Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
656 questions
8 answers
One of the answers was accepted by the question author.
Azure Firewall Policy cannot be deleted, because it is in Provisioning state Updating
Hi, I already deleted all dependent resources (firewall, ipgroups, etc.) so the firewall policy is the only resource in my resource group. It is in Provisioning state "updating" for 3 days and noting happens. Is there a way to force the…
asked 2022-01-10T08:40:21.097+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 83%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Marius
31
Reputation points
commented 2022-12-05T10:02:55.72+00:00
GitaraniSharma-MSFT
49,486
Reputation points Microsoft Employee
1 answer
High number false positives with AFW and wordpress
Hi, We are having false positives with wordpress and it is impossible to avoid them with exclusion rules or custom rules because there are many false positives and each one is one different rule and the people connect from different ip address…
asked 2022-11-30T07:28:26.77+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 3%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPM%3C/text%3E%3C/svg%3E)
Pineda-Montes Jose-Antonio
1
Reputation point
commented 2022-11-30T14:57:16.56+00:00
KapilAnanth-MSFT
44,556
Reputation points Microsoft Employee
0 answers
Azure Firewall inbound SSL inspection
Hi, would like to confirm if Azure Firewall Premium supports inbound SSL inspection, if not, any idea on preview/GA timeline?
asked 2022-11-19T00:42:07.73+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 74%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETL%3C/text%3E%3C/svg%3E)
Thomas Lam (Group)
1
Reputation point
commented 2022-11-28T18:40:38.507+00:00
Thomas Lam (Group)
1
Reputation point
0 answers
Updating Azure firewall failed
I am trying to add a rule to the azure firewall policy rule collection, but the pipeline is failing with the error The code is written in Terraform with version 1.2.7 and AzureRm with version 2.98. waiting Firewall Policy Rule Collection Group…
asked 2022-11-23T14:41:54.2+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 9%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
sreelekshmi shaji
1
Reputation point
commented 2022-11-24T06:21:27.257+00:00
KapilAnanth-MSFT
44,556
Reputation points Microsoft Employee
3 answers
Ability to add port ranges to DNAT rule
Hi, Is it possible to add a range of ports to a DNAT rule with Azure firewall? We currently have a machine that required a large range of UDP ports to be open, and adding individual rules for each port will be rather unmanageable. Thanks
asked 2020-09-14T08:50:43.617+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 72%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
Dan
176
Reputation points
commented 2022-11-21T18:54:55.97+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 69%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMK%3C/text%3E%3C/svg%3E)
Marek Kurowski
21
Reputation points
1 answer
Azure Firewall - TLS Inspection expection list
In Azure Firewall, is it possible to create an exception list to avoid TLS inspection on specific websites?
asked 2022-11-20T23:00:55.55+00:00
Stephane Budo
426
Reputation points
answered 2022-11-21T06:01:30.3+00:00
KapilAnanth-MSFT
44,556
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Azure Firewall Routes in a Virtual WAN secured hub
Hi, I deployed the following architecture in Azure: I want to reach from vNIC1 (10.25.14) to vNIC2 (10.26.1.4). I see that the routing from vNIC1 goes to Azure FW, the question is where can I see the routing from Azure FW to vNIC2? As…
asked 2022-11-10T15:53:18.077+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 52%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELE%3C/text%3E%3C/svg%3E)
Lior Elayev
61
Reputation points
accepted 2022-11-20T12:21:39.817+00:00
Lior Elayev
61
Reputation points
2 answers
firewall logs are not working. I can't make any query
does anyone know what could be the reason why I cannot execute any query? Thank you
asked 2022-11-11T21:34:24.193+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 14.000000000000002%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPW%3C/text%3E%3C/svg%3E)
Pawel Wilusz
1
Reputation point
commented 2022-11-18T16:10:35.373+00:00
Pawel Wilusz
1
Reputation point
2 answers
DMZ Environment in Azure
Hi, Can anybody suggest to me how do I configure DMZ environment in Azure? This is the architecture - ![78746-image.png][1] [1]: /api/attachments/78746-image.png?platform=QnA I need to know how do I configure the gateways in order to communicate in the…
asked 2021-03-17T09:53:42.717+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 63%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EE%3C/text%3E%3C/svg%3E)
Error_401
86
Reputation points
commented 2022-11-15T15:45:52.907+00:00
GitaraniSharma-MSFT
49,486
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Internal Web servers access from Internet
Hello, I deploy an architecture on Azure. I have a spoke vnet for DMZ where I have currently 2 Web servers (application1.company.com, application2.company.com). The spoke DMZ communicate, via a vnet peering, with our Hub where I deployed a firewall…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 99%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJR%3C/text%3E%3C/svg%3E)
2 answers
Databricks error: Failed to download bootstrap script from artifact storage
Azure Firewall: Hub & Spoke architecture Databricks: 7.4 runtime Azure region: West Us2 I followed this data-exfiltration-protection-with-azure-databricks.html detailed walkthrough guide to setup protect data exfiltration with Azure…
asked 2021-03-21T08:25:41.673+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 33%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPM%3C/text%3E%3C/svg%3E)
Porsche Me
131
Reputation points
answered 2022-11-07T21:11:36.963+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 7.000000000000001%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
Jay Mehta
1
Reputation point
1 answer
One of the answers was accepted by the question author.
