Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
735 questions
0 answers
Adding firewall in front of web apps in Hub-and-Spoke architecture
Hi, I am shifting towards hub & spoke model in my Azure subscription so that all the traffic coming into my subscription goes through the firewall. I have multiple types of resources but I am more concerned about web apps and function apps. How can…
asked 2025-01-29T15:55:53.49+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 25%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENU%3C/text%3E%3C/svg%3E)
Najam ul Saqib
360
Reputation points
edited a comment 2025-01-30T19:15:22.1133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 15%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPB%3C/text%3E%3C/svg%3E)
Praveen Bandaru
250
Reputation points Microsoft Vendor
0 answers
Unable to access API endpoint in AWS from Azure VM
Hello Team, I'm trying to ping one of the API endpoint which is hosted in AWS behind a loadbalancer from Azure VM. I'm getting request timeout error. I've allowed the Source (Azure VNnet CIDR) and Destination (AWS VPC CIDR) and port 443 in Azure…
asked 2025-01-30T09:43:50.88+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 16%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMR%3C/text%3E%3C/svg%3E)
Mahadev, Rakesh [HAEA]
180
Reputation points
edited the question 2025-01-30T15:34:34.6533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 76%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
VarunTha
11,795
Reputation points Microsoft Vendor
1 answer
cannot read firewall log
When I try to run query against the firewall logs, below error returns: 'parse' operator: Failed to resolve scalar expression named 'msg_s' If the issue persists, please open a support ticket.
asked 2023-05-04T06:11:29.21+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 75%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK6%3C/text%3E%3C/svg%3E)
Kenneth 6318
0
Reputation points
commented 2025-01-29T13:06:36.6133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 18%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMR%3C/text%3E%3C/svg%3E)
Mario Reissmann
0
Reputation points
2 answers
One of the answers was accepted by the question author.
AKS Networking with Application Gateway and Azure Firewall
Hello everyone, I am currently implementing a solution in Azure that involves using Azure Kubernetes Service (AKS) as a backend, along with an Application Gateway for incoming traffic. Additionally, I have configured an Azure Firewall to manage outbound…
asked 2024-12-13T13:48:50.45+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 21%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
krutibasa majhi
20
Reputation points
answered 2025-01-29T11:06:17.88+00:00
krutibasa majhi
20
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure Firewall ICMP Protocol
Hi, I need to allow Domain Controller on Azure platform which is behind Azure Firewall to communicate with Domain Controller of customer. For that I need to allow ICMP Protocol. When I tried to allow ICMP in firewall network rule I get to know that it is…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 38%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPD%3C/text%3E%3C/svg%3E)
0 answers
I am unable to view service tags while adding a network rule in Azure Firewall.
Title Unable to View Service Tags When Adding a Network Rule in Azure Firewall Details I am unable to view service tags while adding a network rule in Azure Firewall. I am selecting the Destination type as Service Tag, but I can only see Office 365…
asked 2025-01-08T17:40:27.39+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 84%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESA%3C/text%3E%3C/svg%3E)
Sayyad, Altamash Salim (Cognizant)
0
Reputation points
commented 2025-01-27T11:24:13.02+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 17%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
Rohith Vinnakota
2,180
Reputation points Microsoft Vendor
1 answer
Guidance Needed for Configuring Azure Firewall for Outbound Traffic Control
Hi Experts, We currently have a setup with one HUB VNet and five Spoke VNets, all of which are peered. Additionally, there is a Site-to-Site (S2S) connection established between our on-premises network and Azure. The five Spoke VNets host multiple VMs…
asked 2025-01-15T03:52:18.3233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 69%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVC%3C/text%3E%3C/svg%3E)
veerabose chandran
260
Reputation points
answered 2025-01-15T06:21:14.12+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 0%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESW%3C/text%3E%3C/svg%3E)
Silvia Wibowo
5,126
Reputation points Microsoft Employee
1 answer
Config Azure Firewall DNS for private endpoint without using Azure Private Resolver
Hello, Lately I config a system like below Here is some description: We have 3 Vnet: VNet test (172.22.0.0/16). Inside this subnet, I set up a subnet(172.22.0.0/24) and a VM test inside this subnet VNet Hub (10.18.0.0/16): inside this subnet I config…
asked 2025-01-07T13:29:49.1366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 59%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)
lucas
25
Reputation points
commented 2025-01-13T16:12:30.0233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 71%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Ganesh Patapati
3,285
Reputation points Microsoft Vendor
1 answer
How to allow outbound web traffic only
Hello, I have setup an Azure Firewall and routes to control all traffic via the Azure Firewall. The firewall is deploy in the Hub and attached to an Express route circuit (Hub/Spoke) Additionally I have setup a rule collection group with the priority…
asked 2025-01-10T08:47:53.7+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 16%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
ADM Stawik, Lukas
0
Reputation points
answered 2025-01-10T12:48:57.15+00:00
Ganesh Patapati
3,285
Reputation points Microsoft Vendor
1 answer
Azure Firewall DNS Proxy Failing to Resolve SCM Records in Private DNS Zones
I have a hub-and-spoke architecture in Azure where I'm using Azure Firewall in the hub as a DNS proxy. I have multiple private DNS zones configured in the hub and have established VNet links to my spoke networks. I've also added A records for my function…
asked 2024-12-19T16:24:15.6466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 16%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Sagar Baghel
10
Reputation points
commented 2025-01-10T11:47:20.1766667+00:00
Ganesh Patapati
3,285
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Azure Firewall Policy Analytics: "Rules with low utilization" 60/90 day time period
I have the following issue with Policy Analytics: When viewing 'Rules with low utilization' I want to change the time period to 90 days (using the cog in upper right of the pane), but the options for 60 and 90 days are greyed out. I can only select 30…
asked 2024-11-19T09:43:35.1533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 46%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
Robbert K
21
Reputation points
commented 2025-01-09T11:19:07.5366667+00:00
Ganesh Patapati
3,285
Reputation points Microsoft Vendor
0 answers
Traffic not flowing via azure firewall when using site to site vpn
I have created a site-to-site connection between AWS and Azure. In Azure, I have a firewall in place. When the gateway connection is established, traffic is not flowing through the Azure firewall. However, when the gateway connection is disconnected or…
asked 2024-12-26T17:31:22.2366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 34%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Anushankar Konduri
0
Reputation points
commented 2025-01-08T01:41:24.1833333+00:00
Rohith Vinnakota
2,180
Reputation points Microsoft Vendor
5 answers
One of the answers was accepted by the question author.
