Azure Firewall Manager
An Azure service that provides central network security policy and route management for globally distributed, software-defined perimeters.
83 questions
1 answer
azure firewall rule collection vs rules
azure firewall rule collection vs rules how determine the collection of rules. How to plan collection? Can I keep all ADDS collection group e.g. with inbound rules for client, outbound /inbound for DC to DC rules, inbound for management and reporting…
asked 2024-04-23T16:05:24.24+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 46%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
prasantc
751
Reputation points
edited a comment 2024-04-24T05:28:39.6733333+00:00
GitaraniSharma-MSFT
47,086
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Missing description field for Azure Firewall Policy Rule Collection Group rules
In the reference documentation for creating rules in rule collection groups in Azure Firewall Policy the description field is listed as valid for individual rules:…
asked 2022-10-03T18:06:51.19+00:00
Mats Estensen
46
Reputation points
commented 2024-04-22T14:18:37.2833333+00:00
KapilAnanth-MSFT
34,926
Reputation points Microsoft Employee
7 answers
When to use Azure WAF or Azure Firewall ?
Hi Folks, Can anyone here please share some thoughts and comments of when to use Azure WAF or Azure Firewall? I have already existing Azure ExpressRoute so my Azure VMs can ping my OnPremise servers, and vice versa. My purpose here is to be able to…
asked 2020-11-15T13:17:27.597+00:00
EnterpriseArchitect
4,721
Reputation points
answered 2024-04-16T12:18:12.6+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 96%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
carlintveld
26
Reputation points
0 answers
How to get all firewall rules across multiple subscriptions and multiple RG's with all the properties via Azures Resource Graph?
Hi, We are looking for some help with proper formulation of a query that would give us all firewall rules with all properties . We have multiple firewall both with classic rules and firewall policy ones as well spread across multiple subscriptions.
asked 2024-03-11T11:38:10.5133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 96%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENS%3C/text%3E%3C/svg%3E)
Nishant Sharma
0
Reputation points
commented 2024-04-05T12:26:01.6533333+00:00
GitaraniSharma-MSFT
47,086
Reputation points Microsoft Employee
1 answer
Azure Firewall outbound traffic
Hello Everyone, How to check the total outbound internet traffic for the last 30 days in Azure Firewall. Please advice. I searched in the metrics, but it did not display anything related to outbound traffic. Although "data processed" is…
asked 2024-03-18T11:06:23.2066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 21%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
krutibasa majhi
0
Reputation points
commented 2024-03-20T12:33:40.32+00:00
KapilAnanth-MSFT
34,926
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
How to associate an existent Public IP with Azure Firewall
Hey guys, Is it possible to use one or more existing/pre-defined IPs with the Azure Firewall? *The Firewall is in a secure hub environment There are documents/scripts to create new IPs and associate them with the Firewall, via portal as well, but none of…
asked 2024-03-12T12:14:47.4233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 65%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERR%3C/text%3E%3C/svg%3E)
Rodrigo Rosa
41
Reputation points
accepted 2024-03-19T11:14:57.63+00:00
Rodrigo Rosa
41
Reputation points
1 answer
Change Azure Firewall from Force Tunneling to use the Azure FW for Internet traffic
Hi, we have recently migrated most of our workload from on-prem to Azure and we have currently S2S VPN connections between 2 of our on-prem sites and Azure. For phase 1, we used FW in force Tunneling mode to force all Internet traffic to our on-prem FW…
asked 2024-03-14T10:29:28.19+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 21%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGA%3C/text%3E%3C/svg%3E)
Ghulam Abbas
151
Reputation points
answered 2024-03-14T12:22:35.4933333+00:00
GitaraniSharma-MSFT
47,086
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Azure Firewall upgrade and preservation of public IP
Hello! I have a question about upgrading the SKU of Azure Firewall. If I change from Standard to Premium using "Azure Firewall easy upgrade/downgrade", will the public IP that is added to the Secured Virtual Hub still be preserved? Thank you.
asked 2024-03-05T07:37:22.7533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 90%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Sheik Mohamed Yasar
105
Reputation points
commented 2024-03-06T15:04:18.8633333+00:00
Sheik Mohamed Yasar
105
Reputation points
1 answer
One of the answers was accepted by the question author.
Cannot delete Azure Firewall nor Firewall policy
Was trying out the Azure Firewall with my MPN subscription. Was not sure what the cost was so let it run for a couple of days. Now it's reached the spending limit and my MPN Azure service is disabled though the firewall isn't really…
asked 2024-03-04T06:30:42.54+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 69%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWC%3C/text%3E%3C/svg%3E)
Wing Chang
20
Reputation points
accepted 2024-03-05T08:31:49.36+00:00
Wing Chang
20
Reputation points
1 answer
How to connect AWS to Azure using P2S?
Hi, I want to know, if have Domain Controller in AWS (treat it as on-prem network), have Palo alto firewall that does VPN connection and if we want to connect azure network to aws network how will do? Can we please help me with an architecture diagram…
asked 2024-02-22T18:20:50.25+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 33%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKK%3C/text%3E%3C/svg%3E)
Khushboo Kumari
0
Reputation points
edited an answer 2024-02-23T09:30:43.25+00:00
Jackson Martins
9,641
Reputation points MVP
1 answer
One of the answers was accepted by the question author.
