Azure Firewall Policy cannot be deleted, because it is in Provisioning state Updating
Hi, I already deleted all dependent resources (firewall, ipgroups, etc.) so the firewall policy is the only resource in my resource group. It is in Provisioning state "updating" for 3 days and noting happens. Is there a way to force the…
High number false positives with AFW and wordpress
Hi, We are having false positives with wordpress and it is impossible to avoid them with exclusion rules or custom rules because there are many false positives and each one is one different rule and the people connect from different ip address…
Azure Firewall inbound SSL inspection
Hi, would like to confirm if Azure Firewall Premium supports inbound SSL inspection, if not, any idea on preview/GA timeline?
Updating Azure firewall failed
I am trying to add a rule to the azure firewall policy rule collection, but the pipeline is failing with the error The code is written in Terraform with version 1.2.7 and AzureRm with version 2.98. waiting Firewall Policy Rule Collection Group…
Ability to add port ranges to DNAT rule
Hi, Is it possible to add a range of ports to a DNAT rule with Azure firewall? We currently have a machine that required a large range of UDP ports to be open, and adding individual rules for each port will be rather unmanageable. Thanks
Azure Firewall - TLS Inspection expection list
In Azure Firewall, is it possible to create an exception list to avoid TLS inspection on specific websites?
Azure Firewall Routes in a Virtual WAN secured hub
Hi, I deployed the following architecture in Azure: I want to reach from vNIC1 (10.25.14) to vNIC2 (10.26.1.4). I see that the routing from vNIC1 goes to Azure FW, the question is where can I see the routing from Azure FW to vNIC2? As…
firewall logs are not working. I can't make any query
does anyone know what could be the reason why I cannot execute any query? Thank you
DMZ Environment in Azure
Hi, Can anybody suggest to me how do I configure DMZ environment in Azure? This is the architecture - ![78746-image.png][1] [1]: /api/attachments/78746-image.png?platform=QnA I need to know how do I configure the gateways in order to communicate in the…
Internal Web servers access from Internet
Hello, I deploy an architecture on Azure. I have a spoke vnet for DMZ where I have currently 2 Web servers (application1.company.com, application2.company.com). The spoke DMZ communicate, via a vnet peering, with our Hub where I deployed a firewall…
Databricks error: Failed to download bootstrap script from artifact storage
Azure Firewall: Hub & Spoke architecture Databricks: 7.4 runtime Azure region: West Us2 I followed this data-exfiltration-protection-with-azure-databricks.html detailed walkthrough guide to setup protect data exfiltration with Azure…
Security in PaaS services
Hello, I wanted to know a basic yet undiscovered topic related to the security of Azure PaaS services. We all know that PaaS services like Storage Account have a so-called "firewall" feature built into the service. My question is are…
Azure Microsoft IP Import into Baraccuda-Azure IP Ranges and Service Tags - Public Cloud
I am trying to automatically upload these IPs into my Baracuda firewall but all instructions online are not providing workable solutions. any ideas
Client SSL Certificate Passthrough to server in Azure Firewall premium?
Hello, We are moving some web services that run on IIS and have SSL Setting to 'Require' Client certificate. The callers of our service provide a ssl client certificate and that must be passed through by the loadbalancer to the backend server/VM. …
Azure FW Policy Analytics (preview)
We have zero matching flow and hit counts on Firewall Policy Analytics (preview). Traffic is going through FW. All log is going to log analytics created by FW.
PublicNetworkAccessDenied
hello, i want to use Private endpoints in my virtual network to access synapse what i must do? it is give me this error when i try to linked service with source from synapse
Azure firewall filtering dns traffic
Hello All , I have applications behind Azure firewall , I only want to resolve fqdn that i have added in Application rule and don't want to connect to other fqdn also even don't resolve them . How can this be achieved . rule's i have : …
Access Private Endpoints from on-premise with Azure Firewall & S2S VPN
Greetings, Something I thought should be relatively simple, seems to be a bit more of a struggle than first expected. Summary; Hub & Spoke subscriptions setup. Azure Firewall in Hub Subscription. S2S VPN connected against Hub-VNET. …
IDPS policy rule not being detected
https://video2.skills-academy.com/en-us/azure/firewall/premium-deploy I found the above documentation. However, it's still not clear to me?
Info about custom routing and UDRs with Azure Firewall and VPN gateway transit in a hub & spoke model
Hi everyone, I have configured an architecture in my lab as follows: From the left in the hub network I deployed an Azure Firewall because all traffic must go through. The hub network on the right is on another Subscription, specifically…