Vulnerabilities on application Gateway Treck TCP/IP stack multiple vulnerabilities. (Ripple20)
recently Vulnerabilities on the application Gateway were discovered by a Vulnerability assessment tool. "Treck TCP/IP stack multiple vulnerabilities. (Ripple20)" does Microsoft have any support article or support team on this?
Retrieving Azure Application Logs Older Than 90 Days
What steps can be taken to access Azure application logs that are older than 90 days without altering the existing retention policy?
Application gateway listener error when trying to use key vault certificate using managed identity and RBAC
Hi, I'm trying to setup a listener in application gateway to use a certificate from keyvault using managed identity. But every time whne I choose in portal the managed identity and then select the key vault from the dropdown menu I get this error: …
How can a storage account blob be created as a custom error page on an Application Gateway Listener if the customer does not want the blob to be publicly accessible?
I am currently working with a customer that wants to use the Storage Account Blob as a custom error page on a Listener in Application Gateway. The customer does not want the blob publicly accessible. How can listener gain access to the blob?
Azure support for TLS 1.0 and TLS 1.1 will end by 31 October 2024
I have an Azure App Gateway that requires TLS 1.0 to be enabled for legacy applications, will client apps be able to connect to the App Gateway after 10/31/24? Does this scenario apply to Azure web apps, where the legacy client is connecting with TLS…
Hello, working on exposing am internal load balancer through an app gw v2. My listener continues to default to the wrong certificate, so when I open the host name on the browser it depicts the wrong certificate.
-Double check settings as in hostname, correct wildcard attached to our listener. -Error: The Common Name of the leaf certificate presented by the backend server does not match the Probe or Backend Setting hostname of the application gateway. -When…
Application gateway with a custom domain name
I have checked this https://stackoverflow.com/questions/37752482/custom-domain-for-azure-application-gateway. I just want to know if it is still not supported to create an application gateway with a custom domain. Is creating a CName is the only way?
Application gateway stop and start ends up with an error.
Hi, i stopped the application gateway via cloud shell it works fine but when start again it takes longer time and when again tried to start it shows an error. PS /home/kaushal> Start-AzApplicationGateway -ApplicationGateway $appGateway …
"502 Bad Gateway" on Application Gateway when "Override with new host name" is disabled, redirect issues when enabled
Hello, I am creating an Application Gateway to forward traffic to an Azure App Service with the domain: aladwaa360.azurewebsites.net. However, I’m facing two issues with the host name override feature: 502 Bad Gateway with host name override disabled:…
Local Error: DNSResolution in application gateway when backend is an internal container app
I want to use Azure Application Gateway to protect an internal container app in same vnet, but the situation is quite confusing. Here are the specific configurations: Azure internal container app in vnet test-vnet, ingress restricted to vnet, listening…
Can't see VMSS from Application gateway in different resource group
How can I make my Application Gateway from one resource group communicate with the Virtual machine scale set of another resource group in the same subscription? I have established Network Peering between the two virtual networks, but the Backend pools of…
How will end of TLS 1.0/1.1 support affect Application Gateway to Backend Communication?
This question is related to the EOL of TLS 1.0 and 1.1 support per the following announcement https://zcusa.951200.xyz/en-us/lifecycle/announcements/tls-support-ending-10-31-2024 Basically we have a web server behind and Application Gateway running on…
How does Azure AppGateway connection draining work with cookie-based affinity?
We are looking to deploy an Azure scale set in combination with an AppGateway to take advantage of the scale in/out capabilities for our application VM's. The application does require session affinity so we would enable the cookie-based load balancing…
How to remove WAF policy safely.We have an AKAMAI device before the App GW and do not need WAF capability anymore.What is the safest way to do so.
How to remove WAF policy safely or disassociate WAF policy . We have an AKAMAI device before the App GW in our environment hence we do not need WAF capability anymore. What is the safest way to do so. Also can I do it via portal and if I am doing it via…
403 Forbidden Error When Accessing Specific URL via Custom Domain on Azure App Gateway
I am currently facing an issue with an Azure application gateway setup and would greatly appreciate any insights or suggestions. Issue Description: I have set up an application gateway to manage traffic for an Azure App Service, and we have associated a…
I am getting request such as "~^.*\.mywebsite\.com$" on my azure application gateway. This causes "ERRORINFO_REQUEST_URI_INVALID" error. How do i prevent invalid requests at the Azure WAF2 level?
Recently, we are getting a lot of requests such as "~^.*.mywebsite.com$" and it gets logged in the Application Gateway as "ERRORINFO_REQUEST_URI_INVALID". We would like to prevent such wildcard requests at the Web Application…
Roadmap for Private Application Gateway Preview of Network Isolation feature to be Generally Available
Hi, folks! Is there an estimated timeline for the Network Isolation feature of Application Gateway v2 to be made Generally Available? Not sure if such a thing exists, but my search-fu may not be strong enough. Thank you for your time and help!
Facing Issue while creating Tcp Backend setting through Azure CLI.
Dear Team, I am encountering an issue while attempting to create a TCP listener in the Azure Application Gateway using the Azure CLI. According to the Azure documentation, TCP listener creation is supported; however, I am receiving an error message…
Authentication with mTLS - force the browser to ask for a certifacte again after one failed attempt
We are using Application Gatway (appgw) with mTLS which requires a valid client certificate. On the users end there is a smartcard with the valid certifacte and a browser (mostly Edge). The user needs to authenticate him/herself with it. We use Keycloak…
going with the application gateway in fornt of azure firewall does it lose the benefit of l7 load balancing
I have an Azure firewall in a hub and spoke architecture, and one of the spokes contains my web servers, for HTTPS filtering I have an application gateway with the WAF feature and l7 load balancing. I have a requirement to keep centralized security…