WAF azure websocket problem
Hey everyone, I have trouble with app-gw and WAF. The problem is that we implement a websocket and in the app-gw log comes this one: error_info_s: ERRORINFO_UPSTREAM_TIMED_OUT WAFMode_s: Prevention Have another app-gw without WAF and the same config,…
Azure Application Gateway and NTLM
Hi, I asked this question here last year, but never received an answer. Trying again, given recent (unsurprising) news: We just received notice that Application Gateway v1 will be retired in April 2026. Does, or will, Application Gateway v2 support…
Azure APPGW+WAF can be used to replace On-Perm IIS (ARR+NLB) during migration.
Hi All, We have a web farm with IIS (ARR + NLB) configured on-premises servers. Can we remove the IIS(ARR+NLB) layer and use Azure AppGW+WAF to route and Protect the web traffic when we migrated the servers to Azure? Thanks & Regards, Veera.
Migrate Application Gateway V1 to V2 through script - receiving error
Hello, We are still running Azure Application Gateways on V1. As V1 will be retired soon, we would like to upgrade them to V2 through the migration script that Microsoft provided here. Through my local PowerShell I firstly ran the command…
Getting 0 results for partitioned external table in Azure Storage
I have an Azure App Gateway's WAF logs being written to blob storage and I'd like to query the data. We have been using Log Analytics to do this, so the move to blob storage is part of an effort to see if we can store the data with a retention policy…
dns resolving not working in azure environement
hello, so i have been looking for a solution for a couple off days now. i' am deploying a frontend (dockerized vue.js) and a backend (dockerized asp.net application). both are inside a subnet (containers) inside a vnet. there is a application gateway…
How to fix Azure Plesk FTP not listing directories after inbound and outbound rules, passive mode is set ? Plesk say its someting to do with NAT and routing.
the connection was allowed, and the incoming packet arrived on the Plesk server: But at the same time, from my test server, packets do not reach the Plesk server: Not a single packet arrived on the server, that is, it was blocked or not…
[Azure] Is it possible to utilize the blob SAS URL in the custom error pages of the application gateway?
Hello, I came across the "Create Application Gateway custom error pages" documentation, which states that for setting up custom error pages, the blob storage needs to be accessible directly. So, can we utilize a Blob SAS URL in the custom…
How to show trace info on custom error pages when WAF blocks a request and returns a 403?
If a user does something that triggers a 403 because the WAF blocked the request, I would like to show some extra information in the custom error page that I have already set in the Application Gateway, so it will be easy to identify in the Log Analytics…
Why Azure Application Gateway drops dashes between transactionId and x-appgw-trace-id
The Application Gateway docs state that (source): X-appgw-trace-id is a unique guid generated by application gateway for each client request and presented in the forwarded request to the backend pool member. The guid consists of 32 alphanumeric…
Export waf owasp managed rulesets for analysis
I have a couple of application gateways, each having its own waf rulesets. I am trying to export the rules to a CSV so I can compare the differences between them, is there a good way to do this either software tool, CLI/PS or GUI? Any assistance is…
Why in the WAF V2 do I get a log file stating that the request was blocked but in the application the request was successful and the record was updated?
I have a rule 941320 triggering when posting putgroup into a web application. I understand why this is, it is because it has HTML tags in the payload. The bit I don't understand is why the firewall logs show this request as blocked in the log files but…
Azure front door support for private endpoint to AppGateway
Hi I understand Azure front door can connect App Gateway as an origin, However, it seems according to the reference below, AFD does not support private endpoint to AppGateway. If this is the case, is there any roadmap for this feature? Similarly, would…
The key vault must have GET permissions on secret + Error While Configuring Application Gateway Listener
Hi I'm trying to add a Basic type listener to an Application Gateway instance. While doing so, I wish to choose an SSL Certificate stored in a Key Vault that has access policy configured to allow Get and List permissions to the user-assigned managed…
Certificate #2: RSA 2048 bits (SHA256withRSA) No SNI -- Mismatch, SSL Test gives back a different domain name
I have few applications hosted in IIS on a windows server. which are routed through Azure APP Gateway. I'm enhancing the SSL configuration across all my domains. Upon running the ssllabs.com test revealed a second certificate(Certificate #2: RSA 2048…
What Authentication solution would you suggest in this scenario?
Context: We are migrating from Azure App Gateway V1 to Azure App Gateway V2 for load balancing. For authentication purposes, we used NTLM which AG V2 does not support. Now I am trying to find an alternative. Ideally, I want the authentications to…
How to fix a recurring 502 bad gateway error
We haven't touched our DNS setup for ages. Still, within the last few weeks, Cloudflare returns sometimes a Cloudflare-branded HTTP 502 error, which means our Azure web server responds with a standard HTTP 502 bad gateway error. Do you know what the…
Unbale to create resources through Azure CLI & prompting resource quota in multiple seperate regions
Hi Team, Presently I am learning & preparing for AZ-104 exam and as a part of that continuously learning & performing hands-on in my free subscription . But today when try to spin up resources like Application Gateway Ingress controller &…
Setup custom DNS at application gateway for multi-tenant solution at a sub-domain level
In AKS we have UI running in a pod which is exposed by ingress controller on port 80, this is common for all tenants. In a VM which is multi-tenant, we have two applications running on port 8180 and 8230. Our requirement is http://example.com should…
Azure Application Gateway error on update configuration
Get-Error.txt When we try to update the Azure Application Gateway in the portal or Azure CLI we get an error. It doesn't matter what we try to update, the error is displayed on all updates: Link not found: Microsoft_Azure_Network not found Link not…