Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details

  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details

  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details

  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Site Categorization for the new Azure Firewall

      Adding the ability to restrict outbound traffic based on Site Categorization would be great. This would give the ability to restrict outbound access to adult, gambling and other questionable sites.

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  1 comment  ·  Network Security Groups  ·  Flag idea as inappropriate…  ·  Admin →
    2. Azure Firewall NAT Rules

      When the UDR assoc the Subnet is not possible connect by RDP from the Internet, or other services exposed in the internet.

      If I could create the NAT Rule on the Azure Firewall I can expose any services in internet and this issue would be resolved.

      thank you so much.

      Best Regards

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  1 comment  ·  Network Security Groups  ·  Flag idea as inappropriate…  ·  Admin →
    3. Akamai CDN Easly Expire Header Set and Purge ALL Available?

      Hello,

      I'm using Akamai General Web Delivery. Its seems fine but Purge all and on the images files specific have not able the set Leverage Browser Caching (expire headers). Its maybe easly be on the Azure control panel.

      2 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
      planned  ·  Anton Kucer [MSFT] responded

      Both of these capabilities are in our backlog for making available via Azure CDN from Akamai later this year.

    4. Outbound data transfer Zones - Country wise

      Hello, Please provide which country comes under which Zones for Outbound data transfer. This will help for correct pricing for customers for zone1, zone2 and zone3

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  ExpressRoute  ·  Flag idea as inappropriate…  ·  Admin →
    5. 1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    6. Traffic analytics error reporting IP vs NIC

      We have several app-ways in the same subnet.
      Traffic analytics is display a DestIPs which does not correspond with the displayed NICs (it belongs to a different app-way).

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  1 comment  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    7. Please provide metric for Point-to-Site VPN traffic

      We can't meter Point-to-Site VPN usage now.
      Please provide metric for Point-to-Site VPN traffic like Site-to-Site tunnnel metric.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  1 comment  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    8. Is adding external endpoints via IP address available instead of FQDN? i don't think it is? can some one clarify it please..

      On Azure Traffic Manager, is external endpoints addition via IP address available instead of FQDN? i don't think it is yet? can some one clarify it please..

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    9. Make raw logs available for CDN traffic

      If raw logs were made available and posted to blob storage, developers could use them for sub-billing our customers for their usage of the CDN.

      162 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  10 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    10. 7 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  0 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    11. Application Gateway Public IP to be allocated to existing Virtual Machine

      We want Application Gateway Public IP to be used and associated with Virtual machine. If we remove application Gateway , its public IP should be retailed.

      5 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    12. 136 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  13 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    13. Provide API to access CDN analytic data

      API is needed to access analytic data (e.g. hits, cache/hit ratio, GB usage, bandwidth, etc.)

      24 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  0 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
    14. Allow special chartacters in the pre-shared key for IPSec VPN tunnels

      Allow special chartacters in the pre-shared key for IPSec VPN tunnels

      10 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    15. Show Traffic lights on an ILB Rule showing which node traffic is being passed too

      Load balance rules do not show which server(s) traffic is currently being sent to.
      Within a “Load Balance Rule” simple traffic light of Green /or Red against a node would give a quick visual indication that traffic is being sent to the node.
      This would help us identify if a service had/was stop on a specific node or if a node was turned off.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Load Balancer  ·  Flag idea as inappropriate…  ·  Admin →
    16. Set up a VPN device script Link as present in the Classic Portal

      I was setting up the Site to Site in New portal and found the link to download the VPN script wasn't present as in Classic portal. It would be good we have that link in new portal so that we can share that Network admins to setup site-site Connection with on-premise and Azure Vnet

      29 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  1 comment  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    17. Allow referencing an Azure resource by id in Network Security Groups

      NSG's should allow the use of Azure resource ID in addition to ip addresses for NSGs. For example, if I reference the ID of a webapp, then the rule will apply to the public IPs of that webapp. If I reference an azure VM, then the rule will apply to the ip address of that vm. And so on. It would make it so much more flexible to build up rules by using resource id's/names than today's very static and cumbersome implementation, especially for complex rules.

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Security Groups  ·  Flag idea as inappropriate…  ·  Admin →
    18. Support compression directly from IIS Origin

      Azure CDN adds the Via header when it communicates with origin servers as this is required by HTTP/1.1 - (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html). IIS by default does not apply HTTP compression to requests that have the "Via" header. This prevents gzip compression from working by default with Azure CDN as IIS by default will not compress content when it receives a request with a Via header. This default setting for IIS can be changed by setting the noCompressionForProxies to false.

      This is not intuitive and should "just work". The whole point of having combined services in Azure is that we shouldn't…

      11 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Content Delivery Network  ·  Flag idea as inappropriate…  ·  Admin →
      planned  ·  Anton Kucer [MSFT] responded

      I significantly updated the title and contents of this request to accurately reflect why compression from an IIS origin does not work with Azure CDN. The CDN does support HTTP/1.1 when communicating with origin servers. We are planning on adding support in the future that will allow one to prevent the Via header from being sent to IIS.

      In the next month we are also targeting to enable one to have the CDN compress files directly – see http://feedback.azure.com/forums/169397-cdn/suggestions/1074433-automatic-http-compression-on-azure-blob-cdn-gzip.

    19. provide diagnostic ability in Azure Resource Manager VPN tunnels

      The PowerShell command that is used in the classic "ASM" VPN troubleshooting is not compatible with the new Azure Resource Manager VPN tunnels. This makes it very difficult to troubleshoot VPN problems.

      The newest Azure PowerShell doesn't provide any start-azureRMvirtualnetworkgatewaydiagnostics like the old azure services manager did.

      13 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      2 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    20. Add ability to use a Network Security Group (NSG) as a rule source/target

      Currently NSG rules have the concept of the source or target being a Tag, and there are a couple predefined tags (Internet, VirtualNetwork, and AzureLoadBalancer). It would be nice if there was a similar feature where you could select the source or target being another network security group. Resources would be considered part of a NSG if they have their network interface associated with that NSG, they are in a subnet associated with that NSG, or they are in a VNET associated with that NSG. This essentially creates a subnet that has a dynamic address space.

      13 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Security Groups  ·  Flag idea as inappropriate…  ·  Admin →
    • Don't see your idea?

    Feedback and Knowledge Base