Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
1 answer
One of the answers was accepted by the question author.
CIDR block for azrecloud.eastus
Hello Folks, We are currently facing a challenge with maintaining an allowlist containing more than 900 IP addresses for our application. These IPs were obtained from the Azure IP Ranges and Service Tags – Public Cloud. dataset for the…
Azure Firewall
asked 2026-06-25T15:57:14.6233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 32%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDS%3C/text%3E%3C/svg%3E)
Desmond Sindatry
111
Reputation points
accepted 2026-06-26T18:24:21.49+00:00
Desmond Sindatry
111
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure FortiGate HA – Need SNAT with Same Public IP as Inbound VIP + Failover Design
Hi all, I’m running a FortiGate HA cluster (2 nodes) in Azure (Active-Passive) behind an Azure Standard Load Balancer. We are currently in a migration phase and expanding the number of public IPs. Current Architecture 2x FortiGate VMs in Azure (FGCP…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2026-06-19T06:22:53.5566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 74%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDT%3C/text%3E%3C/svg%3E)
Dimitrov, Todor
20
Reputation points
accepted 2026-06-24T06:21:33.5533333+00:00
Dimitrov, Todor
20
Reputation points
2 answers
Azure Service Tags
Why are some Azure Firewall service tags not returned by the Azure Service Tags API? Azure Firewall supports a wide range of service tags that can be configured in firewall policies, yet when retrieving service tags via the API: GET…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2026-06-23T13:18:36.4166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 92%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPS%3C/text%3E%3C/svg%3E)
Peter Stieber
65
Reputation points
answered 2026-06-24T04:58:31.6533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 22%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETG%3C/text%3E%3C/svg%3E)
Thanmayi Godithi
10,820
Reputation points Microsoft External Staff
Moderator
0 answers
Join: Microsoft Azure Q&A Champions Program
The Microsoft Azure Q&A Champions Program recognizes and empowers a global community of internal and external Azure experts who help customers succeed by providing high-quality, trusted answers on Microsoft Q&A. The program scales expert led…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2026-05-25T23:58:21.15+00:00
Ashley Swearingen
0
Reputation points Microsoft External Staff
Moderator
edited the question 2026-06-23T18:52:03.8666667+00:00
Ashley Swearingen
0
Reputation points Microsoft External Staff
Moderator
3 answers
One of the answers was accepted by the question author.
DNAT rules on Azure firewall Basic are unstable
When configured DNAT rules on Azure firewall I noticed that the connectivity is unstable. FirewallSubnet: 10.20.0.0/26 Firewall public IP: 10.x.x.4 VM IP 10.20.2.252 in subnet address range: 10.20.2.248/29 peered to Hub NSG: UDR: Source logs: FW…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 87%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
1 answer
my Azure Firewall zone redundancy
Hi, i have one Azure FIrewall that i though it was zone redundant, beocouse on creation i found this information: In regions that support multiple Availability Zones, Azure Firewall is deployed as zone-redundant by default and automatically placed…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2026-06-02T13:22:11.1533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 51%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EID%3C/text%3E%3C/svg%3E)
Iu Donadeu Renau
25
Reputation points
answered 2026-06-02T14:16:14.7366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 23%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVV%3C/text%3E%3C/svg%3E)
Vallepu Venkateswarlu
10,180
Reputation points Microsoft External Staff
Moderator
2 answers
Wide range of timing for firewall latency probe
In Monitoring/Metrics for my Azure firewall I set the chart to look at Latency Probe for the last month [granularity set at 1 minute]. I got a few lines at 108ms or 367ms but most were 1ms or 1.33333ms. Why is there such a wide disparity in the Latency…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2026-05-22T17:58:33.46+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 86%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMO%3C/text%3E%3C/svg%3E)
Michael Oehlert
20
Reputation points
commented 2026-05-29T06:07:09.7+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 52%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVS%3C/text%3E%3C/svg%3E)
Venkatesan S
9,565
Reputation points Microsoft External Staff
Moderator
3 answers
One of the answers was accepted by the question author.
Firewall monitoring data not consistent
In Monitoring/Metrics for my Azure firewall I set the chart to look at Latency Probe for the last month [granularity set at 1 minute]. Then I export to Excel. When I did this last month I got a few lines at 108ms or 367ms. So I re-ran the report a few…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2026-05-22T17:51:19.82+00:00
Michael Oehlert
20
Reputation points
accepted 2026-05-28T15:39:39.91+00:00
Michael Oehlert
20
Reputation points
2 answers
How to effectively tune Azure WAF without exhausting too many resources
We have Azure WAF rules in prevention mode in both Azure Front Door and APIM gateway. We are facing this issue for a long term due to so many false positives blocking requests from our end users, frustrating us and users as there is no predictive…
Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,780 questions
Azure Front Door
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
1,197 questions
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2024-11-07T15:32:30.6733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 92%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJP%3C/text%3E%3C/svg%3E)
Jyotirmoy Pan
0
Reputation points
answered 2026-05-18T12:53:46.6+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 44%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Adnane
0
Reputation points
2 answers
Best Practice for Managing Common Blocked IPs Across Multiple Azure Firewalls, Regions, and Subscriptions
Multiple Azure Firewalls deployed across different regions and subscriptions, and in order to block a common set of IP addresses across all environments. Currently, i'm evaluating the best design approach for managing these shared blocked IPs centrally…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2026-05-12T05:06:54.15+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 4%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
$@chin
375
Reputation points
commented 2026-05-14T08:32:27.8433333+00:00
Venkatesan S
9,565
Reputation points Microsoft External Staff
Moderator
2 answers
One of the answers was accepted by the question author.
