Can we directly connect on prem network to firewall in Azure network through tunnel?
Can we directly connect on prem network to firewall in azure network through tunnel? What is the difference between connection through VPN gateway and Firewall forced tunnelling?
Enable Azure firewall DNS proxy with custom DNS + APIM
Hi MS support, we need to check your recommendation on enabling Azure Firewall DNS proxy where custom DNS is used. We have HUB and Spoke model where APIM is used in spoke connecting to another public cloud provider via Azure Firewall(API calls). As…
enable Azure Firewall DNS proxy where APIM is used with custom DNS
Hi MS support, we need to check your recommendation on enabling Azure Firewall DNS proxy where custom DNS is used. We have HUB and Spoke model where APIM is used in spoke connecting to another public cloud provider via Azure Firewall(API calls). As…
About setting the route table
Pardon my broken English. Please tell me the setting to go through Azure Firewall in the route table. We have confirmed that the operation works well when the address prefix is "0.0.0.0/0" for the Internet. If you specify the subnet…
Inbound rule not working
I have a inbound rule set for an VM instance to be accessed by VMs belonging to a application security group. But the VM is accessible by all VMs in that subnet.
Deployment of Firewall ends with Provisioning state 'Updating' causing subsequent deployments to timeout and fail
This happens pretty consistently. I only had a few cases when this would work fine. What is causing it? Also when this happens the resource can't be deleted. How can I change the state to something else then Updating?
Not finding rule ( applicaiton rule option ) under firewall service
Not finding rule ( application rule option ) under firewall service . Please suggest how to get that option. PFA
Can we downgrade AZ firewall sku premimum to standard ?
Hi MS, I'm well aware this is not possible at this stage and it was already on one of your forums. I would like to confirm that this is still the case ? Any future plans to have this feature available handy ?
Azure Firewall Failing with Internal error code
Hi, While deploying Azure Firewall, deployment is failing( Redeploy as well) with Internal Server Error code. { "status": "Failed", "error": { "code":…
Registered Servers in SSMS not popping up new firewall rule
Have a specific user that has his public IP address change almost daily, and instead of going in and manually updating his current IP in the firewall (Which is what i currently do) we have made a custom role for him in azure to allow him to write to the…
Routig Traffic from Azure Front Door to App-Gateway by Azure FW in Hub-Spoke
Hallo, i am working to build a concept by Hub-Spoke architecture. I am using Azure Front Door as a global service to route incoming requests. A hub and spoke are deployed and they are configure with each other by VPN Gateway to transport traffic…
Azure peering with Firewall
Hi All I have the following: Hub: ----- Hub-Vnet: address space: 10.0.0.0/16 Firewall: subnet: 10.0.1.0/24 RouteTable Spoke1: -------- Spoke1-VNet: address space: 10.1.0.0/16 Subnet1: 10.1.0.0/24 spoke1-vm:…
Spoke to onprem connection
Hi All, I just deployed this ARM template from Microsoft. I created a rule on the firewall to allow ping from on-prem VM to the spoke VM as follows: name: allowping protocol: ICMP: Source Addresses:…
Best practice and use case scenario of Azure Firewall ?
People, I'd like to know the best-case scenario for deploying and using Azure Firewall in my production Subscription is? From what I can see, the KeyVault and Storage Account already have their own Firewall feature built in, therefore it is only…
Can I run on WAF policies using version 3.1 of the OWASP rules and another policy using version 3.2?
Hi, Could somebody confirm whether it's possible to have WAF policies running different versions of the OWASP rules i.e. one WAF policy using 3.1 and one using 3.2. The message below is what I get when I set up a new WAF policy and choose version…
Azure Firewall outbound through specific public IP
As far as I have read, it's not possible to NAT certain subnets through a specific public IP on the firewall. I.e the firewall will pick the outbound IP randomly. As I'm trying to consolidate our public IPs into an Az Firewall this is a little…
Azure ASAv/FTDv : Is http requests (GET/POST/PUT/DELETE) supported on IPv6 interfaces using rest-api?
Hi, I'm trying to test http requests (GET/POST/PUT/DELETE) on Azure ASAv/FTDv. Below is configured at ASA side and able to access rest-api doc page via IPv4 interface. However, same via IPv6 is not loading up. Am I missing any config here or http…
Accessing Azure Storage Accounts with Selected Network Enabled
As per the requirements, I need to Enable Firewall with Selected Network ON for Azure Storage Accounts. But when I do the same along with adding all required IPs, Azure Function App and Azure Data Factory is going down. Currently the VNET is…
Customer peered Vnet with it's own gateway to it's own on-prem needs to transit our Vnet to our on-prem.
Looking for the best solution for this. We are peered with a customer's Vnet. Customer has their own gateway to their own on-prem so them using our gateway isn't an option. How can their Vnet transit our Vnet to our on-prem? Would a PF Sense firewall…
Azure Fortigate unable to ping jump server which is in same VNET
Hello All, I have encountered one issue ,we have implemented fortigate firewall in Azure.( IP address We login to firewall through Virtual machine(jump server) (10.127.2.6) When I try to ping from fortigate CLI to Jump server I am unable to do so. Both…