Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
671 questions
1 answer
One of the answers was accepted by the question author.
On-premises expressroute BGP is advertising 0.0.0.0/0 and using Azure Firewall to control traffic (including internet)
hi My environment is an on-premises expressroute BGP is advertising 0.0.0.0/0. I want to use Azure Firewall to control all traffic (including internet). See and discuss the architecture picture attached below. My guess is that we need to send the route…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 99%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
Azure Hub Network with NVA and azure firewall and routing between VPN and Express route gateway through firewalls
Hi Team, I have attached the network diagram, Here is set up. There is HUB and Spoke topology with NVA. All traffic between on-premise and azure spoke is passing through NVA Third party location is connected through SDWAN VM over internet. SDWAN VM is…
asked 2024-08-20T21:58:14.7633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 67%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESR%3C/text%3E%3C/svg%3E)
Siddhesh Rane
61
Reputation points
commented 2024-09-24T19:24:27.5933333+00:00
Siddhesh Rane
61
Reputation points
1 answer
One of the answers was accepted by the question author.
Hub and two Spoke vnets with AFW in Hub and traffic from Expressroute
Hello, I have got problem with not going traffic via Azure Firewall from ExpressRoute to one of two spoke vnets(I don't see any traffic on Firewall logs but I can see traffic with tcpdump on VM in spoke). Traffic to on-prem via ExpressRoute works fine…
asked 2024-09-18T08:55:52.09+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 15%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Sepski, Krzysztof Antoni
20
Reputation points
accepted 2024-09-24T05:57:34.8333333+00:00
Sepski, Krzysztof Antoni
20
Reputation points
1 answer
going with the application gateway in fornt of azure firewall does it lose the benefit of l7 load balancing
I have an Azure firewall in a hub and spoke architecture, and one of the spokes contains my web servers, for HTTPS filtering I have an application gateway with the WAF feature and l7 load balancing. I have a requirement to keep centralized security…
asked 2024-09-23T06:26:52.93+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 85%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMN%3C/text%3E%3C/svg%3E)
Mohammad Nemer
0
Reputation points
answered 2024-09-23T10:20:18.8833333+00:00
KapilAnanth-MSFT
46,096
Reputation points Microsoft Employee
1 answer
VNETs in different subscriptions not communicating with Azure Firewall
Having a head scratcher. Layout: Subscription 1: Includes: VNET A, VPN Gateway to Data Center, Firewall with Policy. Subscription 2: Includes: VNET B, computer Resources Spinning up a VM in VNET A I can communicate out and to the Data Center through the…
asked 2024-08-27T18:06:54.3866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 94%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Mathew Miller
0
Reputation points
edited the question 2024-09-17T17:26:08.51+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 76%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
VarunTha
9,020
Reputation points Microsoft Vendor
1 answer
Azure Firewall has started NATing random traffic flows between VMs
Our monitoring system found a web site not responding last Saturday morning (24th August). Logs showed that it could no longer talk to its database. The web site is running on a VM -- VM1. The SQL Server is on VM2. They are on different subnets of the…
asked 2024-09-03T10:06:08.6933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 1%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDS%3C/text%3E%3C/svg%3E)
Duncan Sinclair
0
Reputation points
commented 2024-09-13T04:29:03.9766667+00:00
KapilAnanth-MSFT
46,096
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
ICMP Timestamp Request Remote Date Disclosure Details - The remote host answers to an ICMP timestamp request.
how to resolve this or do we have any information if we can restrict on firewall
asked 2024-07-24T14:17:37.48+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 48%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Shaweta Bhardwaj
30
Reputation points Microsoft Employee
commented 2024-09-12T10:56:11.56+00:00
KapilAnanth-MSFT
46,096
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Azure firewall - Firewall policy under "Policy" section is not showing any "Parent policy".
As a test, we have deployed Azure Firewall in a region. When I access the firewall, it has 2 Firewall policy (1- Policy and 2- Base Policy). My understanding is that Base Policy is considered as a Parent policy and just Policy is considered as a child…
asked 2024-09-03T19:20:27.7133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 89%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Rakesh Singh
205
Reputation points
accepted 2024-09-11T16:10:38.4533333+00:00
Rakesh Singh
205
Reputation points
0 answers
Using Azure Private Resolver with Firewall DNS proxy
Hi, I am currently looking at implementing Azure DNS private resolver (inbound and outbound endpoint subnets) within a hub-and-spoke network with the ultimate goal of resolving DNS to/from an on premise site located down a VPN connection and the spokes…
asked 2024-09-10T10:39:50.1433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 94%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEV%3C/text%3E%3C/svg%3E)
Eddie Vincent
20
Reputation points
commented 2024-09-11T00:14:25.4333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
ChaitanyaNaykodi-MSFT
26,206
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
What are differences between Firewall DNS Proxy and DNS Private Resolver?
I am unsure which to choose Azure Firewall DNS Proxy and DNS Private Resolver as a DNS forwarder. I'd like to know the main differences and practical situations for each.
asked 2023-05-17T13:49:53.06+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 31%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
ks
35
Reputation points
commented 2024-09-10T11:19:15.5833333+00:00
Eddie Vincent
20
Reputation points
1 answer
One of the answers was accepted by the question author.
