VPN Gateway Routing Issue
Hi All, I will explain the existing setup and the challenges we are facing now.. --> Here in this Azure Cloud infra, all remote users, Vendors, Branches are terminated/connected through Azure VPN Gateway.--> Among that, One of the S2S connections…
Azure Firewall as NVA
Hi all, Hope you are doing well! Do I need to deploy a Virtual Network Gateway for spoke hub connectivity even if I deploy an Azure Firewall. If yes, how the routing will happen? Thanks
DNS Resolution Issues across Hubs
I have an existing VWAN and single VHUb. The Existing setup. All that is shown here in Subscription A works great. The sub A hub does not have a Firewall at this time. The VNets that are peered with the existing Hub, all have their Vnet DNS set to…
AzureFW Deny rule is not output during connection troubleshooting
After verifying the connectivity troubleshooting below, We were able to confirm that no errors were output due to Deny in the AzureFW application rules. Access to https://www.example.com from VM2 is recognized as denied by AzureFW. ・Network …
Disabling/bypassing particular signature for a particular traffic in IDPS
Hello, There is a false positive alert in the IDPS logs and I am looking to bypass that particular signature ID for that particular traffic (source, destination and port), but it seems like there is not a way to do this in IDPS currently. I noticed there…
Azure App Gateway with backend Static Website in Storage account
Hi, I was hoping you may be able to help with a problem I may have. I current have a Static Web Site hosted in a Storage Account. This static Website call a Function App API as the backend. We have deployed the access to the Web site and Function API…
Unable to establish connection between on-prem and Azure spoke vNet through Azure Firewall
We have a Hub and spoke configuration of vNets. Spokes are peered with Hub vNet which has Express route connectivity to on-prem. Hub has Azure Firewall with an IP address range of 53.x series like on-prem, and spoke has 172.x series. We are not able to…
Azure Function Outboud TLS call via Azure Firewall - Can I use TLS Inscpection
Hi, I currently have 4 Functions Apps that I calling external 3rd party API endpoints to either push or pull data into development service. This is currently in development. I have recently been told by our Security Team that I need to pass this…
tracert shows request time out in azure windows
tracert shows request time out for all the hops except the last hop no matter what hostname/ip. does anyone know how to fix is issue in azure? Windows PowerShell Copyright (C) 2014 Microsoft Corporation. All rights reserved. PS…
Why does Azure Data Studio (and SSMS) not honor my VPN IP address?
When I attempt to connect to an Azure Data Warehouse from Azure Data Studio (and SSMS) while on my corporate VPN the connection uses my ISP's IP address and not my VPN assigned IP address. How can we have the connection honor my VPN IP address?
Cant connect after adding default route
Having trouble with something I thought would be simple... Need to block internet traffic on specific Azure VM's to all but a select few sites. We have (2) groups of Azure VM's... With_Internet, basically unfiltered outbound traffic NO_Internet,…
Issue with VirtualNetwork service tag when using UDR for routing via Azure Firewall
Hi Experts, When I add a UDR on my Spoke Subnets to use Azure Firewall for default outbound (0.0.0.0/0 -> Azure Firewall IP), the Virtual Network service tag on the NSG attached to the Spoke Subnets gets 0.0.0.0/0 value. When I remove the UDR default…
One of my client is using Synapse Workspace to manage SQL servers. Why does the public network access setting not visible? Is it due to the creation of the workspace that way?
One of my client is using Synapse Workspace to manage SQL servers. Why does the public network access setting not visible? Is it due to the creation of the workspace that way?
FQDN Tags.
Due to a change in Policy, we recently disabled internet access from our environment and are now not able to connect to SharePoint, and authentication to Micrsosoftonline also fails. We are in favor of setting up Azure firewall Application rules that…
How to make Azure Databricks cluster outbound connectivity consistent with 1 public outgoing IP address?
I've setup an Azure Databricks service that should get outbound connectivity through an Azure Firewall, which in turn makes sure that all outbound traffic is routed through a single public IP address. As suggested by a Microsoft auto generated solution I…
internalserver error when deploying firewall
Have been unable to deploy Azure firewalls today, using either deployment pipelines or using the portal, even tried differenent tenant to rule out any forced policies, same error: { "code": "InternalServerError", …
P2S VPN to Azure Firewall
Good afternoon Everyone, We're looking to see if this is an option within Azure or not. We currently have an Azure VPN (VNG) and an Azure FW. We DO NOT have an on-premise network. We are completely a cloud environment. Our goal is to use firewall to the…
Through tag, shutdown and start the firewall in Aazure?
According to the title, I would like to know if there is a way to turn off and on a firewall through tags, I need to configure it with this specification, making the schedule. Thanks
Azure VPN with public static Ipv4
Hello, We're currently facing a challenge in setting up a Point-to-Site (P2S) VPN in Azure that aligns with our specific infrastructure requirements. Our on-premise network is configured to allow traffic only from whitelisted IP addresses, and we use a…
Azure WAF is very restricting
Hi In our Azure config, we have an ApplicationGW+WAF in front of APIM. So all external requests pass through the WAF before routing towards APIM. The WAF (owasp rules) seem to be very very restrictive. We get a lot of blocked requests due to rule…