Seure Azure services
Hi, How can I keep my Azure resources secure and block unwanted IPs. Thanks, Vishnu
Does Azure Firewall encrypt all the network traffic sent from Azure to the Internet ?
According to https://azure.microsoft.com/en-us/products/azure-firewall/ it says , Azure Firewall decrypts outbound traffic, performs required security checks, and then encrypts the traffic to the destination. If it encrypt what kind of an algorithm…
Azure Firewall Migration to Premium
Hi Please advise if the below method to migrate standard azure firewall to Premium is place and can be used already? Sigle Click Migration
AKS Egress lockdown using Azure Firewall sitting on a different VNET Connected with Azure WAN
Hi , I am trying to implement Egress traffic lock down for our AKS Clusters and below is my simple setup details . I have a AKS Cluster deployed in VNET-01 I have a Azure Firewall Deployed in VNET-02 Both VNET-01 and VNET-02 are…
NSG: Does Allow or Deny take precedence?
Points of My Scenario: I am aiming to block all incoming Internet traffic to a subnet associated with a network security group (NSG). The NSG's Inbound Rules are configured to allow RDP and ICMP from a specific Internet address: rule numbers…
Forced Tunneling with Azure Virtual Network, and Network Gateway in a Point-To-Site scenario.
Hi, We have a number of remote developers that require access to external services, that we have to have a static IP address for. As the developers are all remote now, we have no 'office IP address' to add. We have created an Azure Virtual Network,…
Azure PaaS service - Internet Access egress path
Hi, Please confirm whether access to the Internet from an Azure PaaS service traverses to virtual networks and egress out of the virtual hub core firewall? Like to understand how the traffic flows in a standard topology. Thanks
Upgrade Azure Firewall from Standard to Premium in vWAN Hub
Hi, I have following query Need to upgrade Azure Firewall Standard in vWAN Hub to Azure FW Premium and enable TLS, IDPS inspection after upgrade. if we use method such as FW upgrade using Terraform then what are the pre-requisites and…
Azure IP Group - nested groups
Is there a way to add an Azure IP Group to an existing IP Group? Like a nested group. Say groups such as DevIps with members 1.2.3.0/24 TestIps with members 1.2.4.0/24 ProdIps with members 1.2.5.0/24 can be a member of …
Subscription Disabled - Unable to delete Azure Firewall
Hi everyone, I have a free visual studio MSDN subscription, with $115/month credit. I deployed Azure Firewall 3 months ago and I now accrued costs over my budget (negative balance). So my subscription is now disabled. Due to my subscription…
Azure AVD and Azure Firewall - Domain Trust Check Error
Hello Community, i have a Problem with Azure AVD and Azure Firewall. I would like to Protect my Environment with an Azure Firewall and would like to Start with the Subnet from Azure Virtual Desktop. A short Overview about my Environment. …
502 Bad Gateway error when I use Application Gateway and Azure Firewall together
I want to use the Application Gateway (WAF) and Azure Firewall together. For the test, I implemented the below scenario. In a resource group I created a VM and installed IIS. In NSG I open port 80 and test it. Another resource group I created and…
SSL Connection error while accessing Azure Storage Blob from Local Xamarin Project
I have created as Xamarin Project to upload images to Azure Blob Storage. While I am trying to access the Blob storage from my Local Machine's Xamarin Project. I am getting the following error while calling the below methods. await…
How to route all S2S VPN traffic from on-prem to subnets through Azure firewall, without specifying every IP range in route table
In our Azure tenant we have a Azure Firewall and a Virtual Network Gateway with VPN connections to our customers. I want to route all incoming VPN traffic through the Azure Firewall, so that I can allow only certain subnets to be reached from certain VPN…
route from onpremise network to vm in peered vnets in Azure
Hello , i have a vpn site to site between an onpremise network and vpn gateway in azure .the vpn gateway is in Vnet A. Vnet A is in full peering with vnet B i can connect from onpremise to vm in subnetA ( VnetA) I can connect from…
How to RDP Azure VM behind Azure Firewall
Hello, I have a Azure VM which is behind Azure Firewall - After adding a rule under "NAT rule collection" in FW to translate FW IP into Azure VM private IP and then tried RDP to Azure VM using Firewall IP - It worked. I wanted to check if I can…
CAF Landing zone and multi region
Hi folks ! I'm thinking about implementing CAF with landing zones with the following needs... The aim of the architecture is to provide customers an access to some Apis ( Apis will be exposed like that : customer1.mydomain.tld/api/v1/xxxx,…
Azure: Assign a NAT-Gateway to an Multi Zone Firewall Deployment
Has anyone ever mapped a NAT gateway behind a firewall in Azure where both were zone redundant? The big picture is as follows: We have an AKS cluster, spread across multiple zones for resiliency. Outbound traffic must be routed through the…
AZURE SQL Server - Access trough the Azure Firewall
Hello Community, i have a Question about an Azure SQL Server and the Azure Firewall. I have configured the Azure SQL Server with Private Endpoints. The Network Hub and Spoke are with peerings connected. The Private DNS Zone is linked to both…
S2S Policy Based VPN Natting
We have an active support ticket open with Microsoft/Azure. We are trying to setup a S2S VPN in Azure with our support partner where our resources in Azure are presented on the IPSEC tunnel. The problem is we have a IP clash between our Azure IP…