Azure Application Gateway - Firewall
Hi Q&A, If a specific IP adress is blocked by the APG firewall, how can it be whitelsted/removed from being blocked? One can find the IP adress in the log.
Azure Application Gateway Mutual authentication and client_certificate_verification server variable
Hi, I have mutual TLS enabled, but when client does not send any certificate then I get "400 Bad Request No required SSL certificate was sent" - that's ok. But, is it possible to use client_certificate_verification server variable to pass…
Application Gateway URL Masking Feature
Hi Everyone , I have a requirement to configure URL masking feature in Application Gateway . Is there any feature available in App Gateway Thanks Gopinath B
403 forbidden response from private endpoint
Hello, I have one VNET with two subnets. One of these have a private web app with a private endpoint. The other one have an application gateway for load balancing and web application firewall. Nonetheless, i have an issue with my backend in…
WAF Mandatory rule blocking my user register using google or facebook is there any to disable mandatory rule ?
{ "timeStamp": "2021-01-29T11:03:40+00:00", "resourceId": "/SUBSCRIPTIONS/0000000000-0000000-0000000-000/RESOURCEGROUPS/resourcegroup/PROVIDERS/MICROSOFT.NETWORK/APPLICATIONGATEWAYS/WAF-GATEWAY", …
Container apps can't be used as application gateway's backend?
Hi, i've tried to user container app as application gateway's backend with following steps 1. created a new vnet 2. create a new container app with step 1's vnet 3. create a application gateway on same vnet, and add backend…
Cannot access prometheus and grafana from browser
I have aks,appgw , sample webapp ,public ip deployed in azure. In aks I installed prometheus and grafana using helm. I can curl -L http:localhost.com:9090 (prometheus port -9090) in aks but can't access localhost:9090 in browser as my laptop and aks is…
Internal Load Balancing solutions for Azure Cross region environment
Hello , I am trying to design a Geo redundant RDS infra for our Customers on Azure. This is an internal RDS infra only and I am trying to provide regional redundancy to Rdweb URL. As I studied none of the global load balancers like traffic…
[Virtual Gateway] Reverse Proxy over VPN
Hi folks, I finally set up my dream networking config so I don't have to expose my house's IP address. However, the cost is running up really fast and will blow the budget before the monthly refill... So I either chose the wrong things in Azure, or…
Azure service availability
The mentioned link states 3 types of services ": https://learn.microsoft.com/en-us/azure/availability-zones/az-region Zonal services: A resource can be deployed to a specific, self-selected availability zone to achieve more stringent latency…
Exclude/exempt specific IP from WAF managed rules
Hi, I have an application hosted on Azure WAFV2, I need to define an exclusion using client IP address. Basically any request coming from that IP should not be examined against OWASP 3.2 managed rules. I tried defining exclusions but IP specific…
Query on mandated vnet peering when using internal IPs in backend pools
Hi, In the component basics section of documentation [1], it notes "If you use internal IPs as backend pool members, you must use virtual network peering or a VPN gateway. Virtual network peering is supported and beneficial for load-balancing…
Exclude Website from WAF Policy
Hi There, I have an Azure Application Gateway with WAF Policy used to secure access for x of websites hosted on Azure VM. For one of those website I want to configure WAF exclusion, so the website just bypass the WAF. I found this article:…
Application gateway permit http traffic the first time
Hello , I just create a new AG v2 , I configure rule to redirect http to https and it works ,the problem is if i put a url with http the firt time it works ,but if i click on the website ,it redirects me to https. How can i do for redirecting…
File download issue
We are not able to download file size more than 50 MB on app gateway V1. Can anyone help me on this?
Aplication Gateway and HTTP compression
Hello, I want to know if Web Application Gateway supports HTTP compression in Azure?
I want to ask about Application Gateway Firewalllogs
Hello experts and community. My name is Lee and I am working as a security engineer. As for the phenomenon I am experiencing, I am building a process to collect logs by linking WAF Policy to the application gateway, but I do not know what the…
azure frontdoor origin health percentage is 0%
I configured azure app gateway as my origin and Health probe is also enabled. When I check the Origin health percentage metrics it is showing 0%. What may be the reason for it? How health probe works in terms of Application Gateway? If I have…
How to convert and upload a wildcard SSL certificate chain to Azure Gateway
I have a wildcard ssl certificate chain for *.mydomain.one. The certificates are pem files and look like: Thawte RSA CA 2018.pem DigiCert Global Root CA.pem mydomain.one.pem With the following begin/ending: -----BEGIN CERTIFICATE-----…
Problem_forward_taffic_from_Application_Gateway
I have configured an App gateway with 2 backend pools (stagingv&vproduction) each pool has 1 VM each VM has a public and private IP address. We have provided third parties companies with the public IP address of the APP gateway to white list we…