Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
1 answer
Azure Firewall I see the
Azure Firewall reports the following problems: Failed to resolve FQDN microsoftmetrics.com. Error lookup microsoftmetrics.com on 127.0.0.53:53: no such host; DNS resolution returned no IPs. It comes from AzureFirewallSubnet subnet. So seems that Azure…
Azure Firewall
asked 2024-02-26T10:49:53.0733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 9%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMF%3C/text%3E%3C/svg%3E)
Mariusz Ferdyn
5
Reputation points
answered 2025-07-02T13:56:33.3433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 49%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGD%3C/text%3E%3C/svg%3E)
Gyan Deep Kumar
0
Reputation points
1 answer
One of the answers was accepted by the question author.
"Retirement: Default outbound access for VMs in Azure will be retired" - applies to managed vms?
It's not clear to me in the announcement and docs whether this will apply to managed vms such as those underlying resources such as Azure Firewall, Azure Database for Postgres, CosmosDB, Vnet Gateways Our "Virtual Machine" and VMSS resources…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 16%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENG%3C/text%3E%3C/svg%3E)
2 answers
Deleted Azure Cloud PA are still showing in Palo Alto portal
I removed 3x Cloud PA from Azure however they are still showing in the PA support portal. I contacted PA support and they stated that because they were created with the Pay as you go Azure method they must be removed from the Azure side. I do not see…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-06-23T19:14:04.11+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 82%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEM%3C/text%3E%3C/svg%3E)
Eric Mortimer
0
Reputation points
commented 2025-06-24T19:36:22.8633333+00:00
Eric Mortimer
0
Reputation points
3 answers
Intermittent Passive FTP connection via Azure Firewall
Hi I've set up an FTP server on a Windows 2022 vm on vnet4. The VM has a number of private addresses as it's used for HTTPS and FTP. It also currently has an unused public IP. I have an Azure firewall on vnet3. The firewall policy has DNAT rules…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-06-19T08:19:04.9533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 43%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Simon Bennetts
66
Reputation points
edited an answer 2025-06-20T14:51:13.2566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 71%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Ganesh Patapati
6,915
Reputation points Microsoft External Staff
Moderator
2 answers
One of the answers was accepted by the question author.
Azure Firewall Classic Rules - rule processing order
What is the rule processing logic for Azure Firewall when using classic rules (i.e., without a policy)? I have three rule collections configured, and I assume the processing logic follows the same order as with the policy-based approach—where…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-06-16T10:53:07.4+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 4%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPS%3C/text%3E%3C/svg%3E)
Peter Stieber
140
Reputation points
accepted 2025-06-19T06:18:17.02+00:00
Peter Stieber
140
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure Firewall - application rules
Documentation says that application rules aren't applied for inbound connections. So, if you want to filter inbound HTTP/S traffic, you should use Web Application Firewall (WAF). For more information, see What is Azure Web Application Firewall? So…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-06-18T07:29:48.06+00:00
Peter Stieber
140
Reputation points
accepted 2025-06-19T06:17:44.4866667+00:00
Peter Stieber
140
Reputation points
2 answers
One of the answers was accepted by the question author.
Azure Firewall DNAT
Is it possible to create a DNAT rule on Azure Firewall to translate traffic from the firewall's private IP address to another destination, such as a VM in a different VNet? Or are DNAT rules only applicable when using the firewall's public IP address?
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-06-18T06:51:00.05+00:00
Peter Stieber
140
Reputation points
commented 2025-06-18T13:50:48.9966667+00:00
Alex Burlachenko
10,085
Reputation points
1 answer
Azure Firewall - NAT inherited policy
Here the documentation says that NAT rules are not inherited from parent policy Link - https://learn.microsoft.com/en-us/azure/firewall-manager/policy-overview#hierarchical-policies however this example says NAT rules are applied from parent…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-06-18T06:31:05.6566667+00:00
Peter Stieber
140
Reputation points
answered 2025-06-18T07:21:59.9066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 36%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
G Sree Vidya
2,360
Reputation points Microsoft External Staff
Moderator
1 answer
Firewall and Workload Subnet NSG
Issue: Unable to reach the internet when using specific NSG destination rules, despite routing through Azure Firewall. Setup Overview: Azure Firewall is deployed in a dedicated AzureFirewallSubnet within a VNet. The workload subnet has a User Defined…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-06-12T21:49:38.74+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 71%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGV%3C/text%3E%3C/svg%3E)
Gupta, Varun
25
Reputation points
commented 2025-06-18T02:55:07.36+00:00
G Sree Vidya
2,360
Reputation points Microsoft External Staff
Moderator
1 answer
One of the answers was accepted by the question author.
Routing internal and external traffic through Firewall
Hi experts! I want to know that if we have added a route table for redirecting traffic to pass through the firewall and then to the AVDs like this: Address prefix - 0.0.0.0/0 Next hop - Firewall Private IP then is this includes both Internal as well as…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 56.00000000000001%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
1 answer
Azure Firewall - Default vs Custom rule collection group
If I configure a custom rule collection group with the same priority as the defaultNetworkRuleCollection, what is the processing logic? Which one gets evaluated first?
