Azure Firewall – App Service Environment UDR requirements

If you are looking to secure your App Service Environment and integrate with an Azure Firewall, Microsoft have guidance for integrating the Azure Firewall with your App Service Environment. I’ve provided links below: https://docs.microsoft.com/en-us/azure/app-service/environment/firewall-integration https://docs.microsoft.com/en-us/azure/app-service/environment/management-addresses   This basically consists of: Create a UDR that routes ASE Management IPs direct to Internet Add Route to IP […]

Read More »

Azure Firewall – Hub/Spoke Hybrid Network with Forced Tunnelling

* Update – I spoke to Microsoft and they agreed and have updated the documentation to highlight this scenario. The Azure Firewall is a great option if you want to have a centralised firewall device within your Azure network architecture. I followed the Microsoft documentation to integrate the Azure Firewall into a Hybrid Network consisting of […]

Read More »

Azure Firewall – Hub and Spoke UDR configuration

I was recently working with a Hub and Spoke VNet design that was connected to on-premises through ExpressRoute. The goal is to use the Azure FW within the Hub VNet to provide centralised firewall control between the on-premises network, hub and spoke VNets. To set up this scenario you have to create UDRs on the […]

Read More »

Azure VNet Peering Gateway Transit Hub and Spoke

If you read the documentation on the Azure docs page it is not clear that if you have VNets configured in a Hub and Spoke design, it is possible for each spoke to be able to communicate with each other without requiring Network Virtual Appliance (NVA). This is possible using Gateway Transit and User Defined […]

Read More »