Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
600 questions
0 answers
Add network rule on Azure firewall policy with Bash scripting
Creating rule collection 'Local-Traffic-policy'. (AzureFirewallPolicyAndRuleCollectionsConflict) Request parameter Firewall Policy FirewallPolicy and Rule Collection NetworkRuleCollections cannot coexist for the Azure Firewall…
asked 2023-02-08T19:33:41.93+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 27%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBA%3C/text%3E%3C/svg%3E)
Bilal Afzaal
0
Reputation points
edited the question 2023-03-05T10:29:18+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 41%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
AnuragSingh-MSFT
21,236
Reputation points
1 answer
Create Network firewall rule with Azure Powershell
Hi, I am trying to create Azure network firewall rule with PowerShell terminal. My all script is right according to Azure Documentation and get this error. I already update Az Module and other updates. kindly help me for these issues. Here I paste error…
asked 2023-02-16T19:03:51.44+00:00
Bilal Afzaal
0
Reputation points
commented 2023-02-28T18:33:49.38+00:00
Bilal Afzaal
0
Reputation points
1 answer
One of the answers was accepted by the question author.
any any allow rule on azure firewall
Hi MS, I have a secured HUB and my firewall has ANY-ANY allow rule. The inbound and outbound traffic is protected via NSGs. So are there any risks of having an ANY ANY allow rule or any best practices I should follow?
asked 2023-02-06T15:31:57.81+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 43%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Samar Masood Khan
20
Reputation points
commented 2023-02-22T05:27:00.5633333+00:00
Samar Masood Khan
20
Reputation points
2 answers
Cannot connect to an external server using a ShrewSoft VPN from an Azure windows machine
I am trying to connect to an external server (IP address x.y.z.0.1) using a ShrewSoft VPN client. But I always get "negotiation timeout occurred". When I try to do the same thing from my personal machine (outside of Azure VM), I am able to set…
asked 2023-02-16T12:26:03.15+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 98%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKS%3C/text%3E%3C/svg%3E)
Kartikey Sharma
0
Reputation points
answered 2023-02-19T09:23:27.2633333+00:00
msrini-MSFT
9,266
Reputation points Microsoft Employee
3 answers
One of the answers was accepted by the question author.
Vnet internal communication after associating an Azure firewall
Please let me know if mu understanding on Azure Firewall is correct or not. This is the scenerio; I have several VM's (web, api, DB) in same Vnet and but in different subnets. No special NSG rules are defined other than the once created by default. …
asked 2023-01-18T08:07:19.5233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 61%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESV%3C/text%3E%3C/svg%3E)
Sachin Vijayan
20
Reputation points
commented 2023-01-23T06:19:55.59+00:00
Sachin Vijayan
20
Reputation points
3 answers
One of the answers was accepted by the question author.
setup single VNet with mutple subnets or multiple peered VNets with one subnet each ?
Need help design our first Azure VNet in our new Azure Subscription. Requirement: We need to setup 4 networks (either VNet or Subnet) - Apps, DB, Web, & Dev. All should be able to talk to each other. No Isolation required. …
asked 2023-01-08T18:21:59.973+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 38%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Raj
76
Reputation points
edited the question 2023-01-17T04:07:04.82+00:00
KapilAnanth-MSFT
39,446
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Azure IP Group - nested groups
Is there a way to add an Azure IP Group to an existing IP Group? Like a nested group. Say groups such as DevIps with members 1.2.3.0/24 TestIps with members 1.2.4.0/24 ProdIps with members 1.2.5.0/24 can be a member of …
asked 2022-12-21T10:27:33.16+00:00
Dushyant Priyadarshee
121
Reputation points
accepted 2022-12-22T17:36:11.08+00:00
Dushyant Priyadarshee
121
Reputation points
3 answers
Subscription Disabled - Unable to delete Azure Firewall
Hi everyone, I have a free visual studio MSDN subscription, with $115/month credit. I deployed Azure Firewall 3 months ago and I now accrued costs over my budget (negative balance). So my subscription is now disabled. Due to my subscription…
asked 2021-06-29T10:59:01.06+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 65%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Ahmed
6
Reputation points
answered 2022-12-21T05:55:06.603+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 10%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERG%3C/text%3E%3C/svg%3E)
Rachel Gomez
166
Reputation points
1 answer
secure vhub to vhub two region connection
I have vnet1 (0.0.0.0/0) pint to AFW1 (1.1.1.1) then connection to vhub1 and vnet2 (0.0.0.0/0) point to AFW2 2.2.2.2 then connection to vhub2.I can reach afw2 from vm1 but can't reach vm2 .Any advice or document that can help pls.
asked 2022-12-05T20:38:24.057+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 97%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEB%3C/text%3E%3C/svg%3E)
Efrem Beyene
1
Reputation point
commented 2022-12-14T04:18:17.863+00:00
KapilAnanth-MSFT
39,446
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
How to RDP Azure VM behind Azure Firewall
Hello, I have a Azure VM which is behind Azure Firewall - After adding a rule under "NAT rule collection" in FW to translate FW IP into Azure VM private IP and then tried RDP to Azure VM using Firewall IP - It worked. I wanted to check if I can…
asked 2021-08-25T07:53:26.75+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 23%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
anil kumar
1,641
Reputation points
commented 2022-12-09T06:43:21.05+00:00
anil kumar
1,641
Reputation points
4 answers
Routing for user internet traffic that goes through the expressroute and consumes azure internet.
