Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,514 questions
1 answer
One of the answers was accepted by the question author.
Can we directly connect on prem network to firewall in Azure network through tunnel?
Can we directly connect on prem network to firewall in azure network through tunnel? What is the difference between connection through VPN gateway and Firewall forced tunnelling?
asked 2022-07-20T15:28:14.643+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 27%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAI%3C/text%3E%3C/svg%3E)
Arbina Inamdar
61
Reputation points
accepted 2022-07-20T16:35:40.483+00:00
Arbina Inamdar
61
Reputation points
2 answers
Enable Azure firewall DNS proxy with custom DNS + APIM
Hi MS support, we need to check your recommendation on enabling Azure Firewall DNS proxy where custom DNS is used. We have HUB and Spoke model where APIM is used in spoke connecting to another public cloud provider via Azure Firewall(API calls). As…
asked 2022-07-20T05:33:23.297+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 20%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECN%3C/text%3E%3C/svg%3E)
Chanaka Nissanka
71
Reputation points
commented 2022-07-20T10:48:15.81+00:00
msrini-MSFT
9,281
Reputation points Microsoft Employee
1 answer
enable Azure Firewall DNS proxy where APIM is used with custom DNS
Hi MS support, we need to check your recommendation on enabling Azure Firewall DNS proxy where custom DNS is used. We have HUB and Spoke model where APIM is used in spoke connecting to another public cloud provider via Azure Firewall(API calls). As…
asked 2022-07-20T05:30:41.887+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 27%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECN%3C/text%3E%3C/svg%3E)
Chanaka Nissanka
1
Reputation point
answered 2022-07-20T05:53:57.207+00:00
msrini-MSFT
9,281
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
About setting the route table
Pardon my broken English. Please tell me the setting to go through Azure Firewall in the route table. We have confirmed that the operation works well when the address prefix is "0.0.0.0/0" for the Internet. If you specify the subnet…
asked 2022-07-15T08:43:57.197+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 22%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYS%3C/text%3E%3C/svg%3E)
Yui Shimizu
71
Reputation points
commented 2022-07-19T00:46:49.437+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 24%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
Rishabh Mishra
6
Reputation points
2 answers
Inbound rule not working
I have a inbound rule set for an VM instance to be accessed by VMs belonging to a application security group. But the VM is accessible by all VMs in that subnet.
asked 2022-03-22T18:12:56.397+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 19%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Abishek
1
Reputation point
answered 2022-07-16T01:07:09.717+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 28.000000000000004%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
Rishabh mishra
156
Reputation points
1 answer
One of the answers was accepted by the question author.
Deployment of Firewall ends with Provisioning state 'Updating' causing subsequent deployments to timeout and fail
This happens pretty consistently. I only had a few cases when this would work fine. What is causing it? Also when this happens the resource can't be deleted. How can I change the state to something else then Updating?
asked 2022-07-13T14:25:42.667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 74%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDP%3C/text%3E%3C/svg%3E)
Derek Pilat
41
Reputation points
accepted 2022-07-14T12:49:21.583+00:00
Derek Pilat
41
Reputation points
1 answer
One of the answers was accepted by the question author.
Not finding rule ( applicaiton rule option ) under firewall service
Not finding rule ( application rule option ) under firewall service . Please suggest how to get that option. PFA
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 77%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
Can we downgrade AZ firewall sku premimum to standard ?
Hi MS, I'm well aware this is not possible at this stage and it was already on one of your forums. I would like to confirm that this is still the case ? Any future plans to have this feature available handy ?
asked 2022-07-13T01:48:07.74+00:00
Chanaka Nissanka
71
Reputation points
accepted 2022-07-13T03:35:36.46+00:00
Chanaka Nissanka
71
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure Firewall Failing with Internal error code
Hi, While deploying Azure Firewall, deployment is failing( Redeploy as well) with Internal Server Error code. { "status": "Failed", "error": { "code":…
asked 2022-07-05T17:47:45+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 47%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVD%3C/text%3E%3C/svg%3E)
Vinod Dahiya
26
Reputation points
accepted 2022-07-06T18:36:11.28+00:00
Vinod Dahiya
26
Reputation points
1 answer
One of the answers was accepted by the question author.
Registered Servers in SSMS not popping up new firewall rule
Have a specific user that has his public IP address change almost daily, and instead of going in and manually updating his current IP in the firewall (Which is what i currently do) we have made a custom role for him in azure to allow him to write to the…
asked 2022-07-05T17:43:02.757+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 46%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECS%3C/text%3E%3C/svg%3E)
Chris Sparks
21
Reputation points
accepted 2022-07-06T12:45:48.107+00:00
Chris Sparks
21
Reputation points
1 answer
One of the answers was accepted by the question author.
