Azure Firewall Rule Conf

alsavi1984 21 Reputation points
2021-09-28T20:09:40.07+00:00

Hi,

I have questions about network rule creation as I have doubts about it.

Which type of source addresses are allowed? Could I configure different ip address separated with commas, different CIDR ranges or a mixture of its?

Then in the Destination Addresses field could I use a mixture of CIDR nets and Ip addresses?

I will be very grateful If you could help with it.

Thanks

Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
572 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. suvasara-MSFT 10,011 Reputation points
    2021-09-29T07:57:49.453+00:00

    @alsavi1984 , Yes, you can configure a single IP address or IP's separated with commas. Incase of adding address range you can select IP group option. An IP Group can have a single IP address, multiple IP addresses, or one or more IP address ranges.

    The following IPv4 address format examples are valid to use in IP Groups:

    Single address: 10.0.0.0
    CIDR notation: 10.1.0.0/32
    Address range: 10.2.0.0-10.2.0.31

    136167-image.png

    Note: IP Groups are not currently available in Azure national cloud environments.

    The same goes with destination address field as you have option to select IP group.

    136232-image.png

    Reference Doc

    ----------

    Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.

    0 comments
  2. alsavi1984 21 Reputation points
    2021-09-29T13:41:26.223+00:00

    Thank you Suvahara.

    My question was related about using different single ips plus network ranges. I think it is possible.

    The problem here it's about creating more than 100 hundreds ipgroups. I will expect that MSN could solve it.

    Kind Regards