Hello, I would like to set up a route that will allow our on-premise company users to be able to access the internet from Azure and not from the On-premise. I would like to direct the outgoing flow to access the internet via the expressRoute,…
asked 2022-07-21T13:33:30.723+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 17%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFS%3C/text%3E%3C/svg%3E)
Fakri SLIMANE
26
Reputation points
answered 2022-11-08T09:14:48.757+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 37%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
parisv
21
Reputation points
1 answer
about routing table configuration
I have some questions about the default route table of Azure VPN gateway. I have a Virtual network(10.0.2.0/24),a ec2 host (10.0.2.4) ,and a Virtual appliance(10.0.0.4). I hope the client of VPN gateway to access the host 10.0.2.4 MUST go…
asked 2022-10-26T06:20:35.647+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 11%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELK%3C/text%3E%3C/svg%3E)
Lary Kos
1
Reputation point
commented 2022-10-27T08:44:53.447+00:00
KapilAnanth-MSFT
39,446
Reputation points Microsoft Employee
3 answers
How to ristric azure app serive admin portal URL to access only from internal network
Hi, we have a website abc.com and accessable publically. How to ristric backend portal access (abc.com/wpadmin or ) URL to access only from internal network. Only the URLs with /admin/ in them need to be restricted to be accessible only from internal…
asked 2022-08-31T14:09:45.367+00:00
Abdulrehman Altaf
226
Reputation points
answered 2022-09-28T07:59:42.463+00:00
Abdulrehman Altaf
226
Reputation points
1 answer
Cannot delete firewall manager, updating
I'm trying to delete a firewall policy that isn't attached to anything, but it just fails each and every time with the message: Failed to delete Firewall Policy 'euw-tst-lab-hub-01-azfp-01'. Error: Firewall Policy euw-tst-lab-hub-01-azfp-01 can not…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 98%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
2 answers
How to import Azure Public IP Range JSON to Azure Firewall
Hello, I downloaded the JSON from the following link: https://www.microsoft.com/en-us/download/details.aspx?id=56519 which includes all the Azure public ip address. How can I import the file to my Azure firewall configuration? Thanks.…
asked 2022-09-07T09:17:46.463+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 23%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
Samuel Cheung
1
Reputation point
commented 2022-09-16T09:35:56.1+00:00
rafalzak
3,216
Reputation points
0 answers
WAF Custom Rule not working
I am trying to block an end point from my WAF using a custom rule. My waf is in preventive mode and I tried creating the custom rule both manually through portal and also using powershell script. Seems it is not blocking the end point. Could you please…
asked 2022-09-07T13:32:51.48+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 57.00000000000001%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
Arun P
1
Reputation point
commented 2022-09-13T23:47:50.853+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
ChaitanyaNaykodi-MSFT
24,231
Reputation points Microsoft Employee
2 answers
Which SCCM server needs access to SQL Server
Hi, I have build and configure new SCCM site but I been ask to lock the port 1433 to only system which needs access to the database. SCCM/WSUS and SQL are install on same server. We do have DP and MP on different servers Do I only need…
asked 2022-08-26T13:31:47.883+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 4%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)
lalajee
1,811
Reputation points
commented 2022-09-02T02:44:11.087+00:00
AllenLiu-MSFT
42,356
Reputation points Microsoft Vendor
1 answer
Related to Redirecting or Rerouting My url
So, I've a Url call it myurl with port 11 with azure Vm. I Want My Users to Enter the Url without Port. Like Hiding My Port or Whatever You from Front End But Calling url:11 from Backend!
asked 2022-08-21T08:42:56.823+00:00
abrahimzaman360
1
Reputation point
commented 2022-08-22T08:37:52.357+00:00
KapilAnanth-MSFT
39,446
Reputation points Microsoft Employee
2 answers
Enable Azure firewall DNS proxy with custom DNS + APIM
Hi MS support, we need to check your recommendation on enabling Azure Firewall DNS proxy where custom DNS is used. We have HUB and Spoke model where APIM is used in spoke connecting to another public cloud provider via Azure Firewall(API calls). As…
asked 2022-07-20T05:33:23.297+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 20%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECN%3C/text%3E%3C/svg%3E)
Chanaka Nissanka
71
Reputation points
commented 2022-07-20T10:48:15.81+00:00
msrini-MSFT
9,266
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Can we downgrade AZ firewall sku premimum to standard ?
Hi MS, I'm well aware this is not possible at this stage and it was already on one of your forums. I would like to confirm that this is still the case ? Any future plans to have this feature available handy ?
asked 2022-07-13T01:48:07.74+00:00
Chanaka Nissanka
71
Reputation points
accepted 2022-07-13T03:35:36.46+00:00
Chanaka Nissanka
71
Reputation points