Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details

  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details

  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details

  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. WAF custom rule RequestBody parameter need to include contentype application/json

      WAF custom rule RequestBody parameter need to apply when 'Content-Type' header is set to application/json.

      2 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    2. 3 Suggestions Pertaining to Certs, Listeners and Key Vault

      Keeping this concise. Contact me for more detail. More than happy to elaborate. In Feb and Apr 2021, we updated certs linked from Key Vault that resulted in Failed State on 2 diff App Gateways. Feedback based on these experiences:

      (1.) In Portal, provide more detail in Certificate dropdown in Listener settings. Examples: Cert uploaded directly to App Gateway or linked to Key Vault? For each Key Vault cert, is it pointed at a specific version ID or set to "use latest version?" Eliminate requirement to use CLI / PowerShell for obtaining and updating these details.

      (2.) Make certs linked…

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    3. Use an "allow list" to filter incoming request headers

      In some cases, downstream applications expect to receive only certain HTTP headers and are broken if the client sends unexpected headers or intermediate servers add headers during transit. Application Gateway currently provides a mechanism to remove specific headers and re-write headers, but it would help migrate some applications if functionality existed to provide an "allow list" filter of headers and remove any headers from the incoming request that are not specified in the list.

      33 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    4. Azure Application Gateway Optimization

      We want to Optimize the Azure Application Gateway

      On which basis Application Gateway optimization is possible

      How to calculate the information used for optimization.

      What are best practices for Application Gateway

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    5. Can Application Gateway enable WebSocket interface integrated with JWT token

      JWT tokens can be validated in API Management policies, can the same be supported in Application Gateway for websocket connections ?

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    6. auto scaling out/in instance number metric

      Hello Team,

      I understand we are auto scaling out/in instance number based on cpu utilization. but it would be great we have one click metric that we can check how many instances we are auto scaling out/in and how many instances we are running currently.

      Regards

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    7. Application gateway with smaller N/w range(/28,/27 should be acceptable as few customer like us using private n/w range with limited IP's

      Currently We are using and configured application gateway wih subnet range /28 but recently we have received communication from Microsoft a minimum subnet size
      /24 (256IP's) per application Gateway v2 sku will be required to new deployments.

      But this is most effect when we need to reconfigure our existing environments as we have configured
      application gateway with private subnet range 53.0../28 and we don't have sufficient Ip's as this IP ranges are limited for our environments. How can we overcome this issue .

      We are using private N/w 53 to conncet our on-primise applications.

      0 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    8. Application gateway with smaller N/w range(/28,/27 should be acceptable as few customer like us using private n/w range with limited IP's

      Currently We are using and configured application gateway wih subnet range /28 but recently we have received communication from Microsoft a minimum subnet size
      /24 (256IP's) per application Gateway v2 sku will be required to new deployments.

      But this is most effect when we need to reconfigure our existing environments as we have configured
      application gateway with private subnet range 53.0../28 and we don't have sufficient Ip's as this IP ranges are limited for our environments. How can we overcome this issue .

      We are using private N/w 53 to conncet our on-primise applications.

      0 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    9. Merge feedback requests for Application Gateway with Private IP ONLY

      Hi,

      I've found up to 3 requests that are related to the same, support for AG with a Private IP ONLY.

      https://feedback.azure.com/forums/217313-networking/suggestions/38936950-fully-private-app-gateway-v2

      https://feedback.azure.com/forums/217313-networking/suggestions/38936947-fully-private-app-gateway-v2

      https://feedback.azure.com/forums/217313-networking/suggestions/36487030-pure-internal-standard-v2-application-gateway

      If you merge all of them, they sum more than 200 votes, which is a nice number to start looking into this seriously. We have a customer who discarted AG only because of this (They don't want to expose the AG at all, eventhough the Public IP address wouldn't be used)

      Regards,

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    10. Application Gateway Redirection 308 Permanent Redirect Not Implemented

      According to Documentation available under https://docs.microsoft.com/en-us/azure/application-gateway/redirect-overview, currently Application Gateway does not support 308 Permanent Redirect Methods defined in RFC7538 when doing redirects.
      This can lead to problems with some browsers when doing request, most problems arise when a POST Request is sent to the HTTP Endpoint and it redirects to the HTTPS Endpoint but the Method changes to a GET.