Routig Traffic from Azure Front Door to App-Gateway by Azure FW in Hub-Spoke
Hallo, i am working to build a concept by Hub-Spoke architecture. I am using Azure Front Door as a global service to route incoming requests. A hub and spoke are deployed and they are configure with each other by VPN Gateway to transport traffic…
asked 2022-03-21T14:14:01.347+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 14.000000000000002%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EME%3C/text%3E%3C/svg%3E)
Mohamed Elashkr
21
Reputation points
commented 2022-06-30T16:59:35.257+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 92%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPR%3C/text%3E%3C/svg%3E)
Pardhasaradhi Reddy Vallapareddy
1
Reputation point
1 answer
One of the answers was accepted by the question author.
Azure peering with Firewall
Hi All I have the following: Hub: ----- Hub-Vnet: address space: 10.0.0.0/16 Firewall: subnet: 10.0.1.0/24 RouteTable Spoke1: -------- Spoke1-VNet: address space: 10.1.0.0/16 Subnet1: 10.1.0.0/24 spoke1-vm:…
asked 2022-06-20T17:21:21.41+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 5%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
Jean-Claude Kalunga
21
Reputation points
commented 2022-06-24T11:58:42.77+00:00
GitaraniSharma-MSFT
49,466
Reputation points Microsoft Employee
2 answers
Spoke to onprem connection
Hi All, I just deployed this ARM template from Microsoft. I created a rule on the firewall to allow ping from on-prem VM to the spoke VM as follows: name: allowping protocol: ICMP: Source Addresses:…
asked 2022-06-22T19:06:45.497+00:00
Jean-Claude Kalunga
21
Reputation points
answered 2022-06-22T20:34:49.227+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
1 answer
One of the answers was accepted by the question author.
Best practice and use case scenario of Azure Firewall ?
People, I'd like to know the best-case scenario for deploying and using Azure Firewall in my production Subscription is? From what I can see, the KeyVault and Storage Account already have their own Firewall feature built in, therefore it is only…
asked 2022-06-14T03:19:39.747+00:00
EnterpriseArchitect
5,316
Reputation points
commented 2022-06-22T11:17:45.467+00:00
EnterpriseArchitect
5,316
Reputation points
1 answer
One of the answers was accepted by the question author.
Can I run on WAF policies using version 3.1 of the OWASP rules and another policy using version 3.2?
Hi, Could somebody confirm whether it's possible to have WAF policies running different versions of the OWASP rules i.e. one WAF policy using 3.1 and one using 3.2. The message below is what I get when I set up a new WAF policy and choose version…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 62%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
Azure Firewall outbound through specific public IP
As far as I have read, it's not possible to NAT certain subnets through a specific public IP on the firewall. I.e the firewall will pick the outbound IP randomly. As I'm trying to consolidate our public IPs into an Az Firewall this is a little…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 8%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EO%3C/text%3E%3C/svg%3E)
0 answers
Azure ASAv/FTDv : Is http requests (GET/POST/PUT/DELETE) supported on IPv6 interfaces using rest-api?
Hi, I'm trying to test http requests (GET/POST/PUT/DELETE) on Azure ASAv/FTDv. Below is configured at ASA side and able to access rest-api doc page via IPv4 interface. However, same via IPv6 is not loading up. Am I missing any config here or http…
asked 2022-06-01T06:39:00.13+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 61%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)
Aswin Antony
1
Reputation point
commented 2022-06-07T07:08:21.383+00:00
Aswin Antony
1
Reputation point
1 answer
Accessing Azure Storage Accounts with Selected Network Enabled
As per the requirements, I need to Enable Firewall with Selected Network ON for Azure Storage Accounts. But when I do the same along with adding all required IPs, Azure Function App and Azure Data Factory is going down. Currently the VNET is…
asked 2022-05-26T15:57:59.773+00:00
Mukteswar Patnaik
1
Reputation point
commented 2022-06-07T06:37:43.237+00:00
Mukteswar Patnaik
1
Reputation point
1 answer
One of the answers was accepted by the question author.
Customer peered Vnet with it's own gateway to it's own on-prem needs to transit our Vnet to our on-prem.
Looking for the best solution for this. We are peered with a customer's Vnet. Customer has their own gateway to their own on-prem so them using our gateway isn't an option. How can their Vnet transit our Vnet to our on-prem? Would a PF Sense firewall…
asked 2022-06-02T18:27:44.353+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(140.8, 39%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
RCN Admin
21
Reputation points
commented 2022-06-02T22:35:04.2+00:00
Takahito Iwasa
4,851
Reputation points MVP
1 answer
Azure Fortigate unable to ping jump server which is in same VNET
Hello All, I have encountered one issue ,we have implemented fortigate firewall in Azure.( IP address We login to firewall through Virtual machine(jump server) (10.127.2.6) When I try to ping from fortigate CLI to Jump server I am unable to do so. Both…
asked 2022-05-31T06:57:36.823+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 73%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGT%3C/text%3E%3C/svg%3E)
Ganesh Thorave
31
Reputation points
answered 2022-06-01T21:39:32.313+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
ChaitanyaNaykodi-MSFT
25,841
Reputation points Microsoft Employee