Azure VWAN traffic between source and destination worked in HUB but did not work when the hub became secure with Azure Firewall.

Veera 260 Reputation points
2024-08-25T15:26:29.53+00:00

Hi Experts,

Please see the attached ENV diagram; when the VWAN does not have a firewall, traffic from siteA to App01 works, and vice versa; however, once the firewall is installed in the HUB with the allow all FW policy, communication from siteA to App01 does not work.

could you please guide me how to resolve the issue.

Env.jpg

Thanks & Regards,

Veera.

Azure Virtual WAN
Azure Virtual WAN
An Azure virtual networking service that provides optimized and automated branch-to-branch connectivity.
229 questions
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
685 questions
Azure Firewall Manager
Azure Firewall Manager
An Azure service that provides central network security policy and route management for globally distributed, software-defined perimeters.
95 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Ganesh Patapati 1,745 Reputation points Microsoft Vendor
    2024-08-26T13:41:16.2233333+00:00

    Hi Veera,

    Welcome to the Microsoft Q&A Platform! Thank you for asking your question here.

    • This occurs when the traffic from the source to the destination takes a different path than the return traffic.

    In your case, the traffic from the source to the destination might be going through the Azure Firewall, but the return traffic might be bypassing the firewall, causing the connection to fail.

    Routing Configuration:

    • This is likely due to asymmetric routing.
    • Misconfigured routes might cause the traffic to be dropped.
    • Ensure there are no conflicting NSGs or UDRs that could be interfering with the traffic flow.

    This can be achieved by configuring the routing policies and intent correctly.

    Please Refer: https://learn.microsoft.com/en-us/azure/virtual-wan/how-to-routing-policies

    Kindly let us know if the above helps or you need further assistance on this issue.

    If the answer is helpful, please click "Accept Answer" and "Upvote it."

    Regards,

    Ganesh Patapati

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.