Application Gateway V2 support of UDR
Deploying a Application Gateway in a subnet with an UDR is needed in enterprise networks. For example if you advertise the default route from a ExpressRoute connection,.
Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature
This is definitely needed. Many environments have a security requirement that all traffic must route through a next generation firewall virtual appliance.
Exactly the same comment as some of the users before. We are using a Checkpoint firewall as a central security component and absolutely need UDR on the application gateway network to be able to route are traffic. Stuck with V1 so far.
Nath Reddy commented
It is a required feature for us and we binded to V1 due to lack of UDR in v2. Cannot think why Microsoft is not supporting UDR in V2. V1 have quite few issues, slow, do not have features like Auto-scaling.
Why you want customers stuck with V1?
We are requesting support for UDR in the v2 SKU.
Domann Cadaing commented
Likewise...we do need support for UDR.
Really need a UDR on the app gw subnet to force traffic though a multi-tenant network appliance firewall.
philip gahan commented
We have the same issue , all traffic needs to route out through our FW and we cannt migrate over to V2 until this is complete with UDR.
Yes. We were looking for faster ARM deployments, auto scaling and we get it but we cannot use Application Gateway V2 beacuse of UDR subnets deploy is lacking. Please fix it.
Shaw, Dave commented
I'm not sure why this still hasn't been implemented by Microsoft. It's not a feature request it's a bug because App Gateway V1 supported UDRs!
Chris Lopez commented
This is very important to us. We use Checkpoint and Silver Peak Virtual Appliances. We have a Dev Application Gateway that we wanted to use with a Private IP.
Unfortunately we cannot direct our traffic back to our firewall, which leaves us with no option but to make our Dev workloads accessible from the internet. I am not looking forward to writing an NSG to allow only our 35 global offices.... :(