Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
656 questions
2 answers
One of the answers was accepted by the question author.
Seure Azure services
Hi, How can I keep my Azure resources secure and block unwanted IPs. Thanks, Vishnu
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 70%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
3 answers
One of the answers was accepted by the question author.
Does Azure Firewall encrypt all the network traffic sent from Azure to the Internet ?
According to https://azure.microsoft.com/en-us/products/azure-firewall/ it says , Azure Firewall decrypts outbound traffic, performs required security checks, and then encrypts the traffic to the destination. If it encrypt what kind of an algorithm…
asked 2022-12-25T16:28:35.63+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 39%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Sweety Kothari
41
Reputation points
answered 2022-12-27T13:39:58.06+00:00
KapilAnanth-MSFT
44,556
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Azure Firewall Migration to Premium
Hi Please advise if the below method to migrate standard azure firewall to Premium is place and can be used already? Sigle Click Migration
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 79%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETT%3C/text%3E%3C/svg%3E)
0 answers
AKS Egress lockdown using Azure Firewall sitting on a different VNET Connected with Azure WAN
Hi , I am trying to implement Egress traffic lock down for our AKS Clusters and below is my simple setup details . I have a AKS Cluster deployed in VNET-01 I have a Azure Firewall Deployed in VNET-02 Both VNET-01 and VNET-02 are…
asked 2022-12-20T14:17:32.66+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 51%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMH%3C/text%3E%3C/svg%3E)
Muthukumar, Harinarayanan
6
Reputation points
commented 2022-12-27T05:23:20.713+00:00
Muthukumar, Harinarayanan
6
Reputation points
3 answers
One of the answers was accepted by the question author.
NSG: Does Allow or Deny take precedence?
Points of My Scenario: I am aiming to block all incoming Internet traffic to a subnet associated with a network security group (NSG). The NSG's Inbound Rules are configured to allow RDP and ICMP from a specific Internet address: rule numbers…
asked 2022-12-20T23:14:14.247+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 67%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWF%3C/text%3E%3C/svg%3E)
Walt Forbes
21
Reputation points
commented 2022-12-26T20:14:51.653+00:00
Walt Forbes
21
Reputation points
3 answers
One of the answers was accepted by the question author.
Forced Tunneling with Azure Virtual Network, and Network Gateway in a Point-To-Site scenario.
Hi, We have a number of remote developers that require access to external services, that we have to have a static IP address for. As the developers are all remote now, we have no 'office IP address' to add. We have created an Azure Virtual Network,…
asked 2022-05-16T13:02:29.54+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 25%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Mark McGookin
21
Reputation points
answered 2022-12-26T17:45:59.827+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 38%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Randy Sutton
36
Reputation points
2 answers
Azure PaaS service - Internet Access egress path
Hi, Please confirm whether access to the Internet from an Azure PaaS service traverses to virtual networks and egress out of the virtual hub core firewall? Like to understand how the traffic flows in a standard topology. Thanks
asked 2022-12-02T20:19:58.58+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 77%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Sumeetha Mogasati
126
Reputation points
answered 2022-12-26T09:09:20.61+00:00
msrini-MSFT
9,281
Reputation points Microsoft Employee
1 answer
Upgrade Azure Firewall from Standard to Premium in vWAN Hub
Hi, I have following query Need to upgrade Azure Firewall Standard in vWAN Hub to Azure FW Premium and enable TLS, IDPS inspection after upgrade. if we use method such as FW upgrade using Terraform then what are the pre-requisites and…
asked 2022-12-21T13:33:48.693+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 25%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
Raviraj Velankar
91
Reputation points
commented 2022-12-26T03:45:09.633+00:00
KapilAnanth-MSFT
44,556
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Azure IP Group - nested groups
Is there a way to add an Azure IP Group to an existing IP Group? Like a nested group. Say groups such as DevIps with members 1.2.3.0/24 TestIps with members 1.2.4.0/24 ProdIps with members 1.2.5.0/24 can be a member of …
asked 2022-12-21T10:27:33.16+00:00
Dushyant Priyadarshee
121
Reputation points
accepted 2022-12-22T17:36:11.08+00:00
Dushyant Priyadarshee
121
Reputation points
3 answers
Subscription Disabled - Unable to delete Azure Firewall
Hi everyone, I have a free visual studio MSDN subscription, with $115/month credit. I deployed Azure Firewall 3 months ago and I now accrued costs over my budget (negative balance). So my subscription is now disabled. Due to my subscription…
asked 2021-06-29T10:59:01.06+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 65%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Ahmed
6
Reputation points
answered 2022-12-21T05:55:06.603+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 10%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERG%3C/text%3E%3C/svg%3E)
Rachel Gomez
166
Reputation points
3 answers
Azure AVD and Azure Firewall - Domain Trust Check Error
Hello Community, i have a Problem with Azure AVD and Azure Firewall. I would like to Protect my Environment with an Azure Firewall and would like to Start with the Subnet from Azure Virtual Desktop. A short Overview about my Environment. …
asked 2022-12-14T15:16:53.683+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 46%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPG%3C/text%3E%3C/svg%3E)
Philipp Gerber
271
Reputation points
commented 2022-12-20T07:00:57.32+00:00
Philipp Gerber
271
Reputation points
2 answers
One of the answers was accepted by the question author.
