Azure Firewall for development cost reduction - I need to keep the static IP
I am in development and the app environment requires a static IP which is registered with 3rd party for their white list. This application also requires an SSL certificate for use as client certificate with this IP. I see that the Azure firewall on…
Upgrade to Premium Azure Firewall SKU
Hi, We are planning on upgrading our standard Azure FW SKU to a premium SKU soon using the upgrade function in the portal. The premium SKU introduces IDPS, I was just curious as to whether that is enabled by default once you upgrade or if it is something…
Storage Account with Private Endpoint. Can it be accessed from Public IPs through Azure Firewall?
I have a Storage Account with Private Endpoint. My Vnet is protected with Azure Firewall. Storage Account is accessible from On-premises or other (through Azure VPN GW) and from other peered Vnets. All traffic to the Storage Account Private Endpoint is…
Azure Firewall & Application Gateway Regional Configuration Clarity
Hello team, Good day!! I have setup Azure Firewall and Application gateway which are 3+ years old now, and during that time, I believe there wasn't an option to choose zones for these two resources and if I check the properties in the JSON of it, I don't…
How to route specific traffic through Azure Firewall via Site 2 Site BGP enabled VPN
I have two virtual networks on Azure: Vnet1 (10.1.0.0/16) and Vnet2 (10.2.0.0/16). These Vnets are connected by an Azure VPN gateway using Site-to-Site BGP enabled VPN. Currently, VM1 can ping VM2, and VM1 can also ping the firewall in Vnet2. I have…
azure firewall logs not showing
when I'm running azure firewall logs i get message like this 'parse' operator: Failed to resolve scalar expression named 'msg_s' Request id: 96c34b02-3935-49f2-978f-db9cc5d7dcf9 also i don't get any logs from azure firewall
Why are Network Security Group (NSG) Default Rules Greyed Out?
Feels weird to ask this question since it's something I should know, or something I should be able to confirm just via testing with IP Flow Verify. When you add your own rules to an NSG, the default rules become "grey" in color. Obviously, you…
Option to use existing Azurefirewall to secure an existing hub
I am trying to secure vWAN hub with existing Azure firewall but there is an only an option to link Firewall policy from hub -firewall - security hub. When I link the existing policy it creates and new firewall and error out the policy cannot be linked…
IIS Server websites not working after setup Azure firewall policy.
Hi Guys, Thanks in advance for your help. I have issue with IIS website access after setup azure firewall and policy,. Please help me. I am new for Azure netwotking,
Missing description field for Azure Firewall Policy Rule Collection Group rules
In the reference documentation for creating rules in rule collection groups in Azure Firewall Policy the description field is listed as valid for individual rules:…
Azure Firewall: Identifying SourceIPs with High SNAT Port Utilization
I received an alert that the SNAT port utilization for my Azure Firewall is high. Is there a way to see which SourceIPs are consuming more SNAT port data? I tried using a Kusto query but was unsuccessful. Can anyone help me identify the SourceIPs with…
Trouble Opening Port 443 (HTTPS) in Azure Despite Configuring NSG: Need Assistance!
I've correctly set up inbound rules in the Network Security Group (NSG) on Azure to open ports 80 and 9000, and both are functioning as expected. However, I'm encountering difficulties opening port 443 (HTTPS). Even after adding a specific inbound rule…
How to create a Workspace Managed Virtual Network Isolation if the Microsoft Documentation is outdated?
Hello! I am following the step by step to configure an Azure Machine Learning Workspace (https://learn.microsoft.com/en-us/azure/machine-learning/how-to-managed-network?view=azureml-api-2&tabs=azure-cli) that can connect to a Azure Storage Account…
Setting up Azure Firewall for network perimeter
How can I set up Azure Firewall for better security and at more of the resource group level? I already have a network security group (NSG) set up with IP whitelisting for an exposed endpoint, but I'm not sure how to connect the filtered traffic to the…
When to use Azure WAF or Azure Firewall ?
Hi Folks, Can anyone here please share some thoughts and comments of when to use Azure WAF or Azure Firewall? I have already existing Azure ExpressRoute so my Azure VMs can ping my OnPremise servers, and vice versa. My purpose here is to be able to…
cannot read firewall log
When I try to run query against the firewall logs, below error returns: 'parse' operator: Failed to resolve scalar expression named 'msg_s' If the issue persists, please open a support ticket.
Azure Firewall Service Tag AzureCloud
Hi We're in the implementing phase of Azure vWAN combined with Azure Firewall and Azure Firewall Policies. We've configured a network rule which allows the port 80 and 443 to the service tag "AzureCloud" which should include all IP ranges from…
How can I configure my .NET app to use Azure Firewall proxy in explicit mode?
I'm trying to use Azure Firewall in explicit proxy mode to test that my .NET app works when configured with a proxy. The .NET app uses the WebProxy class to configure the HttpClient:…
How to get all firewall rules across multiple subscriptions and multiple RG's with all the properties via Azures Resource Graph?
Hi, We are looking for some help with proper formulation of a query that would give us all firewall rules with all properties . We have multiple firewall both with classic rules and firewall policy ones as well spread across multiple subscriptions.
how to configure traffic pass through onpermis firewall to azure firewall
hi My Architecture design On-premise Sophos firewall configuration site to site VPN (Azure) established static route configure 10.60.0.0/16 windows server(172.16.16.0/24) AZURE - Hub and Spoke design HUB VNet -Deployed (10.50.0.0/16) Azure…