      8 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    11. Application Gateway Health Check DNS Retry

      We were told by support that if the Application Gateway Health Check DNS request fails (the DNS entry is not found) the Application gateway will not try a lookup again until there is a config change. We have a race condition when standing up new apps that sometimes the health check happens before the DNS Entry can be resolved which causes the site to stay in an 'unknown' state forever until the next config change.
      We would love to see some kind of retry logic around DNS lookups as DNS requests fail sometimes. It seems like a bad idea to…

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    12. Move Application Gateway to Another Resource Group

      Please remove Application Gateway limitation move to another RG. It can be applied use case like give another team or person at another RG at one subscription without recreate the Application Gateway. Thank You.

      6 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    13. WAF disable OWASP rule for specific request elements

      Hello Team,

      We have needs to disable OWASP rule for specific request element and keep OWASP rule monitor other request elements.

      Thanks!

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    14. Multiple site hosting with AAD easyauth enabled

      We need to have an easy-to-configure flow for hosting multiple sites/apps with AAD easyauth enabled under the same custom domain. e.g.
      https://contoso.com/myApp1 --> https://myApp1.azurewebsites.net, and https://contoso.com/myApp2 --> https://myApp2.azurewebsites.net
      The goal is to have both apps working and their authentication flows and redirects not break.

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    15. Correct processing of Scale Set certificates

      If Scale Set is set as backend, and certificates are issued to each of Scale Set VMs individually, then there will be an error in Application Gateway: "The Common Name (CN) of the backend certificate does not match the host header of the probe." because App Gateway will not use valid FQDN as hostname when querying those VMs.

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    16. Application Gateway X-Forwarded-For IP:port is malformed

      Possibly this can be resolved by settings only; if so needs better documentation.

      X-Forwarded-For is only supposed to have IP address only (no ports). Our parser choked. In looking to improve the parser we very quickly discovered that as specified it causes a parse ambiguity in IPv6. That is, appending :port to an existing IPv6 address spelled with :: results in another valid IPv6 address. It would have worked if it was [IPv6]:port which is even more broken as compared to what the defacto standard is but is at least unambiguous.

      Needs doc improvement and possibly code improvement. Or maybe…

      3 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    17. We can not see any error when we delete permission for AppGW from KeyVault.

      When I deleted a permission from KeyVault to get Secret, We could not see any errors. It's very confusion. I can not identify the reason why AppGW is failed status. I hope we can see error about KeyVault side configuration.

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    18. Application Gateway needs load balancing methods

      Currently it seems Application Gateway only allows a round robin of all servers in the pool - there's no way to change this.
      Having a weighting of how many to each server, or picking the first of a list?

      For an example scenario - Imagine two servers A and B and in general you want server A to handle all urls /projectA/... and server B /projectB/... for efficiency reasons. However both servers are able to serve up both sites if needed. You could have 2 pools, one with server A first and one with server B first on a "first-server"…

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    19. I want to set HTTP keep-alive ON / OFF in the Application Gateway settings

      When the Application Gateway is in the process of forwarding an HTTP request to the backend, Connection Header Value in forwarding HTTP request is "keep-alive".
      Therefore, to disable HTTP keep-alive in the process of forwarding an HTTP request to the backend, it must be set in the backend settings.

      But Some customers using Application Gateway may also have a requirement that the backend settings can't be set.
      Even for such customers, it would be more convenient to be able to disable keep-alive in Application Gateway settings.

      9 votes
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    20. Application Gateway: override backend path

      Currently App Gateway only allows to replace the backend path of HttpSetting with absolute string using the "override backend path" property.

      This property does not allow replace the backend path with empty string. Please add this feature.

      Alternatively, override backend path can support regex.

      Scenario:
      https://stackoverflow.com/questions/66455060/set-override-backend-path-to-empty-string-in-app-g-w-ingress-controller

      1 vote
      Vote

      We're glad you're here

      Please sign in to leave feedback

      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    ← Previous 1 3 4 5 12 13
    • Don't see your idea?

    Feedback and Knowledge Base