Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
715 questions
0 answers
Is there a limit of how many IP ranges can be in Source field in a single DNAT rule in Azure Firewall Standard?
Hi Is there a documented limit on the maximum number of IP address ranges that can be specified in the Source field in a single DNAT rule in Azure Firewall Standard SKU? I was looking at Policy Analytics for my Azure Firewall Policy, and 1 of the…
asked 2025-02-07T05:29:11.79+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 47%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMK%3C/text%3E%3C/svg%3E)
Murali Kumar
0
Reputation points
commented 2025-02-10T23:38:14.3566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 17%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
Rohith Vinnakota
2,520
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Connecting Azure FrontDoor to Azure app services through VWAN integrated with Azure firewall
Here is the scenario for the setup we have: We have one subscription (HUB ) created to deploy secured Azure virtual WAN integrated with Azure firewall with Microsoft paired regions East US (primary region) and West US (secondary region). This is…
asked 2023-10-20T01:42:10.2666667+00:00
Suwarna S Kale
471
Reputation points
accepted 2025-02-10T21:41:42.79+00:00
Suwarna S Kale
471
Reputation points
2 answers
One of the answers was accepted by the question author.
Express Route and VPN together
Our scenario: We are planning to use Express Route, VWAN integrated with Azure Firewall in East US (primary site) and West US (secondary/DR site) and we will be connecting the on-premise data center with Express Route. Questions: If we are using the…
asked 2023-10-17T12:02:02.0033333+00:00
Suwarna S Kale
471
Reputation points
accepted 2025-02-10T21:38:11.2733333+00:00
Suwarna S Kale
471
Reputation points
0 answers
Traffic Forwarding from one VM to another VM in Azure
Hello, I am looking for a solution to forward traffic from a web VM to an app VM. Specifically, when a user tries to access the web VM on port 6545, the traffic should be routed through the web VM to the app VM on port 6767. Can this be achieved in…
asked 2025-02-07T13:54:51.8333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 4%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
$@chin
145
Reputation points
commented 2025-02-10T15:34:26.9733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 71%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Ganesh Patapati
3,530
Reputation points Microsoft Vendor
0 answers
Does Basic Azure Firewall supports X-FOrward-For
Does Basic Azure Firewall supports X-FOrward-For? How do I verify the client IP is passing to VM(apache2)?
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
715 questions
Azure FastTrack
Azure FastTrack
Azure: A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.FastTrack: This tag is no longer in use. Please use 'Azure Startups' instead.
77 questions
asked 2025-02-10T13:52:27.39+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 70%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDF%3C/text%3E%3C/svg%3E)
Deepaklal-FT
66
Reputation points
commented 2025-02-10T14:13:54.3166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 60%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EUK%3C/text%3E%3C/svg%3E)
Udayashankar K.N
160
Reputation points Microsoft Employee
1 answer
Adding firewall in front of web apps in Hub-and-Spoke architecture
Hi, I am shifting towards hub & spoke model in my Azure subscription so that all the traffic coming into my subscription goes through the firewall. I have multiple types of resources but I am more concerned about web apps and function apps. How can…
asked 2025-01-29T15:55:53.49+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 25%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENU%3C/text%3E%3C/svg%3E)
Najam ul Saqib
360
Reputation points
commented 2025-02-10T13:42:32.9166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 15%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPB%3C/text%3E%3C/svg%3E)
Praveen Bandaru
425
Reputation points Microsoft Vendor
0 answers
Route only P2s traffic through firewall
I have a relatively simple network setup A spoke(192.168.0.1/24) and a hub network(172.17.32.0) .In the hub network I have a firewall in firewall subnet and a vpn gateway in gateway subnet.In the vpn gateway i have configured multiple s2s tunnels and …
asked 2025-02-07T07:23:27.2033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 23%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGG%3C/text%3E%3C/svg%3E)
George Geoffrick G
20
Reputation points
commented 2025-02-07T16:34:37.81+00:00
George Geoffrick G
20
Reputation points
9 answers
When to use Azure WAF or Azure Firewall ?
Hi Folks, Can anyone here please share some thoughts and comments of when to use Azure WAF or Azure Firewall? I have already existing Azure ExpressRoute so my Azure VMs can ping my OnPremise servers, and vice versa. My purpose here is to be able to…
asked 2020-11-15T13:17:27.597+00:00
EnterpriseArchitect
5,646
Reputation points
answered 2025-02-06T06:38:53.57+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 5%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVD%3C/text%3E%3C/svg%3E)
VIVEK DWIVEDI
105
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Unable to access API endpoint in AWS from Azure VM
Hello Team, I'm trying to ping one of the API endpoint which is hosted in AWS behind a loadbalancer from Azure VM. I'm getting request timeout error. I've allowed the Source (Azure VNnet CIDR) and Destination (AWS VPC CIDR) and port 443 in Azure…
asked 2025-01-30T09:43:50.88+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 16%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMR%3C/text%3E%3C/svg%3E)
Mahadev, Rakesh [HAEA]
200
Reputation points
accepted 2025-01-31T14:39:21.32+00:00
Mahadev, Rakesh [HAEA]
200
Reputation points
1 answer
cannot read firewall log
When I try to run query against the firewall logs, below error returns: 'parse' operator: Failed to resolve scalar expression named 'msg_s' If the issue persists, please open a support ticket.
asked 2023-05-04T06:11:29.21+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 75%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK6%3C/text%3E%3C/svg%3E)
Kenneth 6318
0
Reputation points
commented 2025-01-29T13:06:36.6133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 18%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMR%3C/text%3E%3C/svg%3E)
Mario Reissmann
0
Reputation points
2 answers
One of the answers was accepted by the question author.
