Any need of firewall if IP are restricted?
Hello, We are using azure kubernetes service over 443 port. We have enabled the IP range restricted Vnet due to which the services are only accessible from our organization. It is kind of an intranet and nothing is exposed over internet. In addition, a…
Application Gateway - Difficulty understanding the concept!
Hi, We are implementing a scenario that we will use this feature to direct the accesses of our web pages to each ILB. We will have three ILBs with two servers each ILB. But we have no idea of dimensioning, so should we use the default settings? …
The 'transactionId_s' field of App Gateway WAF log
1、What kind of information is field transactionId_s responsible for statistics? 2、What happens when the transactionId_s field in the exported WAF log has no data?
token lost in the redirection between application gateway and identity server in azure
We have azure environment with application gateway which has ui and api services with ingress controller. When user launches the url of the SPA web application user is redirected to Microsoft Identity Server. After the login is done user is redirected…
Azure Application Gateway /WAF v2 provisioning keeps failing
Hi All, We are trying to provision an App Gateway (WAF v2) in a dedciated VNET which is peered with the Transit/Hub Vnet, However the App Gateway provisioning keeps failing with below error "code": "Conflict", "message":…
SP 2016 sites are not loading correctly
Hell All, I have web application which hosts multiple applications with different DNS names. We have intranet.xxxxx.com, teamsite.xxxxx.com, mysite.xxxxx.com, etc. as the main user-facing interfaces. For example photos are coming from mysite regardless…
PowerBI Gateway "Cloud Data Sources"
We are considering checking the "Allow user's cloud data sources to refresh through this gateway cluster " checkbox for our PowerBI Enterprise Gateway. What does "Cloud data sources" mean though? Is this restricted to azure cloud…
Generate PFX using Microsoft Stanadalone CA
Hi All, I am looking for a programmatic approach for generating certificates for Application gateway / SSL offload purpose using Standalone CA. We have our signing root certificate which we have used while configuring the standalone CA. Can we…
Removing port from request headers
Hello everyone, I am trying to run ruby on rails application in Azure, but came across a small problem. The app returns "IPAddr::InvalidAddressError", when some headers in HTTP request contain port. So I deployed an application gateway…
TLS using Application gateway
currently have a listener on our application gateway configured for http request on port 90 and associated with the HTTP setting(Appgateway_httpsettings1)configured to route requests to the backend server on port 90. However, I would like to change the…
Create a virtual network for protecting a storage account in Azure
In Azure, we have a app service plan, then an application WordPress install which is used by our marketing team to update content. Then, the content is exported as a static HTML, WordPress app is stopped, and static HTML loaded into a Azure storage…
WAF support for Web Apps
Here is my scenario: I have multiple Web Apps (multi-tenant) in an App Service Plan as follows: custA.azurewebsites.com custB.azurewebsites.com Above apps are same except they point to its won tenant DB. So custA talks to DBA, custB talks to…
SignalR and the WAF in Application Gateway
If I host a Blazor server side website in Azure using an App Service and the Azure SignalR service, and in front of this website there is the Azure Application Gateway. Will the SignalR packages go through the WAF? Plus will the WAF be able to detect…
Are webservers behind a WAF safe enough to be classed as trusted
Hi, I am after some advise on a hub and spoke design idea. If I have a hub that contains a firewall and a WAF where the WAF is forwarding traffic onto a webserver in a spoke virtual network. Would you then class that web server / virtual network as…
Azure Application Gateway rules
This page describes how to configure URL pathing rules for an app gateway https://learn.microsoft.com/en-us/azure/application-gateway/create-url-route-portal It says the default, for URLs not explicitly defined in rules, is to forward traffic to…
Set Database Extension fails with GatewayTimeout after restoring DB from .bacpac
I am attempting to import a database via a .bacpac file which I have stored in blob storage. I have created an Azure SQL serve, and followed the import steps described in the video attached:…
is it possible to block the traffic to one node with in the AAG(azure application gateway) using the port check
is it possible to block the traffic to one node with in the AAG(azure application gateway) using the port check, For example if i bring down the traffic port 15999 in node , how would AAG redirect the traffic to other node and not complete the existing…
Azure Application Gateway | Rule ID 913101 Python Requests are getting blocked
Hi , When we are trying to send requests to APIM using Jupyters notebook in Python, We are getting blocked in the application Gateway like the below "ruleId": "913101", "ruleGroup": "913-SCANNER-DETECTION", …
Requests to URL with length greater than 3776 characters return with status code 400
Hi, whenever our request URL exceeds the length of 3776 characters, the Application Gateway returns HTTP status code 400 (we know it's the Application Gateway returning since the same requests return fine when not going through the Application…
Making requests to external hostnames from backend pool services
When using the Azure Application Gateway, is there a way for services in the backend pool to make requests through the frontend IP of the gateway, in order to request public URLs? In this example, the VM wants to make a request that hits the App…