Alternative to closing ports used by Azure Virtual Network Gateway
It is to my understanding that Azure Virtual Network Gateway requires some ports to be open for Azure infrastructure communucation and that there was no way to close said ports on the Network Gateway. My question is if there is an alternative or…
How to redirect traffic from public ip of VM to firewall then to private IP of VM?
Hello, I have a problem with unusual infrastructure in Azure. I deployed firewall (pfsense) on default VNET 10.0.0.0/24, assign private IP: 10.0.0.4 for pfsense and I added route table: default route: 0.0.0.0/0 next hop is 10.0.0.4 (priv IP of pfsense)…
Azure VPN Gateway and Azure Firewall - S2S communication filtering
Hi Everyone! Please, I need your advice. I have Virtual network gateway which connects three on-prem sites (3 x Local network gateways). This part works perfect. There are only route and policy based routing (no dyn). All endpoints can ping each other…
Inbound traffic to public IP address associated to Azure Firewall Premium
How to allow inbound traffic to public IP address associated to Azure Firewall Premium?
How to configure Application Gateway before Azure Firewall to App Services
Dear Microsoft community, I have an application gateway setup with WAF with app services as the backend pool targets. I have also setup access restrictions in the app service networking to only allow traffic through application gateway. Till here…
Allow all outbound traffic through Azure Firewall
I followed the guide for implementing a new fresh Azure Firewall environment. I have set up a route table with traffic 0.0.0.0/0 to my Azure Firewall, but yet I want to route all internet traffic through this firewall to outside without any exceptions? …
Inbound port based routing
Hi, I have an issue where I require end users accessing the same public DNS name using different ports to be redirected to different public endpoints. For example - users accessing domain.com over port 80 get directed to the public IP of an…
Implementing Azure Firewall and Application Gateway in parallel
We have an existing Azure Application Gateway(AGW subnet) with WAF policies defined in our main VNET where host(host subnet) and proxy(proxy subnet) machines also reside. We have another VNET for SFTP servers(sftp subnet). Now we are implementing Azure…
How to migrate Azure Firewall Policies/Configuration to a different Azure account?
What is the process for migrating or importing existing Azure Firewall Policies/Configuration to different Azure accounts? I have a "template.json" and "parameters.json" file from another Azure Firewall setup, and I want to import…
Unable to connect to SFTP server in Azure from any machines in Azure since Azure Firewall configured
Hi, We have recently configured the Azure Firewall, and since then, connection to the SFTP virtual server in Azure has been failing for devices within Azure. It was working fine before we configured the Azure Firewall. However, connecting to the SFTP…
Azure governance and security compliance certificate query
Hi Team, For one of the customer, we have to provide governance and security compliance certificate based on Malaysia country to host Azure services. can you please provide any url where I can find them. I found below url where cannot see for security.…
How do i make API call's form microsoft azure databricks using a static IP address?
How do i make API call's form microsoft azure databricks using a static IP address? i am doing a get request from databricks - towards external source , To be more secure and safe - we want to whitelist only this IP (static IP from databricks ) on the…
I can't see an option to change firewall rules under setting in firewall
I want to add firewall rule under settings in azureFirewall but there is no option to do so
Setting up azure firewall premium policies
I am trying to implement Azure firewall premium for our existing infrastructure using terraform to enable the IDPS feature. But the main issue I am facing is the azure firewall policies(Dnat rules) which I created are not working or not getting attached…
Azure routing through a firewall to get to a DB backend Database over a VPN
I have two Azure VNETs, One is a Management VNET containing a public facing Application Gateway with an Azure Premium Firewall behind that. The other is a DEV VNET with a subnet containing a private endpoint to an SQL database. I use a VPN Gateway to…
Where does Azure Firewall send TCP RST packets during Virtual Machine Scale Set scale in (scale down)?
Currently we have connection losses in our network, these seem to coincide with Azure Firewall VM instance shutdowns. Therefore I better want to understand what happens. In the Load Balancer TCP Reset and Idle Timeout documentation I read that it’s…
VPN Gateway Routing Issue
Hi All, I will explain the existing setup and the challenges we are facing now.. --> Here in this Azure Cloud infra, all remote users, Vendors, Branches are terminated/connected through Azure VPN Gateway.--> Among that, One of the S2S connections…
Azure Firewall as NVA
Hi all, Hope you are doing well! Do I need to deploy a Virtual Network Gateway for spoke hub connectivity even if I deploy an Azure Firewall. If yes, how the routing will happen? Thanks
DNS Resolution Issues across Hubs
I have an existing VWAN and single VHUb. The Existing setup. All that is shown here in Subscription A works great. The sub A hub does not have a Firewall at this time. The VNets that are peered with the existing Hub, all have their Vnet DNS set to…
AzureFW Deny rule is not output during connection troubleshooting
After verifying the connectivity troubleshooting below, We were able to confirm that no errors were output due to Deny in the AzureFW application rules. Access to https://www.example.com from VM2 is recognized as denied by AzureFW. ・Network …