How to get all firewall rules with all the properties via Azures Resource Graph?
Hi, I need help with proper formulation of a query that would give me all firewall rules with all properties so it can be saved as a CSV file. All rules from a particular directory.
asked 2023-03-22T12:59:31.23+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 62%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDS%3C/text%3E%3C/svg%3E)
Dominika Starostka
20
Reputation points
commented 2025-01-07T13:24:43.4566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 19%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOD%3C/text%3E%3C/svg%3E)
Oscar de Groot
11
Reputation points
1 answer
One of the answers was accepted by the question author.
Hub, Spoke - S2S VPN Trafice via Azure Firewall
Hello, Recently I have create a system like below image I have config 3 VNET: VNET test(10.19.0.0/16) : in this vnet, I config a subnet(10.19.0.0/24) and a test VM (OS window server 2022) with a public IP named publicIPDev. I want to remote to this…
1 answer
Network latency between Azure Global VNet Peering
Hi Team, I have a scenario below. Users at the East US site access the webpage site1.abc.com which is hosted on a Citrix Netscaler in the Central US region. Users from the East US site connect in multiple ways, through VPN or AVD environment to access…
asked 2024-12-14T13:24:05.3933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 6%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
SHAKIR SHAIKH
0
Reputation points
edited the question 2025-01-07T13:02:41.58+00:00
Prrudram-MSFT
27,621
Reputation points
0 answers
Using Azure Private Resolver with Firewall DNS proxy
Hi, I am currently looking at implementing Azure DNS private resolver (inbound and outbound endpoint subnets) within a hub-and-spoke network with the ultimate goal of resolving DNS to/from an on premise site located down a VPN connection and the spokes…
asked 2024-09-10T10:39:50.1433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 94%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEV%3C/text%3E%3C/svg%3E)
Eddie Vincent
105
Reputation points
commented 2024-12-31T04:25:34.4366667+00:00
Silvia Wibowo
5,126
Reputation points Microsoft Employee
1 answer
connectivity issue over internet via azure firewall
Hi Team, I have a vm A in a vnet (SPOKE) region japan who talks to public ip on internet via azure firewall (HUB). We have a udr default route pointing to Firewall , all traffic to internet goes via azure firewall. We see that VM talks to destination…
asked 2024-12-30T12:00:01.8633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 33%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3E5%3C/text%3E%3C/svg%3E)
56789
5
Reputation points
answered 2024-12-30T20:05:15.34+00:00
Rohith Vinnakota
2,180
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Azure private zone with on prem ADDNS
I had a requirement to use the Azure firewall proxy to capture and log DNS traffic comping Azure private link services. My plan was to setup conditional forwarder for all private DNS resources from on prem to Azure firewall using firewall proxy to DNS…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 46%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
Firewall turn on
https://learn.microsoft.com/en-us/azure/firewall/firewall-faq#how-can-i-stop-and-start-azure-firewall using the instructions awhile back to save $$, we disabled the farewell, now I need to turn it back on. Wanting to stay with this docs by MS. what do i…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 36%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EED%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
Does traffic from Azure Firewall to Service Tag like Azure Monitor stays on backbone
Hi, I have hosted some containers in Azure which are sending telemetry to Application Insight. We have a firewall in the connectivity hub. All spoke traffic (0.0.0.0/0) is routed to the firewall. So the outbound traffic from container to Application…
asked 2024-12-20T05:28:14.64+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 19%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER2%3C/text%3E%3C/svg%3E)
RajivBansal-2486
331
Reputation points
accepted 2024-12-24T07:18:49.8366667+00:00
RajivBansal-2486
331
Reputation points