Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
731 questions
1 answer
One of the answers was accepted by the question author.
How would TLS inspection work with WAF enabled App Gateway and Azure Firewall?
Hi, I have been struggling with this from a while now. Our design has WAF enabled App gateway for incoming HTTP / HTTPS traffic from internet and then have Azure Firewall behind it. Have couple of queries for which I need assistance: 1: Does WAF has…
asked 2024-09-18T23:33:09.83+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 89%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Rakesh Singh
370
Reputation points
commented 2025-03-12T09:54:19.4866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 40%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJR%3C/text%3E%3C/svg%3E)
Jørgen Woortman
0
Reputation points
0 answers
Unexpected Behavior with Azure Firewall Draft Rules – Existing Rule Collections Deleted
Hi Everyone, I recently started using the new Draft mode feature in Azure Firewall for staging access rules. However, I’ve encountered an unexpected issue and wanted to check if others have experienced the same. Steps to Reproduce: Enable Draft mode in…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 71%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
0 answers
Azure Portal - Add DNAT firewall rule error
"Cannot read properties of undefined (reading 'toLowerCase')" Get the above error when clicking 'Add rule' in the DNAT rules blade under our Firewall policy.
asked 2025-03-11T17:13:22.36+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 78%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELS%3C/text%3E%3C/svg%3E)
Lord Saradomin
0
Reputation points
commented 2025-03-11T19:03:02.3366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 17%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
Rohith Vinnakota
3,155
Reputation points Microsoft External Staff
0 answers
Azure firewall Active -Passive mode similar like PA
I want to setup Azure firewall 2 instance. 1 is node is active and 1 node is passive. i cant find any such scenarios on internet having such design with failover.
asked 2025-03-11T06:34:06.4433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 17%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
AzurePro
40
Reputation points
edited a comment 2025-03-11T13:27:19.3666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 15%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPB%3C/text%3E%3C/svg%3E)
Praveen Bandaru
850
Reputation points Microsoft External Staff
1 answer
Options for Retaining or Use the Existing Public IP of Azure firewall without zone redundancy while Deploying a New Azure Firewall with HA
Hi, I am looking for a way to retain the existing public IP of the Azure Firewall, which currently does not have zone redundancy, while planning to implement zone redundancy. To achieve this, I need to create a new firewall instance, as zone redundancy…
asked 2025-03-04T19:10:00.09+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 4%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
$@chin
150
Reputation points
edited a comment 2025-03-11T13:17:26.0166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 81%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Sai Prasanna Sinde
4,335
Reputation points Microsoft External Staff
1 answer
Azure Firewall Application rule not working
Hi, I have Azure firewall with premium sku. I have created rule collection group GRP1 (priority 500) contains DNAT rule ( priority 400,410) and network rule ( priority 1000 to 65000). Now I have requirement to allow only 3 urls (not any other URLS) …
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 43%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
1 answer
Can't connect site-to-site VPN
I have a Sophos firewall that I can't connect to the Azure Remote gateway
asked 2025-03-03T17:28:35.97+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 50%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETS%3C/text%3E%3C/svg%3E)
Tom Smith
5
Reputation points
edited a comment 2025-03-07T06:41:01.33+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 36%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
G Sree Vidya
255
Reputation points Microsoft External Staff
1 answer
One of the answers was accepted by the question author.
ICMP Timestamp Request Remote Date Disclosure Details - The remote host answers to an ICMP timestamp request.
how to resolve this or do we have any information if we can restrict on firewall
asked 2024-07-24T14:17:37.48+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 48%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Shaweta Bhardwaj
35
Reputation points Microsoft Employee
commented 2025-03-05T13:32:04.9466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 35%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHP%3C/text%3E%3C/svg%3E)
HARI PARASATH S
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure Firewall Policy Analytics: "Rules with low utilization" 60/90 day time period
I have the following issue with Policy Analytics: When viewing 'Rules with low utilization' I want to change the time period to 90 days (using the cog in upper right of the pane), but the options for 60 and 90 days are greyed out. I can only select 30…
asked 2024-11-19T09:43:35.1533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 46%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
Robbert K
31
Reputation points
commented 2025-03-03T13:00:30.69+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 25%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJL%3C/text%3E%3C/svg%3E)
Jessica Lavoie
0
Reputation points
1 answer
Issue with deleting all resources in Azure
I have Issue with deleting all resources in Azure not sure what is the issue getting below error.
asked 2025-02-27T07:39:29.4333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 93%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
kishore matte
0
Reputation points
answered 2025-02-27T14:58:56.5433333+00:00
Praveen Bandaru
850
Reputation points Microsoft External Staff
1 answer
One of the answers was accepted by the question author.
Why does Azure Firewall DNAT rules does not allow creating a rule without port translation?