Azure Firewall High Latency
I have a firewall setup of standard SKU type what is the recommended latency probe recommended for standard SKU. If it reaches the maximum latency how we can resolve?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 44%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)
7 answers
One of the answers was accepted by the question author.
Azure WAN and P2S VPN Forced Tunneling
I have setup Azure WAN with a secured hub(Azure Firewall). WAN also has a P2S VPN which am successfully able to connect to. I understand forced tunneling was not an option before Azure VWAN, but now can i do forced tunneling for my P2S clients and give…
asked 2021-10-14T02:57:10.967+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 68%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Ajeet Singh
71
Reputation points
commented 2024-02-15T22:16:57.49+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 70%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENG%3C/text%3E%3C/svg%3E)
Navyanth Gowda
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Inbound traffic to public IP address associated to Azure Firewall Premium
How to allow inbound traffic to public IP address associated to Azure Firewall Premium?
asked 2024-01-22T06:19:42.4133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 85%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJE%3C/text%3E%3C/svg%3E)
John Emil Billones
20
Reputation points
accepted 2024-02-08T06:08:35.8566667+00:00
John Emil Billones
20
Reputation points
1 answer
How to migrate Azure Firewall Policies/Configuration to a different Azure account?
What is the process for migrating or importing existing Azure Firewall Policies/Configuration to different Azure accounts? I have a "template.json" and "parameters.json" file from another Azure Firewall setup, and I want to import…
asked 2024-01-29T10:24:03.38+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 60%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJA%3C/text%3E%3C/svg%3E)
Jaikishan A Sah (jaisah)
0
Reputation points
commented 2024-02-02T09:19:13.4933333+00:00
KapilAnanth-MSFT
34,926
Reputation points Microsoft Employee
1 answer
I can't see an option to change firewall rules under setting in firewall
I want to add firewall rule under settings in azureFirewall but there is no option to do so
asked 2024-01-21T16:42:19.7366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 62%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
Rishab Arya
0
Reputation points
commented 2024-01-30T14:24:33+00:00
GitaraniSharma-MSFT
47,086
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Where does Azure Firewall send TCP RST packets during Virtual Machine Scale Set scale in (scale down)?
Currently we have connection losses in our network, these seem to coincide with Azure Firewall VM instance shutdowns. Therefore I better want to understand what happens. In the Load Balancer TCP Reset and Idle Timeout documentation I read that it’s…
asked 2024-01-17T12:39:56.04+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 74%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGJ%3C/text%3E%3C/svg%3E)
Gun, JP van der (Joost) - Beheer
20
Reputation points
accepted 2024-01-26T14:49:10.6066667+00:00
Gun, JP van der (Joost) - Beheer
20
Reputation points
1 answer
How to fix the error EOF occurred in violation of protocol (_ssl.c:1129)
Hi, Azure Login’ is failing from internal jump server with below error. I’m getting this error only when we are forcing the traffic through Azure Firewall. Error: EOF occurred in violation of protocol (_ssl.c:1129)
asked 2023-11-26T08:21:41.9733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 22%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENS%3C/text%3E%3C/svg%3E)
Narendra Sharma, Rahul
0
Reputation points
commented 2023-12-01T14:12:46.0766667+00:00
GitaraniSharma-MSFT
47,086
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Permission required for configuring Azure Firewall?
Hello experts, I want to know the least or minimal roles and permissions required for configuring Azure Firewall and Policies in the Azure production environment. Thanks! Nidhi.
asked 2023-11-06T14:14:59.4466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 43%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENP%3C/text%3E%3C/svg%3E)
Nidhi Priya
386
Reputation points
accepted 2023-11-07T11:18:14.2466667+00:00
Nidhi Priya
386
Reputation points
1 answer
How to define and manage large scale connectivity rules between applications in Cloud Landing zones
What are ways in Azure to define connection rules in Virtual Networks/Subnets/security Zones for different application to communicate with each other using specific attributes such as source, destination, service, protocol... on a large scale. E.g. Let's…
asked 2023-10-20T15:55:05.86+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 6%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENJ%3C/text%3E%3C/svg%3E)
Nilesh Joshi
0
Reputation points
commented 2023-11-02T16:13:23.7+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
ChaitanyaNaykodi-MSFT
22,701
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Filter traffic from a site-to-site vpn with virtual hub, vwan and Azure firewall.
I have implemented a virtual hub, vwan and azure firewall, I need the traffic coming through a vpn site to site to be filtered by azure firewall. I am not sure how to configure it, but I have checked in microsoft documentation and I see that I could…
asked 2023-10-19T20:02:28.26+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 57.00000000000001%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEO%3C/text%3E%3C/svg%3E)
Edwin Omar Fonseca Padilla
65
Reputation points
commented 2023-10-25T04:48:42.2533333+00:00
KapilAnanth-MSFT
34,926
Reputation points Microsoft Employee