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-06-12T13:06:59.6033333+00:00
Peter Stieber
140
Reputation points
commented 2025-06-16T10:33:29.2133333+00:00
Ganesh Patapati
6,915
Reputation points Microsoft External Staff
Moderator
1 answer
One of the answers was accepted by the question author.
Azure Firewall Application Rules - Support for Outbound Port 22 (SFTP)
Hi We intent to use Azure Firewall's application rule to allow outbound traffic to a remote SFTP server on port 22. The reason for using application rule (and not the network rule) is to be able to specify FDQN for the remote endpoint (destination SFTP…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-06-12T09:11:31.9166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 5%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETM%3C/text%3E%3C/svg%3E)
Taranjeet Malik
571
Reputation points
accepted 2025-06-12T23:06:18.27+00:00
Taranjeet Malik
571
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure Firewall | UDR
Hello everyone, I have and HUB and spoke topology in Azure with a virtual network gateway in the hub. I want to forward the traffic from Virtual Machine to Azure Firewall (deployed in the hub) for all the routes on-premise learned by VNET Gateway (They…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-06-09T09:51:13.5433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 56.00000000000001%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAL%3C/text%3E%3C/svg%3E)
Andrea Longhitano
135
Reputation points
accepted 2025-06-12T16:39:42.7366667+00:00
Andrea Longhitano
135
Reputation points
1 answer
Why Azure Firewall doen't send flow trace logs ?
Hi, I have enabled flow trace logs a day ago accordingly with https://docs.azure.cn/en-us/firewall/enable-top-ten-and-flow-trace FeatureName ProviderName RegistrationState AFWEnableTcpConnectionLogging Microsoft.Network…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-06-05T11:53:04.8833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 33%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
Robert Piwowar
0
Reputation points
commented 2025-06-12T12:12:48.73+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 15%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPB%3C/text%3E%3C/svg%3E)
Praveen Bandaru
5,370
Reputation points Microsoft External Staff
Moderator
2 answers
One of the answers was accepted by the question author.
Azure Firewall - web categories
When configuring a rule with destination type set to "Web categories", is there way to get an actual IP list behind those categories ? Ideally via an API ?
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-06-10T10:28:30.98+00:00
Peter Stieber
140
Reputation points
accepted 2025-06-10T14:41:56.06+00:00
Peter Stieber
140
Reputation points
0 answers
Use NAT to redirect port 25 (inbound) to a VM
Hello, I'm trying to setup a redirection using DNAT from Exchange online on port 25, to a virtual machine in my infrastructure. I've a virtual wan, with a virtual hub setup as secured hub, so with an azure firewall. I would like to redirect the traffic…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-06-03T09:57:46.9233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 74%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETM%3C/text%3E%3C/svg%3E)
Thomas Martinez
20
Reputation points
commented 2025-06-06T04:56:18.78+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 82%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVV%3C/text%3E%3C/svg%3E)
Venkat V
2,545
Reputation points Microsoft External Staff
Moderator
1 answer
Unable to access container app "revision and replicas" or "Containers" tab while adding NAT Gateway to container app or creating route to firewall
We have creared firewall and want use it for IDPS When we redirect tarrfic to firewall using route for container app, we are not able see setting in container like, Revision, replicas, logs, console etc Also, for internet connectivity when we add NAT…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-05-29T15:32:37.2566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 55.00000000000001%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERR%3C/text%3E%3C/svg%3E)
Raghuveer Ravuri
0
Reputation points
commented 2025-06-05T19:03:29.93+00:00
Praveen Bandaru
5,370
Reputation points Microsoft External Staff
Moderator
1 answer
Creating a ticket for Palo Alto Firewall failing to deploy in Azure
Hi, We have a customer using the 'VM-Series Next-Generation Firewall from Palo Alto Networks' from Azure Marketplace. However, since 30 of march the deployments have been failing with backend issues. I created this ticket:…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-05-30T09:35:39.28+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 55.00000000000001%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELH%3C/text%3E%3C/svg%3E)
Lasse Hastrup
0
Reputation points
commented 2025-06-05T07:59:22.6933333+00:00
G Sree Vidya
2,360
Reputation points Microsoft External Staff
Moderator
1 answer
One of the answers was accepted by the question author.
Can not associate Azure Firewall Policy to a firewall in a secondary region
Hi, I have HUB and Spoke, where HUB is in two regions, i have azure firewall deployed in each region, in one region i have created azure firewall policy with DNAT and other rules now i am trying to associate the firewall rule to another region VNET that…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2025-06-03T23:35:03.5066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 20%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Salahuddin Khatri
21
Reputation points
accepted 2025-06-04T20:36:25.5366667+00:00
Salahuddin Khatri
21
Reputation points
4 answers
One of the answers was accepted by the question author.
Point-to-Site VPN protected by Azure firewall from the outside
Hello, I am wondering how I could configure the hub to route traffic as follows: p2s tunnels over the internet -> azure FW - > vpnGateway - > AzureFW -> vnet subnets (and back to p2s clients the same way) tia
Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,792 questions
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
780 questions
asked 2021-07-20T16:48:53.19+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 69%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMK%3C/text%3E%3C/svg%3E)
Marek Kurowski
21
Reputation points
commented 2025-06-04T09:38:41.3966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 59%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELB%3C/text%3E%3C/svg%3E)
Lam Bui Quang
0
Reputation points