Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details
  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details
  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details
  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. We should have the visibility/Dashboard to see what all rules are being triggred from the owasp rules

      We should have the visibility/Dashboard to see what all rules are being triggred from the owasp 3.0

      Currently if my website goes slow and application team reports that its slow because of waf we dont know what rules are being triggered.

      We raise a ticket to Microsoft backed and then they will provide the set of rules to us. This dependency should be remove

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Web Application Firewall  ·  Flag idea as inappropriate…  ·  Admin →
    2. It will be good to share files via Azure Bastion

      Right now file share is not supported via Azure Bastion which limits the type of work a person can perform on the server via bastion.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Bastion  ·  Flag idea as inappropriate…  ·  Admin →
    3. Could we add VMs in Load balancer backend pool even they are in the different peered Vnets in the future?

      Could we add VMs in Load balancer backend pool even they are in the different peered VNets in the future?

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Load Balancer  ·  Flag idea as inappropriate…  ·  Admin →
    4. Enable Auto-Reconnect for Point to Site Azure VPN connections

      I have not seen this exact suggestion prior so am adding what would be helpful for our users. Currently, when they connect remotely to a Shared Drive hosted on an Azure VM if the Network Gateway RAM hits peak utilization, or if the local users internet becomes interment they are kicked off the VPN connection and required to go back and connect all over again.

      This is a horrible customer experience.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    5. Instance IPs of Application Gateway are not visible in Portal

      In our usecase, external facing App Gateway(AG) will forward the traffic to PaloAlto virtual firewalls and firewall will NAT traffic to internal AG. Every application will have it's own external & internal AG. The NAT policy in firewall cannot use external AG subnet as source, you will have to identify instance IPs of each external AG and create NAT policy based on that. At the moment only Azure support have visibility to instance IPs, these IPs need to be exposed to Portal.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    6. express route delegated authorization - billing should be also delegated

      ER delegated authorisation to share circuits across multiple subscriptions; but the data utilisation is billed to the central owning subscription;
      allow the ability for a consuming subscription to recieve its own billing for its consumed bandwidth of the circuit.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  ExpressRoute  ·  Flag idea as inappropriate…  ·  Admin →
    7. Could be possible LB TCP and UDP flows on all ports simultaneously when you're using an Public load balancer

      Unfortunately, HA ports configuration is available only for internal load balancers. It is not available for public load balancers.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Load Balancer  ·  Flag idea as inappropriate…  ·  Admin →
    8. Allow moving a Standard SKU Load balancer between Resource Groups like possible with the basic one

      Allow moving a Standard SKU Load balancer between Resource Groups like possible with the basic one.
      while in place upgrade from basic to standard is not an option, this might help with the manual upgrade or even general maintenance of the service.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Load Balancer  ·  Flag idea as inappropriate…  ·  Admin →
    9. Documentation out of date

      Can I request a Static Public IP address for my VPN gateway?
      No. Only Dynamic IP address assignment is supported.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    10. Could we add service tag about specific country like Singapore for Network Security Group?

      Could we add service tag about specific country like Singapore for Network Security Group?

      We have some service tag for NSG like internet/ Virtual network.
      Since we have some feedback that customer need allow/block traffic from specific country for security reason.

      Please advise.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Network Security Groups  ·  Flag idea as inappropriate…  ·  Admin →
    11. Allow the creation of null MX records for domains that accept no mail

      As per RFC7505, allow the creation of a NULL MX record by entering a single period '.' for the MX Record's Mail Exchange field.

      Currently, attempting to create one raises the following error: "Each label must contain at least one character. You may not input consecutive period '.' characters"

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    12. Need to obtain VPN server name (FQDN) using Powershell for P2S VPN.

      As we know we it doesn’t support obtain VPN server name (FQDN) for P2S via powershell. We must utilize the download package as stated in documentation.

      Could we obtain VPN server name (FQDN) using Powershell for P2S VPN in the future?

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    13. BYOIP to Azure?

      BYOIP to Azure would be a great feature.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  IP addresses  ·  Flag idea as inappropriate…  ·  Admin →
    14. 1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Network Security Groups  ·  Flag idea as inappropriate…  ·  Admin →
    15. Public IP Prefix Size Dropdown

      For Public IP Prefix Size property please only make available on the drop-down choices that are available. Prefixes larger than /28 are not useable

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  IP addresses  ·  Flag idea as inappropriate…  ·  Admin →
    16. Application gateway V2 subnet to support UDR

      We need to support UDR association with Appgw V2 subnet, since as of now it's not yet support while Appgw V1 does support. Please add this feature.

      11 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    17. "Azure Managed" SSL certificates for Application gateway for SSL offloading

      Please add the ability to use a Azure managed certificate for the application gateway for the use of SSL offloading. This feature would be nice so that we would not have to manage the certificate and it would auto update instead of us having to keep the certificate up to date.

      6 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    18. Simplify

      Do any of you developers at Microsoft actually talk to end users before you implement this stuff? The first thing you should do after getting the flow logging working is to provide an EASY and SIMPLE way for end users to view the flow logs through the portal without having to have a Computer Science Masters degree to write friggin Powershell scripts or other programs to view this data that you are collecting

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    19. downgrade attack prevention - TLS_FALLBACK_SCSV

      Downgrade attack prevention should be a necessary addition to the Azure Application Gateway.

      All security audits (SSL Labs among others) show this to be a necessary security measure and as such they all downgrade your security compliance if you dont have it.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    20. allow VMs to have limited total network usage

      Allow VMs to only use a specified amount of data going in/out of the VM in total or over a given time frame

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
    ← Previous 1 3 4 5 9 10
    • Don't see your idea?

    Feedback and Knowledge Base