Route all outcoming traffic from Azure VM via Azure Firewall to on promise
We are utilizing a Hub and Spoke network topology within our Azure environment and are aiming to establish a network architecture that mirrors this setup. Specifically, we have an Azure VM located in a Spoke (subnet) that is paired with the Hub Vnet…
How to get all firewall rules with all the properties via Azures Resource Graph?
Hi, I need help with proper formulation of a query that would give me all firewall rules with all properties so it can be saved as a CSV file. All rules from a particular directory.
Azure Firewall TLS inspection fails with handshake failure, alert 40
interCA-old.pfx.txt Hello, I'm trying to setup Azure Firewall with TLS inspection. I cannot get past one problem. Problem: Firewall fails to process rule. Chrome/Edge browser error: ERR_SSL_VERSION_OR_CIPHER_MISMATCH openssl error: $ openssl s_client…
Add o365 rules to Azure Firewall
Hi, I need to add all the necessary Firewall rules for VM's in our Azure estate so they can activate against Microsofts servers. What are the ports/URLs needed for this? And how do I go about implementing into Azure firewall? Kind regards
Azure Firewall I see the
Azure Firewall reports the following problems: Failed to resolve FQDN microsoftmetrics.com. Error lookup microsoftmetrics.com on 127.0.0.53:53: no such host; DNS resolution returned no IPs. It comes from AzureFirewallSubnet subnet. So seems that Azure…
Network configuration to allow communication with new IP addresses for Azure Data Factory
I need to understand what changes are required on NSG and Firewall Perspective for below alert? Recommended action If you're affected, notify your network infrastructure team to update your network configuration to add these new IP addresses by 1 April…
Hosting Django Server in port 8000 and accessing it from ip address
Hello I went to django manage.py runserver 0.0.0.0:8000 which runs server perfectly but i am unable to acess it from azure public ip address as mentioned on both network interface or virtual machine eg: http://
Most cost effective way to secure 2 VMs running a webserver
Hey, I am conducting a project where I will have 2 VMs for redundancy, they will have the same configuration. The VMs will essentially be running docker, portainer and OpenCTI. What is the best way to secure these, there seems to be so many…
Azure Firewall High Latency
I have a firewall setup of standard SKU type what is the recommended latency probe recommended for standard SKU. If it reaches the maximum latency how we can resolve?
How does the ‘Allow public access from any Azure service within Azure to this server’ option in PaaS firewall settings function from a technical perspective?
How does the ‘Allow public access from any Azure service within Azure to this server’ function from a technical perspective? I understand this setting allows all Azure services and other customer resources to connect, but behind the scenes, how is the…
How to route all incoming traffic from on premise via Azure Firewall
I have site to site VPN i created Azure firewall on same virtual network as Gateway. I have Hub and Spoke network topology. I want all the traffic coming from on-premise to be routed through Azure Firewall.
AzureFW HA failure behavior
My customer has a couple of questions around the behavior of AFW in a failure scenario. I have investigated doc’s and Q&A and haven’t found any good answer. Could you please provide some detailed input to the following questions. Scenario: Azure…
Alternative to closing ports used by Azure Virtual Network Gateway
It is to my understanding that Azure Virtual Network Gateway requires some ports to be open for Azure infrastructure communucation and that there was no way to close said ports on the Network Gateway. My question is if there is an alternative or…
How to redirect traffic from public ip of VM to firewall then to private IP of VM?
Hello, I have a problem with unusual infrastructure in Azure. I deployed firewall (pfsense) on default VNET 10.0.0.0/24, assign private IP: 10.0.0.4 for pfsense and I added route table: default route: 0.0.0.0/0 next hop is 10.0.0.4 (priv IP of pfsense)…
Azure VPN Gateway and Azure Firewall - S2S communication filtering
Hi Everyone! Please, I need your advice. I have Virtual network gateway which connects three on-prem sites (3 x Local network gateways). This part works perfect. There are only route and policy based routing (no dyn). All endpoints can ping each other…
Inbound traffic to public IP address associated to Azure Firewall Premium
How to allow inbound traffic to public IP address associated to Azure Firewall Premium?
How to configure Application Gateway before Azure Firewall to App Services
Dear Microsoft community, I have an application gateway setup with WAF with app services as the backend pool targets. I have also setup access restrictions in the app service networking to only allow traffic through application gateway. Till here…
Allow all outbound traffic through Azure Firewall
I followed the guide for implementing a new fresh Azure Firewall environment. I have set up a route table with traffic 0.0.0.0/0 to my Azure Firewall, but yet I want to route all internet traffic through this firewall to outside without any exceptions? …
Inbound port based routing
Hi, I have an issue where I require end users accessing the same public DNS name using different ports to be redirected to different public endpoints. For example - users accessing domain.com over port 80 get directed to the public IP of an…
Implementing Azure Firewall and Application Gateway in parallel
We have an existing Azure Application Gateway(AGW subnet) with WAF policies defined in our main VNET where host(host subnet) and proxy(proxy subnet) machines also reside. We have another VNET for SFTP servers(sftp subnet). Now we are implementing Azure…