Is there a need to configure any port on Firewall for Azure Arc inbound connectivity?
I want to know whether AzureArc extensions like AMA, WAC, ESU, HybridWorker etc need any inbound ports to be opened on Firewall? The outbound connectivity is public via the internet. Nothing configured for Inbound specifically. A lot of these extensions…
Need to find Top talkers from Azure Firewall network Logs
I want a KQL query and configuration settings which can give me Azure firewall network rule logs with column having details for SentBytes and received bytes details for each packet.
Unable to bypass network traffic through firewall, if private link is configured for storage account.
I have a firewall configured in subnet x in my vnet. I also have an aks cluster launched in the same vnet, within subnet y. I have configured a private endpoint for a storage account, and am trying to access the same from my aks subnet, which is…
Trying to open ldap port on azure fw but it just plain wont open
Hi everyone, please excuse my lack of knowledge here as I am trying to learn as I go. I have a Synology NAS device at my office that I would like to connect with my Azure Ad so that I can pass authentication for sharing permissions to the NAS. I am…
Site to Site VPN Connection
I have configured site to site VPN as per the Microsoft documentation. We have created: Vnet Vnet Gateway Local network gateway Connection We have configured with all the client's requirement. We are seeing connection status: Unknown We have also created…
Azure Firewall Migration to vWAN Hub
I have a question regarding migrating/replacing Azure Firewall (in this case standard Firewall) in a hub-and-spoke network, and replacing with a Azure secured VWAN hub. I have looked at the following migration guide which includes secured WAN:…
Azure Firewall DNS Proxy & DNS Private Resolver
I am trying to achieve a setup where I have the following main components. Hub vnet 10.0.0.0/23 This has a VPN connection to on-premises This has a Azure Firewall Shared services vnet 10.0.3.0/24 This has DNS Private Resolver With inbound and…
How to create a Routing table between my Azure firewall to Azure SD-WAN Vmx
Hello we have a Vnet name Vnet-SD-WAN and Below are subnets in Vnet 10.170.0.0/22 and Sd-wan Vmx subnet - 10.170.1.0/28 Azurefirewall subnet -10.170.3.0/26 Azure Application gateway : 10.170.3.64/26 Network flow in below way …
Azure firewall logging traffic in a hub-and-spoke network
Hi, A similar sort of setup and query to this thread here, however I have a more specific question: https://learn.microsoft.com/en-us/answers/questions/1322184/azure-firewall-traffic-logging-for-route-based-vpn We have Azure Firewall logging all traffic…
How to Setup Azure OpenAI for Databricks running into error Error code: 403 - {'error': {'code': '403', 'message': 'Access denied due to Virtual Network/Firewall rules.'}}
After creating a new resource for Azure OpenAI service , We ran into this error not able to access OpenAI via api_key and endpoint (private) due to the error message indicates that access is denied due to Virtual Network/Firewall rules. How can we…
How do I configure an inbound NAT rule in Azure Firewall to point at an Azure Container App?
The instructions to filter inbound traffic uses a Virtual Machine with a private IP address. If I set up a Container Apps Environment with a subnet and a Container App with VNet only ingress, the Container App replica doesn't have a private IP available.…
Azure Firewall - Denied DNAT Traffic
Hi, I have structured logs enabled on our Azure firewall which is logging everything minus the fat and full flow logs. Is there a way to see all IP addresses trying to connect to our public IPs on the firewall which are members of DNAT rules? We are…
Azure Firewall rule limits
Hello, In our environment it is expected to reach the rule limits (20,000 unique source/destinations in network rules) and i know if i exceeded the limits this might impact my performance. Now i need to know what my options will be if i need more rules…
How to block Outbound internet access for Azure VM
Hello, I have created a VM and added UDR route table for the VM subnet to route traffic to Azure Firewall appliance and created a Network rule on Azure firewall to block Internet access. But still I can see VM has internet access.
Azure routing to Palo Alto CNGFWs
Having issues where our Panorama instance in UK South is not able to reach our Palo Alto Cloud Next Gen Firewalls in UK West. Not sure why the devices are not able to communicate, any help?
How to replace Route Tables by using Azure Route Server?
How do I setup Azure Route Server to replace Route Tables that route traffic to an Azure Firewall instance? We have a hybrid setup and our on-premise location is connected to our Azure environment via Express Route. We have an Azure Network Gateway (type…
Does Azure Firewall support BGP?
Does Azure Firewall support BGP? I am looking into Azure Route Server to replace the route tables which we now deploy with each (spoke) vnet. I read an article stating that Azure Firewall does not support BGP, so using ARS in combination with AFW would…
Azure Firewall change public IP
Recently Azure have made their public IP addresses zone redundant by default: https://azure.microsoft.com/en-us/blog/azure-public-ips-are-now-zone-redundant-by-default/ With basic public IP addresses being retired next year I need to remove mine from as…
My network rule that specifically allows access to public SQL MAnaged Instance URL does not appear to work
I have two virtual hosts in my Azure V-NET. The subnet they are are in is connected to a route table that sends 0.0.0.0/0 to the internal IP Address of my Azure Firewall. From these virtual hosts which send traffic through the Azure Firewall I can reach…
When I send traffic to the firewall, my host cannot reach any powerapps
I have virtual hosts in Azure Commercial West US 2 region and Powerapps running in the Azure GCC environment. All Powerapps run just fine when I do not send any traffic (0.0.0.0/0) through the Azure Firewall. However as soon as I send traffic through…