502 Bad Gateway error when I use Application Gateway and Azure Firewall together
I want to use the Application Gateway (WAF) and Azure Firewall together. For the test, I implemented the below scenario. In a resource group I created a VM and installed IIS. In NSG I open port 80 and test it. Another resource group I created and…
asked 2022-12-05T15:18:48.897+00:00
Mohsen Akhavan
791
Reputation points
accepted 2022-12-19T15:22:36.287+00:00
Mohsen Akhavan
791
Reputation points
2 answers
SSL Connection error while accessing Azure Storage Blob from Local Xamarin Project
I have created as Xamarin Project to upload images to Azure Blob Storage. While I am trying to access the Blob storage from my Local Machine's Xamarin Project. I am getting the following error while calling the below methods. await…
asked 2020-06-21T04:08:57.747+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 36%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMB%3C/text%3E%3C/svg%3E)
Mahesh Balasubramanian
1
Reputation point
answered 2022-12-15T21:19:18.047+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 37%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJU%3C/text%3E%3C/svg%3E)
Josu Uribe
1
Reputation point
1 answer
One of the answers was accepted by the question author.
How to route all S2S VPN traffic from on-prem to subnets through Azure firewall, without specifying every IP range in route table
In our Azure tenant we have a Azure Firewall and a Virtual Network Gateway with VPN connections to our customers. I want to route all incoming VPN traffic through the Azure Firewall, so that I can allow only certain subnets to be reached from certain VPN…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 64%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
1 answer
route from onpremise network to vm in peered vnets in Azure
Hello , i have a vpn site to site between an onpremise network and vpn gateway in azure .the vpn gateway is in Vnet A. Vnet A is in full peering with vnet B i can connect from onpremise to vm in subnetA ( VnetA) I can connect from…
asked 2022-12-08T16:37:55.77+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 65%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
APTOS
221
Reputation points
commented 2022-12-09T09:03:38.343+00:00
KapilAnanth-MSFT
44,556
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
How to RDP Azure VM behind Azure Firewall
Hello, I have a Azure VM which is behind Azure Firewall - After adding a rule under "NAT rule collection" in FW to translate FW IP into Azure VM private IP and then tried RDP to Azure VM using Firewall IP - It worked. I wanted to check if I can…
asked 2021-08-25T07:53:26.75+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 23%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
anil kumar
1,641
Reputation points
commented 2022-12-09T06:43:21.05+00:00
anil kumar
1,641
Reputation points
1 answer
CAF Landing zone and multi region
Hi folks ! I'm thinking about implementing CAF with landing zones with the following needs... The aim of the architecture is to provide customers an access to some Apis ( Apis will be exposed like that : customer1.mydomain.tld/api/v1/xxxx,…
asked 2022-12-08T07:44:58.817+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 60%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
Cloudy
206
Reputation points
answered 2022-12-08T13:52:35.453+00:00
Joe Carlyle
661
Reputation points MVP
2 answers
One of the answers was accepted by the question author.
Azure: Assign a NAT-Gateway to an Multi Zone Firewall Deployment
Has anyone ever mapped a NAT gateway behind a firewall in Azure where both were zone redundant? The big picture is as follows: We have an AKS cluster, spread across multiple zones for resiliency. Outbound traffic must be routed through the…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 87%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
AZURE SQL Server - Access trough the Azure Firewall
Hello Community, i have a Question about an Azure SQL Server and the Azure Firewall. I have configured the Azure SQL Server with Private Endpoints. The Network Hub and Spoke are with peerings connected. The Private DNS Zone is linked to both…
asked 2022-12-05T14:39:43.35+00:00
Philipp Gerber
271
Reputation points
accepted 2022-12-06T12:00:51.047+00:00
Philipp Gerber
271
Reputation points
1 answer
S2S Policy Based VPN Natting
We have an active support ticket open with Microsoft/Azure. We are trying to setup a S2S VPN in Azure with our support partner where our resources in Azure are presented on the IPSEC tunnel. The problem is we have a IP clash between our Azure IP…
asked 2022-11-03T14:52:48.193+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 16%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELR%3C/text%3E%3C/svg%3E)
Lavakumar R
36
Reputation points
commented 2022-12-05T21:36:06.897+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 69%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESD%3C/text%3E%3C/svg%3E)
Steve Down
101
Reputation points