Learning Workspace (https://learn.microsoft.com/en-us/azure/machine-learning/how-to-managed-network?view=azureml-api-2&tabs=azure-cli) that can connect to a Azure Storage Account…
Setting up Azure Firewall for network perimeter
How can I set up Azure Firewall for better security and at more of the resource group level? I already have a network security group (NSG) set up with IP whitelisting for an exposed endpoint, but I'm not sure how to connect the filtered traffic to the…
When to use Azure WAF or Azure Firewall ?
Hi Folks, Can anyone here please share some thoughts and comments of when to use Azure WAF or Azure Firewall? I have already existing Azure ExpressRoute so my Azure VMs can ping my OnPremise servers, and vice versa. My purpose here is to be able to…
cannot read firewall log
When I try to run query against the firewall logs, below error returns: 'parse' operator: Failed to resolve scalar expression named 'msg_s' If the issue persists, please open a support ticket.
Azure Firewall Service Tag AzureCloud
Hi We're in the implementing phase of Azure vWAN combined with Azure Firewall and Azure Firewall Policies. We've configured a network rule which allows the port 80 and 443 to the service tag "AzureCloud" which should include all IP ranges from…
Azure Firewall & Application Gateway Regional Configuration Clarity
Hello team, Good day!! I have setup Azure Firewall and Application gateway which are 3+ years old now, and during that time, I believe there wasn't an option to choose zones for these two resources and if I check the properties in the JSON of it, I don't…
How can I configure my .NET app to use Azure Firewall proxy in explicit mode?
I'm trying to use Azure Firewall in explicit proxy mode to test that my .NET app works when configured with a proxy. The .NET app uses the WebProxy class to configure the HttpClient:…
azure firewall logs not showing
when I'm running azure firewall logs i get message like this 'parse' operator: Failed to resolve scalar expression named 'msg_s' Request id: 96c34b02-3935-49f2-978f-db9cc5d7dcf9 also i don't get any logs from azure firewall
How to get all firewall rules across multiple subscriptions and multiple RG's with all the properties via Azures Resource Graph?
Hi, We are looking for some help with proper formulation of a query that would give us all firewall rules with all properties . We have multiple firewall both with classic rules and firewall policy ones as well spread across multiple subscriptions.
how to configure traffic pass through onpermis firewall to azure firewall
hi My Architecture design On-premise Sophos firewall configuration site to site VPN (Azure) established static route configure 10.60.0.0/16 windows server(172.16.16.0/24) AZURE - Hub and Spoke design HUB VNet -Deployed (10.50.0.0/16) Azure…
How to check detail outbound traffic of AKS with Azure Firewall setup
Hi, We have a AKS and all outbound traffic from this AKS are forwarded to a Azure Firewall with a user-defined route table. May I know where can I find the detail log of the outbound traffic? The closest log I can find are the AZFWApplicationRule and…
Routing To On-Prem from Azure Spoke VNET
Hello Need some help in understanding how routing is actually working. Proposed hub and spoke set up. The Hub will contain our Azure Firewall and a Express route vpn gateway which connects to our onprem datacentre. We plan to connect 3 spoke VNETS to the…
Azure Firewall outbound traffic
Hello Everyone, How to check the total outbound internet traffic for the last 30 days in Azure Firewall. Please advice. I searched in the metrics, but it did not display anything related to outbound traffic. Although "data processed" is…
How to associate an existent Public IP with Azure Firewall
Hey guys, Is it possible to use one or more existing/pre-defined IPs with the Azure Firewall? *The Firewall is in a secure hub environment There are documents/scripts to create new IPs and associate them with the Firewall, via portal as well, but none of…
Azure firewall high data processed
Hello All, I need you help to identify the issue. I observed a pattern in the Azure firewall metric for high data processing from January 24th, 2024, and I want to identify from which source it is generating high traffic. Due to this, the cost has also…
User not able to access the one of the website service and getting i/o error
We have an environment hub and spoke model with outbound internet controls via Azure Firewall . One of the Source machine generating traffic towards internet towards website .Website is accesable but one of the service is not working . Error showing my…
For firewall settings on systems receiving communications from Azure, how to restrict IP source
I have a cloud based server application that is being accessed by Azure based cloud applications. I need to protect my application from misuse by Firewall and really only want to permit access at the Networking level for particular customers. For the…