How to check detail outbound traffic of AKS with Azure Firewall setup
Hi, We have a AKS and all outbound traffic from this AKS are forwarded to a Azure Firewall with a user-defined route table. May I know where can I find the detail log of the outbound traffic? The closest log I can find are the AZFWApplicationRule and…
Routing To On-Prem from Azure Spoke VNET
Hello Need some help in understanding how routing is actually working. Proposed hub and spoke set up. The Hub will contain our Azure Firewall and a Express route vpn gateway which connects to our onprem datacentre. We plan to connect 3 spoke VNETS to the…
Azure Firewall outbound traffic
Hello Everyone, How to check the total outbound internet traffic for the last 30 days in Azure Firewall. Please advice. I searched in the metrics, but it did not display anything related to outbound traffic. Although "data processed" is…
How to associate an existent Public IP with Azure Firewall
Hey guys, Is it possible to use one or more existing/pre-defined IPs with the Azure Firewall? *The Firewall is in a secure hub environment There are documents/scripts to create new IPs and associate them with the Firewall, via portal as well, but none of…
Azure firewall high data processed
Hello All, I need you help to identify the issue. I observed a pattern in the Azure firewall metric for high data processing from January 24th, 2024, and I want to identify from which source it is generating high traffic. Due to this, the cost has also…
User not able to access the one of the website service and getting i/o error
We have an environment hub and spoke model with outbound internet controls via Azure Firewall . One of the Source machine generating traffic towards internet towards website .Website is accesable but one of the service is not working . Error showing my…
For firewall settings on systems receiving communications from Azure, how to restrict IP source
I have a cloud based server application that is being accessed by Azure based cloud applications. I need to protect my application from misuse by Firewall and really only want to permit access at the Networking level for particular customers. For the…
Using Azure Firewall to regulate traffic between subnets of a Virtual Network
We have a Virtual network (e.g. 10.x.0.0/19) with multiple subnets (10.x.1.0/24, 10.x.2.0/24, 10.x.3.0/24) and an Azure Firewall. We have custom Route Tables assigned to subnets to direct traffic to the Firewall interface. An Azure Firewall regulates N/S…
Change Azure Firewall from Force Tunneling to use the Azure FW for Internet traffic
Hi, we have recently migrated most of our workload from on-prem to Azure and we have currently S2S VPN connections between 2 of our on-prem sites and Azure. For phase 1, we used FW in force Tunneling mode to force all Internet traffic to our on-prem FW…
Delay after whitelisting an IP address
Hi, I have a github action that builds and deploys a static website into a Azure Storage account. By default the storage account's firewall rules deny incoming connections so I need to whitelist the github runner's current IP for the duration of the…
Application Gateway Configuration for Seatable.
Hello, I am not familiar with seatable and would require help with setting up application gateway to access seatable application in Azure. Environment: Huba and Spoke Network Topology. Application gateway and firewall are deployed as shared resources…
Delete Azure Firewall - Visual Studio Subscription
Hello, i need help with the following Problem: I ran out of monthly Credit in Azure with my Visual Studio Subscription. I have n Azure Firewall that i want to delete. If click on delete, i get the error: 'Azure Firewall firewall1 failed to dereference…
Effect of enabling DNS proxy in Azure Firewall.
My environment has an Azure firewall configured as a shared resource. connection to smpt.office365.com in the above firewall was configured using application firewall rule to port 587, but we are unable to send emails. The plan is to re-configure the…
Rule swap in azure firewall
Hi, Since this week when I perform a Terraform plan against my Azure Firewall, rules are listed in random order in the rule collection and the same goes for rule parameters. If I apply this plan, real changes are done against the firewall which last more…
How would I allow connections from my V-NET hosts to *.azurewebsites.net/*?
I've tried using a Network rule that allows traffic to AppService tag. My clients in the V-NET attempt to connect to something.azurewebsites.net/restofpath So far I just get 403 errors.
Confirm if IDPS in Azure firewall is active when behind Azure Application Gateway WAF
My scenario is: [Internet] -> [Azure AGWAF] -> [Azure Firewall] -> [Load Balancer] -> [App Servers] Azure Firewall is Premium, with IDPS & Threat Intelligence enabled. Inbound HTTPS traffic hits the AGWAF, is (WAF) filtered and then…
What is https://aka.ms/. Why is this firewalled?
Is https://aka.ms/vs/17/release/vs_enterprise.exe safe? I can't access anything from Microsoft anymore because https://aka.ms/ is blocked behind my company firewall. What is https://aka.ms/? Why did Microsoft start putting all MSDN downloads…
NSG - Network security group - How to block traffic
Hi, I have a virtual network and subnet 10.185.23.0/24 in it. There is VM with IP 10.185.23.4. We have domain controllers in seperate Vnet and subnet 10.185.4.0/26. I want to block any outgoing traffic towards one of the domain controller 10.185.4.7…
Azure Firewall upgrade and preservation of public IP
Hello! I have a question about upgrading the SKU of Azure Firewall. If I change from Standard to Premium using "Azure Firewall easy upgrade/downgrade", will the public IP that is added to the Secured Virtual Hub still be preserved? Thank you.
Sample Log Analytics queries are just wrong
When I go to logs in the Azure Portal for the Firewall and it drops me into Log Analytics, but the sample queries don't work. This is really poor quality and I don't understand why it's allowed to happen. As a user of the service I shouldn't have to…