I am working on an application architecture which requires 150 Public IPs in Azure firewall to support 150 enterprise customers. Each customer will be assigned with Its own Public IP on Azure firewall to access the application. Traffic will be allowed on…
asked 2025-02-23T20:43:15.9133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 51%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERB%3C/text%3E%3C/svg%3E)
Rahul Bhatia
20
Reputation points Microsoft Employee
accepted 2025-02-27T08:51:43.1766667+00:00
Rahul Bhatia
20
Reputation points Microsoft Employee
1 answer
Network Hub and spoke
I have the following scenario, Virtual network gateway (only one) This network gateway has VPN IPSEC connected. This network gateway has VPN Point-to-Site (Aovpn) This network gateway provides the routing for other vnet using the architecture hub…
asked 2025-02-17T15:19:06.57+00:00
Allan Guerreiro
0
Reputation points
commented 2025-02-24T17:05:03.23+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 71%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Ganesh Patapati
4,320
Reputation points Microsoft External Staff
3 answers
Best practice for Azure Firewall Disaster Recovery
We are looking into our Disaster Recovery plan and wanting to refine it for our Azure services. We currently have multiple connectors that are pointed at public IPs that are on our Azure Firewall that are DNAT'd to their perspective VMs. In the event of…
asked 2023-09-14T22:59:04.2966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 95%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEB%3C/text%3E%3C/svg%3E)
Everett Brandeau
5
Reputation points
answered 2025-02-24T05:16:44.01+00:00
Atanu Gupta
141
Reputation points
1 answer
One of the answers was accepted by the question author.
How come Azure KeyVault Private DNS works differently to Azure SQL Servers?
I have recently started Private Endpointing all of our infrastructure. As we are in Hub to Spoke environment we are using one Private DNS for each resource type which is then linked to the spokes and Hubs. We then create private endpoints for each…
asked 2025-02-20T10:40:09.91+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 30%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELN%3C/text%3E%3C/svg%3E)
Liam Newton
25
Reputation points
commented 2025-02-21T09:37:13.5866667+00:00
Liam Newton
25
Reputation points
1 answer
One of the answers was accepted by the question author.
What I'm trying to accomplish vs. What I'm being charged for...Help
I'm trying to use Azure Free Account in a way that most probably are not used to seeing. I have a hobby of tracking and managing a statistics database for eSports on the side. I came across the free Azure account and it seemed like a good way to manage…
asked 2025-02-17T15:57:18.71+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 36%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Spencer Petrillo
20
Reputation points
accepted 2025-02-20T18:51:52.87+00:00
Spencer Petrillo
20
Reputation points
2 answers
One of the answers was accepted by the question author.
Azure Basic Firewall Public IP Egress calls
I have an azure basic firewall, From one of my VM egress call happening to a URL(Which is whitelisted). I have around 12 Public IPs attached to Firewall. How do I verify from which Public IP the request landed in target(no access logs available in…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
731 questions
Azure FastTrack
Azure FastTrack
Azure: A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.FastTrack: This tag is no longer in use. Please use 'Azure Startups' instead.
78 questions
asked 2025-02-20T11:43:04.4666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 70%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDF%3C/text%3E%3C/svg%3E)
Deepaklal-FT
86
Reputation points
answered 2025-02-20T18:28:18.74+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 41%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENV%3C/text%3E%3C/svg%3E)
Naga Venkata Sai Vagdevi Poojitha Returi
75
Reputation points Microsoft External Staff
1 answer
Cannot connect to Application Service from the Application Gateway when Private endpoints and Virtual Network Integration
Cannot connect to Application Service from the Application Gateway when Private endpoints and Virtual Network Integration Application Gateway give 502 error
asked 2025-02-16T16:09:08.01+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 90%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EME%3C/text%3E%3C/svg%3E)
Morgan Ecklund
0
Reputation points
commented 2025-02-20T14:45:17.0033333+00:00
Morgan Ecklund
0
Reputation points
2 answers
Unexpected Network Traffic Reaching VM Despite NSG Configuration in Azure
We are experiencing an issue where network traffic is reaching our Virtual Machine, even though our Network Security Group (NSG) is configured to block this traffic. For example, traffic on port 80 is being logged by UFW on the VM, despite the NSG rules…
asked 2025-02-12T20:30:27.2933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 63%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
nma
5
Reputation points
answered 2025-02-19T13:14:43.2533333+00:00
KapilAnanth-MSFT
49,016
Reputation points Microsoft Employee
1 answer
Security and protection against ransomware/malware in Azure
We have VPN S2S connections from various locations. Plannign to deploy Azure Standard firewall. None of the VMs have public ips. We will be configuring azure sql managed instance with private endpoints and storage accounts with private links. Also will…
asked 2025-02-12T13:09:25.79+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 13%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
cloudseeker
0
Reputation points
commented 2025-02-17T14:53:06.26+00:00
Rohith Vinnakota
3,155
Reputation points Microsoft External Staff
1 answer
Does Basic Azure Firewall supports X-FOrward-For
Does Basic Azure Firewall supports X-FOrward-For? How do I verify the client IP is passing to VM(apache2)?
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
731 questions
Azure FastTrack
Azure FastTrack
Azure: A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.FastTrack: This tag is no longer in use. Please use 'Azure Startups' instead.
78 questions
asked 2025-02-10T13:52:27.39+00:00
Deepaklal-FT
86
Reputation points
commented 2025-02-17T14:47:51.2366667+00:00
Rohith Vinnakota
3,155
Reputation points Microsoft External Staff