AKS Networking with Application Gateway and Azure Firewall
Hello everyone, I am currently implementing a solution in Azure that involves using Azure Kubernetes Service (AKS) as a backend, along with an Application Gateway for incoming traffic. Additionally, I have configured an Azure Firewall to manage outbound…
asked 2024-12-13T13:48:50.45+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 21%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
krutibasa majhi
25
Reputation points
answered 2025-01-29T11:06:17.88+00:00
krutibasa majhi
25
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure Firewall ICMP Protocol
Hi, I need to allow Domain Controller on Azure platform which is behind Azure Firewall to communicate with Domain Controller of customer. For that I need to allow ICMP Protocol. When I tried to allow ICMP in firewall network rule I get to know that it is…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 38%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPD%3C/text%3E%3C/svg%3E)
0 answers
I am unable to view service tags while adding a network rule in Azure Firewall.
Title Unable to View Service Tags When Adding a Network Rule in Azure Firewall Details I am unable to view service tags while adding a network rule in Azure Firewall. I am selecting the Destination type as Service Tag, but I can only see Office 365…
asked 2025-01-08T17:40:27.39+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 84%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESA%3C/text%3E%3C/svg%3E)
Sayyad, Altamash Salim (Cognizant)
0
Reputation points
commented 2025-01-27T11:24:13.02+00:00
Rohith Vinnakota
2,520
Reputation points Microsoft Vendor
1 answer
Guidance Needed for Configuring Azure Firewall for Outbound Traffic Control
Hi Experts, We currently have a setup with one HUB VNet and five Spoke VNets, all of which are peered. Additionally, there is a Site-to-Site (S2S) connection established between our on-premises network and Azure. The five Spoke VNets host multiple VMs…
asked 2025-01-15T03:52:18.3233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 69%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVC%3C/text%3E%3C/svg%3E)
veerabose chandran
260
Reputation points
answered 2025-01-15T06:21:14.12+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 0%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESW%3C/text%3E%3C/svg%3E)
Silvia Wibowo
5,281
Reputation points Microsoft Employee
1 answer
Config Azure Firewall DNS for private endpoint without using Azure Private Resolver
Hello, Lately I config a system like below Here is some description: We have 3 Vnet: VNet test (172.22.0.0/16). Inside this subnet, I set up a subnet(172.22.0.0/24) and a VM test inside this subnet VNet Hub (10.18.0.0/16): inside this subnet I config…
asked 2025-01-07T13:29:49.1366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 59%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)
lucas
25
Reputation points
commented 2025-01-13T16:12:30.0233333+00:00
Ganesh Patapati
3,530
Reputation points Microsoft Vendor
1 answer
How to allow outbound web traffic only
Hello, I have setup an Azure Firewall and routes to control all traffic via the Azure Firewall. The firewall is deploy in the Hub and attached to an Express route circuit (Hub/Spoke) Additionally I have setup a rule collection group with the priority…
asked 2025-01-10T08:47:53.7+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 16%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
ADM Stawik, Lukas
0
Reputation points
answered 2025-01-10T12:48:57.15+00:00
Ganesh Patapati
3,530
Reputation points Microsoft Vendor
1 answer
Azure Firewall DNS Proxy Failing to Resolve SCM Records in Private DNS Zones
I have a hub-and-spoke architecture in Azure where I'm using Azure Firewall in the hub as a DNS proxy. I have multiple private DNS zones configured in the hub and have established VNet links to my spoke networks. I've also added A records for my function…
asked 2024-12-19T16:24:15.6466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 16%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Sagar Baghel
10
Reputation points
commented 2025-01-10T11:47:20.1766667+00:00
Ganesh Patapati
3,530
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Azure Firewall Policy Analytics: "Rules with low utilization" 60/90 day time period
I have the following issue with Policy Analytics: When viewing 'Rules with low utilization' I want to change the time period to 90 days (using the cog in upper right of the pane), but the options for 60 and 90 days are greyed out. I can only select 30…
asked 2024-11-19T09:43:35.1533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 46%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
Robbert K
21
Reputation points
commented 2025-01-09T11:19:07.5366667+00:00
Ganesh Patapati
3,530
Reputation points Microsoft Vendor
0 answers
Traffic not flowing via azure firewall when using site to site vpn
I have created a site-to-site connection between AWS and Azure. In Azure, I have a firewall in place. When the gateway connection is established, traffic is not flowing through the Azure firewall. However, when the gateway connection is disconnected or…
asked 2024-12-26T17:31:22.2366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 34%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Anushankar Konduri
0
Reputation points
commented 2025-01-08T01:41:24.1833333+00:00
Rohith Vinnakota
2,520
Reputation points Microsoft Vendor
5 answers
One of the answers was accepted by the question author.
How to get all firewall rules with all the properties via Azures Resource Graph?
Hi, I need help with proper formulation of a query that would give me all firewall rules with all properties so it can be saved as a CSV file. All rules from a particular directory.
asked 2023-03-22T12:59:31.23+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 62%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDS%3C/text%3E%3C/svg%3E)
Dominika Starostka
20
Reputation points
commented 2025-01-07T13:24:43.4566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 19%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOD%3C/text%3E%3C/svg%3E)
Oscar de Groot
11
Reputation points