Upgrade an azure basic to a standard firewall
Has anyone ever upgraded from azure basic firewall to standard firewall. What are the risks and the best way to mitigate the risks. I have made a copy of the policy and upgraded it to standard. I have a script that does the upgrade and tested it…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2026-05-06T19:42:33.7133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 5%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
Patrick Kuehn
20
Reputation points
accepted 2026-05-08T21:03:17.27+00:00
Patrick Kuehn
20
Reputation points
2 answers
Why am I not seeing monitor logs from my vhub firewall
Why am I not seeing monitor logs from my vhub firewall
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2026-04-27T15:56:53.8166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 37%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELR%3C/text%3E%3C/svg%3E)
Leppert, R
0
Reputation points
answered 2026-05-08T16:09:01.6+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 15%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPB%3C/text%3E%3C/svg%3E)
Praveen Bandaru
11,640
Reputation points Microsoft External Staff
Moderator
0 answers
How to configure AZFWFlowTrace logs on Azure Firewall (Basic SKU) to debug Asymmetric routing
Hi, I have created a azure firewall on a VNET and i am trying to debug an issue related to asymmetric routing, The scenario is a P2SVPN trying to communicate with a SQL Server (via private endpoint), the P2SVPN is in a hub vnet and the SQL Server is in…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 25%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECW%3C/text%3E%3C/svg%3E)
2 answers
Alternatives for URL / Path‑based Whitelisting When Azure Firewall Supports Only FQDN Filtering
Azure Firewall – Alternatives for URL / Path‑Level Outbound Whitelisting Environment / Current Setup Production workloads hosted in Azure All outbound (egress) traffic routed through Azure Firewall Azure Firewall used as the centralized control point…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2026-04-28T03:48:01.3233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 34%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAB%3C/text%3E%3C/svg%3E)
Ashish Bang
20
Reputation points
answered 2026-04-28T04:30:11.7533333+00:00
Venkatesan S
9,565
Reputation points Microsoft External Staff
Moderator
3 answers
Unable to add/update Azure firewall policy application rule with a valid FQDN
I am trying to add a application rule into Azure firewall policy to allow a valid FQDN but it's failing the validation. PII is a valid FQDN belonging to University of Cambridge. I would like to do it only through Azure portal as i don't have a Test…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 48%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMK%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 38%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESI%3C/text%3E%3C/svg%3E)
2 answers
Azure Firewall - RuleCollection with no rules
What happens if a rule collection (network, NAT, or application) is defined but contains no rules? Will the configured action (e.g., Allow or Deny) still be applied? Does it effectively act as an implicit "Allow All" or "Deny…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2025-07-18T14:11:04.36+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 4%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPS%3C/text%3E%3C/svg%3E)
Peter Stieber
265
Reputation points
edited an answer 2026-04-20T13:46:30.9633333+00:00
Dallas Kelsey III
5
Reputation points
2 answers
One of the answers was accepted by the question author.
AzureFirewallManagementSubnet: must default outbound access be enabled?
Dear Team! With 31.03.2026, each subnet will be privated. If I want to create a "AzureFirewallManagementSubnet" do I have to explictly enable the default outbound access or is it also working as a private subnet? Here it is not mentioned, that…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2026-04-15T19:55:46.3333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 95%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPB%3C/text%3E%3C/svg%3E)
Pittl Benedikt (INFRA.IT)
20
Reputation points
edited an answer 2026-04-16T16:32:15.6866667+00:00
Vallepu Venkateswarlu
10,180
Reputation points Microsoft External Staff
Moderator
3 answers
Firewall creation is failing while creating through terraform.
Firewall deployment is failing through Terraform Status: "InternalServerError" │ Code: "" │ Message: "An error occurred." │ Activity Id: "" │ │ --- │ │ API Response: │ │ ----[start]---- │…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2024-05-14T17:06:04.9833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 10%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENV%3C/text%3E%3C/svg%3E)
Naveen Vanamadi
5
Reputation points
answered 2026-04-13T21:06:04.76+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 81%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMB%3C/text%3E%3C/svg%3E)
Motekaitis, Bronius
0
Reputation points
3 answers
The Update firewall configurations for new Intune network service endpoints will not run
tried to run Azure Front Door Connectivity Diagnostics Tool it would not, ran as a user and admin downloaded software PSTools.zip still didn't work. I am losing time and patience with this.
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2026-04-03T20:30:11.2366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 79%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETW%3C/text%3E%3C/svg%3E)
Trish Wood
0
Reputation points
commented 2026-04-13T14:40:15.99+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 71%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Ganesh Patapati
11,995
Reputation points Microsoft External Staff
Moderator
2 answers
One of the answers was accepted by the question author.
Getting NXDOMAIN to database.windows.net through Azure Firewall DNS Proxy.
Hello everyone. As of last night we started getting reports of DNS no longer correctly resolving against *.database.windows.net The setup was working for over 3 months thus far. This is a cloud-only environment. 2 tenants connected through Azure…
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
869 questions
asked 2026-04-03T15:08:45.81+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 39%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKB%3C/text%3E%3C/svg%3E)
Kjell Bulcke
20
Reputation points
answered 2026-04-07T15:43:40.0033333+00:00
Ganesh Patapati
11,995
Reputation points Microsoft External Staff
Moderator