Share via

Azure firewall restriction - a port must have an unique protocol associated to it

Burgess, Simon 0 Reputation points
2024-08-20T14:17:28.39+00:00

We use azure firewall to monitor all traffic that flows around our hub & spoke azure networks including connections to on-prem services. Some of those on prem services have non standard https ports and we hit a restriction when creating a new firewall rule which I cant find documented anywhere which says

"Firewall Policy Application Rule has a misconfiguration. There are two protocols mapped to the port 9000, a port must have an unique protocol associated to it. Please reassign the port number for the rule"

I have an existing firewall rule which includes port 9000 and protocol 'http'. I'm trying to create a completely unrelated firewall rule for a different on-prem service, in a different rule collection etc which includes port 9000 again coincidentally but for 'https'.

It seems strange to me to have such a restriction like this, is it really correct?

Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
671 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. ChaitanyaNaykodi-MSFT 26,206 Reputation points Microsoft Employee
    2024-08-21T04:28:36.5166667+00:00

    @Burgess, Simon

    Thank you for reaching out.

    This is a limitation by design for Azure Firewall, mapping two protocols (Http and Https) to port 9000 is currently not supported. In order to mitigate this issue, you will have use a different port for either of the protocols.

    Hope this helps! Please let me know if you have any additional questions. Thank you!

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.