Security in PaaS services
Hello, I wanted to know a basic yet undiscovered topic related to the security of Azure PaaS services. We all know that PaaS services like Storage Account have a so-called "firewall" feature built into the service. My question is are…
asked 2022-10-21T06:39:01.333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 44%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Mohamed Aquib Chiniwala
46
Reputation points
accepted 2022-10-28T12:12:09.537+00:00
Mohamed Aquib Chiniwala
46
Reputation points
1 answer
Azure Microsoft IP Import into Baraccuda-Azure IP Ranges and Service Tags - Public Cloud
I am trying to automatically upload these IPs into my Baracuda firewall but all instructions online are not providing workable solutions. any ideas
asked 2022-10-21T11:24:30.567+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 1%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
mandingo
1
Reputation point
commented 2022-10-21T16:04:24.26+00:00
Joe Carlyle
661
Reputation points MVP
0 answers
Client SSL Certificate Passthrough to server in Azure Firewall premium?
Hello, We are moving some web services that run on IIS and have SSL Setting to 'Require' Client certificate. The callers of our service provide a ssl client certificate and that must be passed through by the loadbalancer to the backend server/VM. …
asked 2022-10-20T16:01:17.383+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 93%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPS%3C/text%3E%3C/svg%3E)
Pattamadai, Sundar
21
Reputation points
commented 2022-10-21T03:52:16.277+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
ChaitanyaNaykodi-MSFT
25,856
Reputation points Microsoft Employee
1 answer
Azure FW Policy Analytics (preview)
We have zero matching flow and hit counts on Firewall Policy Analytics (preview). Traffic is going through FW. All log is going to log analytics created by FW.
asked 2022-10-12T12:53:11.193+00:00
Belan Marek
51
Reputation points
answered 2022-10-17T15:45:52.303+00:00
GitaraniSharma-MSFT
49,486
Reputation points Microsoft Employee
1 answer
PublicNetworkAccessDenied
hello, i want to use Private endpoints in my virtual network to access synapse what i must do? it is give me this error when i try to linked service with source from synapse
asked 2022-09-28T15:51:18.883+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
commented 2022-10-10T23:14:02.073+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 36%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBM%3C/text%3E%3C/svg%3E)
Bhargava-MSFT
30,891
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Azure firewall filtering dns traffic
Hello All , I have applications behind Azure firewall , I only want to resolve fqdn that i have added in Application rule and don't want to connect to other fqdn also even don't resolve them . How can this be achieved . rule's i have : …
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 84%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERD%3C/text%3E%3C/svg%3E)
1 answer
Access Private Endpoints from on-premise with Azure Firewall & S2S VPN
Greetings, Something I thought should be relatively simple, seems to be a bit more of a struggle than first expected. Summary; Hub & Spoke subscriptions setup. Azure Firewall in Hub Subscription. S2S VPN connected against Hub-VNET. …
asked 2022-09-21T13:21:42.747+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 44%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETY%3C/text%3E%3C/svg%3E)
Tarjei Ylvisåker
56
Reputation points
commented 2022-10-07T10:24:28.523+00:00
GitaraniSharma-MSFT
49,486
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
IDPS policy rule not being detected
https://video2.skills-academy.com/en-us/azure/firewall/premium-deploy I found the above documentation. However, it's still not clear to me?
asked 2022-10-06T16:17:11.9+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 75%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELA%3C/text%3E%3C/svg%3E)
Love Arinze
166
Reputation points
accepted 2022-10-06T23:27:20.06+00:00
Love Arinze
166
Reputation points
1 answer
One of the answers was accepted by the question author.
Info about custom routing and UDRs with Azure Firewall and VPN gateway transit in a hub & spoke model
Hi everyone, I have configured an architecture in my lab as follows: From the left in the hub network I deployed an Azure Firewall because all traffic must go through. The hub network on the right is on another Subscription, specifically…
asked 2022-09-30T20:48:27.893+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 16%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDD%3C/text%3E%3C/svg%3E)
Denis Dal Molin
51
Reputation points
accepted 2022-10-06T17:13:49.15+00:00
Denis Dal Molin
51
Reputation points