Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details
  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details
  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details
  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Why Can't Azure Manage my Wireless Network?

      As more and more applications and services make the migration from the desktop to the web, two issues are become important as ever. That is the content that we connect to and how we connect to this content.
      Microsoft has been an earlier adapter in identifying software as a service and migrating users from Microsoft Office to Office 365.
      However how users connect and how securely users connect is probably even more important.
      So my suggestion would be a additional service in Azure that would ensure that a users Internet connection is secure with Microsoft servers before a network administrator…

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
    2. Classic to ARM VNet Migration - Recreate Site-to-Site connections

      I have recently migrated a classic virtual network with a Site-to-Site VPN connection to an ARM VNet using platform-supported migration.

      When the connection between the 2 networks was recreated under the ARM platform it defaulted to a VNet-to-VNet connection which meant a loss of connectivity between the 2 networks. I had to add create another LNG and recreate the connection as a Site-to-Site.

      Now I understand the benefits of VNet-to-VNet connections but I would like the platform-supported migration to respect the existing connection type and recreate this correctly.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  1 comment  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    3. Azure GUI BUG Network Security Group for Gateway

      Portal allowing to associating an NSG to a gateway subnet

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Security Groups  ·  Flag idea as inappropriate…  ·  Admin →
    4. Monitor container network traffic within a node

      I would like to see a solution for monitoring traffic between containers on the same node. I'm not sure if the Network Watcher product already does this or not - it wasn't specified.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      2 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →
    5. Let security group view show the order in which rules are processed

      The current security group view allows multiple ways to sort the security rules that show up. It would be most useful if there would be a way to sort the security rules in the effective way they would be processed, meaning:
      1. customer defined rules on the subnet
      2. default rules on the subnet
      3. customer defined rules on the NIC
      4. default rules on the NIC.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Watcher  ·  Flag idea as inappropriate…  ·  Admin →

      Thank you for the suggestion, we’ll consider adding this sort option. The current UI in Portal provides you with tabs to see the security rules applied on the Subnet and the NIC, as well as the default rules.

      Note, the rule processing order you provided only applies for inbound traffic. From https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-nsg :

      Inbound traffic

      1. NSG applied to subnet: If a subnet NSG has a matching rule to deny traffic, the packet will be dropped.

      2. NSG applied to NIC (Resource Manager) or VM (classic): If VM\NIC NSG has a matching rule to deny traffic, packet will be dropped at VM\NIC, although subnet NSG has a matching rule to allow traffic.

      Outbound traffic

      1. NSG applied to NIC (Resource Manager) or VM (classic): If VM\NIC NSG has a matching rule to deny traffic, the packet will be dropped.

      2. NSG applied to subnet: If…

    6. allow granular access control to manage NSG rules.

      Because only a single NSG is allowed per resource (subnet or NIC) it would be nice to subdivide the rules into groups and allow different teams to manage the different groupings, all within the same NSG. This could allow a central team to implement some rules and an application team to implement some rules. For example, let us define groups by priority-range and then allow different access privileges to different groups. Team 1 can manage group 1 and 4 and team 2 can manage group 2. [Manage = add, modify, delete]

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Security Groups  ·  Flag idea as inappropriate…  ·  Admin →
    7. Add Standard set of Network Security Group Rules for Inbound and outbound traffic when creating new rules.

      I would like to see standard set of NSG rules for each new subscription that gets created for securing environment. for example SQL, SCCM, DMZ, App servers(Web servers), RDP etc. where we have ability to change the names according to our naming conventions and populate or have options to choose subnets, single VM.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Network Security Groups  ·  Flag idea as inappropriate…  ·  Admin →
    8. Add a column to list CIDR ranges currently in use.

      Add a column to list CIDR blocks assigned to each VNET in the Virtual Network Blade. This would provide a quick reference to not overlap CIDR ranges when using multiple VNETS.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    9. express route

      Not sure if this is possible today, but I would like to see an option for public peering to have more granularity on the list of BGP communities so we only advertise services that a customer owns. As far as I can see today, through Microsoft peering we will see all public IP in the selected Azure region including those belonging to Microsoft Azure public services, a customer public IP address and any other customer public IP in that region. That means that lot of traffic is routed through public peering. Wouldn't be better to route traffic through Internet to…

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  ExpressRoute  ·  Flag idea as inappropriate…  ·  Admin →
    10. could you please update the script for Cisco ASA as i see many bugs and many are having hard time in establishing the tunnel with azure

      could you please update the script for Cisco ASA as i see many bugs and many are having hard time in establishing the tunnel with azure with many ASA models and OS versions below 9.8.2

      please confirm the which IKE parameters for a connection works for stable IKeV2 route based tunnel with policy based TS enabled. I see many times the tunnel which is good for many days abruptly goes down all of a sudden with out any changes being made. Appreciate your help.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  2 comments  ·  VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    1 2 7 8 9 11 Next →
    • Don't see your idea?

    Feedback and Knowledge Base