PORT 22 BLOCKED
Hello, since 6-9-24 i cant connect an sftp site from my windows azure windows 2016 server anymore. it is using port 22 and it always worked fine using filezilla. i disabled the firewall on the windows vm but that didnt help. what to do?
asked 2024-09-06T10:31:10.1833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 64%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHC%3C/text%3E%3C/svg%3E)
HODIJ COATINGS BV
20
Reputation points
accepted 2024-09-09T07:16:01.81+00:00
HODIJ COATINGS BV
20
Reputation points
1 answer
Problem with connecting Azure Files from container when using Azure Firewall
Hello, I have a problem with Azure container and a firewall. This container needs to access Internet, Azure Files (SMB) and Azure SQL database. If I start the container without any firewall configuration, it works without problems (except I cannot access…
asked 2024-08-27T09:49:57.5333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 19%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKV%3C/text%3E%3C/svg%3E)
Kiili Ville-Matti
0
Reputation points
commented 2024-09-09T06:17:12.81+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 64%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENR%3C/text%3E%3C/svg%3E)
Nehruji R
7,811
Reputation points Microsoft Vendor
1 answer
Deployment of Firewall ends with Provisioning state 'Failed'
I am having a hub/spoke network architecture. Whenever I tried provisioning Azure Firewall, it will go into a Failed state. And it seems like the only way to resolve this is to add a route table to it and configure a 0.0.0.0/0 route to the Internet. My…
asked 2024-08-28T09:28:54.6033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 18%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYS%3C/text%3E%3C/svg%3E)
Yen Sheng
0
Reputation points
commented 2024-09-09T01:39:39.55+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 17%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
Rohith Vinnakota
680
Reputation points Microsoft Vendor
1 answer
how do i find in azure firewall who has deleted a specific firewall rule
Please help - how do i find in azure firewall who has deleted a specific firewall rule Thank you
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
671 questions
Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
1,020 questions
asked 2024-09-01T13:19:20.7066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 12%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Arulkumar Kasilingam
0
Reputation points
commented 2024-09-05T15:05:36.1666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 1%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
Patchfox
3,926
Reputation points
7 answers
When to use Azure WAF or Azure Firewall ?
Hi Folks, Can anyone here please share some thoughts and comments of when to use Azure WAF or Azure Firewall? I have already existing Azure ExpressRoute so my Azure VMs can ping my OnPremise servers, and vice versa. My purpose here is to be able to…
asked 2020-11-15T13:17:27.597+00:00
EnterpriseArchitect
5,406
Reputation points
commented 2024-09-05T02:47:57.56+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 79%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Matthew McKenzie
0
Reputation points
1 answer
Azure Firewall Policy Analytics
hello, Why on firewall policy analytics we cannot see any denied action? Is the default deny policy on azure firewall is not captured?
asked 2024-08-21T02:01:12.9533333+00:00
Handian Sudianto
4,981
Reputation points
edited an answer 2024-09-04T19:45:54.1566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 71%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Ganesh Patapati
960
Reputation points Microsoft Vendor
1 answer
Changes coming to the Azure Update Delivery service tag
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/changes-coming-to-the-azure-update-delivery-service-tag/ba-p/4156552 We recommend switching from using service tags (like AzureUpdateDelivery and AzureFrontDoor.FirstParty) to application…
asked 2024-09-04T04:35:55.5366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 22%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETT%3C/text%3E%3C/svg%3E)
t-tateno
0
Reputation points
answered 2024-09-04T11:18:34.17+00:00
KapilAnanth-MSFT
46,096
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Azure Firewall and Inbound Filtering documentation
Hi! I have a question about the Azure Firewall documentation and the Knowledge Check section. The documentation (although it does not explicitly say otherwise) focuses on the fact that the Azure Firewall service is not suitable for filtering inbound…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
671 questions
Azure Training
Azure Training
Azure: A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.Training: Instruction to develop new skills.
1,679 questions
asked 2024-09-01T00:17:04.18+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 54%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAL%3C/text%3E%3C/svg%3E)
Adriano López
20
Reputation points
accepted 2024-09-01T20:19:52.9133333+00:00
Adriano López
20
Reputation points
1 answer
Internet Access Issue on macOS with Azure Virtual WAN Point-to-Site VPN whilst working for Windows
We are experiencing an issue with internet connectivity when using the Azure VPN client on macOS to connect to a Virtual WAN Point-to-Site (P2S) VPN gateway. Issue Details: Environment: Virtual WAN with Point-to-Site VPN gateway configured for forced…
asked 2024-08-29T10:19:25.57+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 72%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMK%3C/text%3E%3C/svg%3E)
MURALI KIRSHNA
0
Reputation points
answered 2024-08-29T22:09:03.6666667+00:00
ChaitanyaNaykodi-MSFT
26,206
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Subnet association to firewall
All of my Azure VM use one subnet, and if this subnet associated to the azure firewall can i exclude some VMs to not use the firewall?
asked 2024-08-28T09:14:49.0566667+00:00
Handian Sudianto
4,981
Reputation points
commented 2024-08-29T03:55:34.6966667+00:00
KapilAnanth-MSFT
46,096
Reputation points Microsoft Employee