ASE v3 questions
Hi everyone, I need to create an Azure infrastructure to host our web apps in a secure way using ASE v3. The ASE v3 will contain more than 5 app services all with a custom domains (multi-site situatioin: for example site1.domain, site2.domain,…
Firewall traffic
Hi all, I have a simple environment, 2 subscriptions which are peered together, one subscription has a S2S connection to on-premise. I would like to introduce an Azure firewall and would like to know if the following is possible. Only traffic between…
Azure firewall not work as expected
Hi, I have an strange issue with az firewall. We have deployed it in a hub an spoke arquitecture. We have configured different route tables that forze the traffic between different vnets and subnets thought it. To deploy different rules we have been…
Azure FW with VM NIC shows no internet access
Hello Experts, So I have a small lab environment with a hub (Azure FW) and two Spokes (with VMs). I'm redirecting all traffic 0.0.0.0/0 via the firewall using UDRs. However, I have noticed that the VMs NIC (in the spokes vnet) in this set up…
![](https://techprofile.blob.core.windows.net/images/yKB9jaK8cUe8hCbN1HJcwQ.png?8D8475)
What is a SNAT port of a Azure FW?
Hi, Just need to clear a doubt. What is the SNAT port of an azure FW, for which the SNAT port utilization metrics of the FW gets generated? Is it a single port or any port from 0-65,535? Is there way to engage only one SNAT port for outbound traffic…
how to monitor Azure firewall health
What are the best ways we can monitor azure firewall health? Is there any specific metrics/logs using which we can do that? Can you plz provide some use cases or log query?
How to run a script with multiple commands in linux VM
I have an azure Linux VM which is behind a firewall and I want to generate outbound traffics automatically by running a script, so it will generate SNAT port utilization metrics of the Firewall. Is it possible in Azure and how?
Enabling WAF in Firewall
How to enable WAF feature in Azure Firewall?
How to generate inbound/outbound threat intel attack for Azure FW
I know if i have NAT rule associated with my Azure FW, it generates some inbound brute force threat intel alerts, but if I want to create threat intel alert from my system deliberately as part of security testing, so it can generate inbound/outbound…
Connect to AzureVM that is accessible only from VNET using Public DNS
Hi. I want to have a setup with multiple peered VNets and VPN Gateway for clients to join these networks. Right now we have a VM protected with a firewall by IP, but I want to have access only from VNet. When I do that I lose the ability to use the…
Regarding Network Insights & Metrics for Azure
Hi, I am trying to get the information regarding the Network Insights & Metrics for Azure. How to query the cloud environment for key network health & governance data points for the below points? a. Azure NSGs or Azure Firewall without a…
![](https://techprofile.blob.core.windows.net/images/dD2P7vFmX0-Jossk0WLwZg.png?8D895D)
How to retrieve Azure FW & NSG info based on there tags?
1) How to retrieve Azure FW & NSG info based on there tags? I have a FW that have a tag (name = test), so I tried this query but its returning all the firewalls and not the filtered list Get-AzFirewall | Where-Object Tags -eq $name | Select-Object…
Azure Firewall and NSG configuration?
Hi People, I've got 40+ VMs in Azure Resource group located in different regions. I wanted to allow only 10 VMs to access the internet and the rest is just Corporate Intranet only (via Express Route to my OnPremise network). Should I deploy one…
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
Is it possible to add a private ip to Azure firewall if it is not getting created automatically
Hi, We are trying to provision Azure FW from external kubernetes cluster through Infrastructure as code service. However after provisioning, the FW is getting created but its private ip is not getting generated. Is there a way to add a private ip to…
Regarding Azure Rest Api functionalties
Hi, Can we do the following operations through Azure Rest Api call? Vnet peering Create log analytics workspace and add it to a FW/NSG Create storage account & add it to a FW/NSG?
![](https://techprofile.blob.core.windows.net/images/Nd_pi7-IHkuDC3BVgl0RFQ.png?8D81F2)
How to visualize azure firewall metrics in log analytics workspace
Earlier there was a "view designer" section inside log analytics workspace, where importing a .omsview file, we can create visualization of azure firewall metrics, like in bar chart or pie chart etc. Now I dont see this view designer tab. In…
![](https://techprofile.blob.core.windows.net/images/Nd_pi7-IHkuDC3BVgl0RFQ.png?8D81F2)
Unable to retrieve azure firewall log from portal
Hi, I was trying to generate log for azure threat intelligence but I am facing an issue. I am inside the azure FW -> Logs and clicked on "run" for Threat Intelligence rule log data. However its showing, the below error message, …
Stackpath IP block whitelist
I am just testing Azure, and trying to use it with Stackpath - whitelisting their IP's throws up hundreds of errors, e.g. "The subnet 81.171.61.0/24 overlaps the subnet 81.171.61.0/24" The IP Blocks is from their site…
Need valid business use cases/scenarios to test Azure firewall & NSG rules
Hi, I am exploring Azure firewall & NSGs and looking for some FW (NAT/Network/Application) & NSG (inbound & outbound) rules that are used in real business, which I can use in my testing and also can expect related logs on these. Can you…
paymant a subscription
How can i pay if i cant wrote here anything http://joxi.ru/823DdQ7T8DgXZA? why i cant paymant a subscription?
![](https://techprofile.blob.core.windows.net/images/dD2P7vFmX0-Jossk0WLwZg.png?8D895D)