Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details
  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details
  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details
  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    How can we improve Azure Networking?

    You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

    There are two ways to get more votes:

    • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
    • You can remove your votes from an open idea you support.
    • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
    (thinking…)

    Enter your idea and we'll search to see if someone has already suggested it.

    If a similar idea already exists, you can support and comment on it.

    If it doesn't exist, you can post your idea so others can support it.

    Enter your idea and we'll search to see if someone has already suggested it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Azure Application gateway multiple Frontend ip addresses

      Azure Application Gateway allows multiple listeners over port 80 (HTTP), but it only allows 1 listener over port 443. You protect multiple websites using HTTP port (80), but only 1 using HTTPs (443). I propose the possibility of multiple IP frontend or just support multiple listeners over 443 (HTTPs). Trust me, is hard when you need an Application Gateway for each Azure web app...

      Best,

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    2. Search feature when selecting App Services for Backend Pool

      When setting app services on the backend pool having a search bar to filter down the preferred set of App Services.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    3. Simplify HTTP redirect

      The current method involves a two listeners and doubles the amount of configuration required.
      A better method would be for each listener to have a HTTPS redirect flag on it so anything received on 80 automatically redirects to 443.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    4. Azure Application Gateway with upstream HTTP Reverse Proxies and XFF

      Azure Application Gateway doesn't seem to populate the "clientIP" field value on the ApplicationGatewayLog and ApplicationGatewayFirewallLog logs with the initial/ real client IP when there is an upstream HTTP Reverse Proxy with X-Forwarded-For HTTP header insert option enabled. Under that integration scenario, "clientIP" gets populated with the client IP address from the Azure Application Gateway network flow and not from the application level flow via HTTP X-Forwarded-For header.

      It would be useful to have the option to change this behaviour for certain integration scenarios.

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    5. Affinity cookie persistence between pools in application gateway

      Argument is: Application gateway cookie persistence for different backend pool

      I have already rise an SR for this issue.

      If you have a configuration like:

      domain/app1 forward to pool1 (server1, server2)
      domain/app2 forward to pool2 (server3,server4)

      A page that call resources in /app1 e /app2 everytime a different pool is hit from the same browser session a new affinity cookie is generated.

      To summarize:

      There is no persistence of affinity cookie between calls on different pools.

      The affinity cookie should take care about server in different pool for session persistence. So if i have affinity cookie X this should be…

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    6. 1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    7. Allow multiple domains or wildcard hostnames in single listener

      Allow multiple domains or wildcard hostnames in single listener

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    8. Azure Application Gateway CPU Utilization Metric

      The Application Gateway offering provides quite a few useful metrics, but lacks some core performance metrics. Please, at a minimum, provide a metric and alert for CPU utilization of the instances behind an Application Gateway. When CPU utilization is not monitored at this level, it can affect the performance of dependent applications.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    9. Hello, please, make sure that you let the customers know about the charges and the instances operations when configuring the WAF

      Hello, please, make sure that you let the customers know about the charges and the instances operations when configuring the WAF. Apparently, the number of instances is what is making this service extremely expensive and none of this is mentioned during the setup. Also, please remove this from the security list because it is listed with free extensions such as IAASMalware, Monitoring etc. Thanks!

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    10. The web application firewall (WAF) currently doesn't show the activated rules correctly.

      The web application firewall (WAF) currently doesn't show the activated rules correctly.
      If it is activated - a-- internal rules are active as well.
      This is not shown in the UI and is confusing.
      This should be changed.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →

      Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

    11. Allow ModSecurity Rule Exclusion

      ModSecurity is not really designed to be a plug and play solution. It almost always requires tuning. Without being to enter exclusions for certain files or paths, the only option is to disable the rule entirely, which is self defeating in most cases. An example would be WordPress. ModSecurity will flag certain actions of WordPress core (photo upload to the media gallery using admin or editing a post for example) as bad actions, meaning you either disable the rule entirely and thus the protection, or turn it on and off when you need to do those actions. Neither of those…

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    12. Sort Application Gateway Rules alphabetically

      My lists of Application Gateway Rules / Listeners and HTTP Settings is growing very fast. I've applied a naming convention but the lists are in random order so it's hard to find the settings which are for the same customer.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →

      Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

    13. Ability to queue Azure configurations from portal

      In some services it might take quite a while for configurations to apply (for example Application Gateway). It can take up to 30 minutes for certain configuration to be applied and it is not possible to make other configuration change at the same time so it would be nice to have possibility to queue or batch changes somehow.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    14. Add a way to test the configuration of Application Gateway before update

      When updating an application gateway (example changing to a different backend). It would be useful to be able to test the configuration of the application gateway before saving.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →

      Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

    15. Delete the listener but rule will be left and invisible

      After delete the listener, the rule still left and you can't see them in the UI. When you create the rule with same name, the request will be denied. You can see the left rules in the resource explorer.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    16. Allow to customize behaviour of 949110 WAF Rule

      Currently WAF signatures even though in detect mode can start to block if the preset threshold of 949110 (not user available) is reached. This is not helpful as we getting too many false positives and unfortunately we need to disable signatures completely instead of putting it in detect mode so that real attacks can get logged atleast.

      Can we have this rule 949110, be made available to user for customization of threshold and behaviour according to our environment?

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    17. Azure WAF v2 is not recognized by Azure Security Center as security solution and it has not mentioned anywhere.

      Azure WAF v2 is not recognized by Azure Security Center as a security solution and it has not mentioned anywhere. The details that are provided is not enough to understand that it is not being recognized as below.

      Partner solution name: Application Gateway

      Type: Saas-based Web Application Firewall
      Integration mode: Semi-automatically provisioned
      Status : Not reported

      Status has never been reported to Azure Security Center. Usually this means that this security solution isn't configured yet. It is recommended you login to the security solution management console to finalize the initial configuration

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    18. application gateway listener

      At times it becomes difficult to know what is the type of Listener in Application gateway that is, is it Multi Path or basic.

      It would be great if we can also see the Listener type at the Top

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    19. Azure Application gateway - Allowed concurrent connection

      1) Tier - WAF , SKU Size - medium

      2) Tier - WAF , SKU Size - large

      3) Tier - Standard , SKU Size - small

      4) Tier - Standard , SKU Size - medium

      5) Tier - Standard , SKU Size - large

      Example: If I'm using WAF with Medium SKU and 8 Instances what will be my limit of concurrent connections.

      Thanks,
      Gulab Pasha

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    20. Maximum Internet Traffic supported by Application Gateway . Sometimes there will be a performance test conducted . So it is better to know

      Would be great if there is some information on the maximum traffic supported by Application gateway

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →

      Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

    • Don't see your idea?

    Feedback and Knowledge Base