AdminAzure Networking Team (Admin, Microsoft Azure)

← Customer Feedback for Microsoft Azure

My feedback

Allow Network Security Groups (NSGs) to Reference Application Security Groups (ASGs) From Different Location
81 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
5 comments · Networking » Virtual Networks (VNET) · Flag idea as inappropriate… · Delete… · Admin →

planned · AdminAzure Networking Team (Admin, Microsoft Azure) responded

Thanks for the feedback, we are working on enabling ASG references across subscriptions/VNets, it’s currently on our plans

AdminAzure Networking Team (Admin, Microsoft Azure) supported this idea · Sep 10, 2018
pls put the two powershell scripts together
1 vote
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
1 comment · Networking » VPN Connectivity (Point-to-Site, Site-to-Site) · Flag idea as inappropriate… · Delete… · Admin →

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Aug 17, 2018

Hi, can you please indicate to which article/documentation you're referring?
Add NSG Service Tag for OMS Services.
14 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
planned · 2 comments · Networking » Security (ACLs, Firewalls, Intrusion Detection) · Flag idea as inappropriate… · Delete… · Admin →

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Jun 5, 2018

This is in roadmap.
Global VNET peering remote gateway and gateway transit support
13 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
planned · 2 comments · Networking » Virtual Networks (VNET) · Flag idea as inappropriate… · Delete… · Admin →

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Jun 5, 2018

Yes, this will be supported.
List the private IP address of a virtual network gateway
6 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
2 comments · Networking » VPN Connectivity (Point-to-Site, Site-to-Site) · Flag idea as inappropriate… · Delete… · Admin →

need-feedback · AdminAzure Networking Team (Admin, Microsoft Azure) responded

Hi,

Currently, the gateway private IP addresses are not required for configurations or operations, other than the GatewaySubnet range. They should have been hidden from users. The gateway resource model does not have a field for those either.

There may be use cases for new features down the road. We will update the gateway resource model accordingly and expose those properly.

Thanks,
Yushun [MSFT]

AdminAzure Networking Team (Admin, Microsoft Azure) commented · May 7, 2018

Taking offline with Farouk to further clarify.

Thanks,
Yushun [MSFT]
Add DNS name label to private IPs
42 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
5 comments · Networking » Domain Name Service (DNS, Traffic Manager) · Flag idea as inappropriate… · Delete… · Admin →

started · AdminAzure Networking Team (Admin, Microsoft Azure) responded

Azure DNS Private Zones is in Public Preview, which supports split-horizon scenarios.
https://docs.microsoft.com/en-us/azure/dns/private-dns-overview

We will support non-empty Vnets very soon. Stay tuned !

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Apr 23, 2018

Hello, we are working on supporting existing (non-empty) VNETs. This is coming very soon ! Stay tuned.
automatically download the latest ip ranges used by MS Azure Datacenters
14 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
2 comments · Scripting and Command Line Tools » Xplat-CLI · Flag idea as inappropriate… · Delete… · Admin →

under review · AdminAzure Networking Team (Admin, Microsoft Azure) responded

Thank you for the feedback. We now have a report that is generated weekly on Mondays: Azure Service Tags JSON (https://www.microsoft.com/en-us/download/details.aspx?id=56519). This file includes all of the Service Tags and data by regions. This is an improvement over previous files as it includes tagging by Service Tag. We recommend you move to using this file and check weekly for updates. The file is broken out by Cloud (I.e. Public) and region (i.e., West US 2). We will take the RSS Feed request under advisement.
More frequent NSG Flow log rollover, and consumption into Traffic Analysis
4 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
1 comment · Networking » Network Watcher · Flag idea as inappropriate… · Delete… · Admin →

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Apr 10, 2018

Thanks for your suggestion, it is an identified requirement and we are evaluating it to reduce frequency from one hour to near real-time.
Traffic analytics error reporting IP vs NIC
1 vote
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
planned · 1 comment · Networking » Bugs · Flag idea as inappropriate… · Delete… · Admin →

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Apr 10, 2018

We have noted this and will soon roll out a fix for multiple app gateways
VNET Gateway VPN Client should have easy way to refresh routes
10 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
3 comments · Networking » VPN Connectivity (Point-to-Site, Site-to-Site) · Flag idea as inappropriate… · Delete… · Admin →

started · AdminAzure Networking Team (Admin, Microsoft Azure) responded

Hi Matt,

Thanks for the feedback. The status of this ask is a bit complicated – it’s partially working, but partially in progress:

1. For existing SSTP P2S VPN, there is no solution but to download the VPN client package again.

2. For IKEv2 P2S VPN, it works by P2S client reconnecting to the Azure VPN gateway. Once they connect again, they will get the new routes. This will apply to changes in VNet address spaces (including VNet peering), newly added S2S/VNet-to-VNet connections, or new routes learned via BGP.

3. The caveat for (2) is that it currently works on Mac and Linux, but Windows require a KB/Update that will be released shortly.

We will provide an update to this item once the Windows update is available.

Thanks,
Yushun [MSFT]

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Mar 8, 2018

Thanks for the feedback - there are two aspects to this ask:

1. Azure P2S route refresh on the client side
2. App Service to leverage the route refresh capability

The work is in progress for (1), but it will not be in band due to protocol limit. For IKEv2 P2S VPN, simply reconnecting P2S clients will enable the client side to learn the new routes. I explained a bit more in another similar ask and will merge this ask to that main item.

Once that's available, will see how App Service can leverage this.

Thanks,
Yushun [MSFT]
custom domain verification for Azure users is a hassle and blocker
13 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
2 comments · Networking » Domain Name Service (DNS, Traffic Manager) · Flag idea as inappropriate… · Delete… · Admin →

need-feedback · AdminAzure Networking Team (Admin, Microsoft Azure) responded

We didn’t see a reply on your specific AD setup. Please feel free to add more detail so we can understand the request more thoroughly.

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Mar 6, 2018

Hi Will, could you provide more details about your AD setup ? Is it hosted in Azure, or OnPrem ? Also, could you clarify what you mean by "Azure Tenant" in this context.
Audit logs for DNS record changes
4 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
2 comments · Networking » Domain Name Service (DNS, Traffic Manager) · Flag idea as inappropriate… · Delete… · Admin →

need-feedback · AdminAzure Networking Team (Admin, Microsoft Azure) responded

Have you tried the Activity Logs feature to see if it handles your use case ? https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-audit

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Nov 7, 2017

Have you tried the Activity Logs feature to see if it handles your use case ? https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-audit
Allow country specific characters in Azure DNS
1 vote
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
under review · 1 comment · Networking » Domain Name Service (DNS, Traffic Manager) · Flag idea as inappropriate… · Delete… · Admin →

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Oct 17, 2017

This is on our immediate backlog and will soon be supported. Stay tuned !
Want that VNet Peering can be created in another Directory
251 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
planned · 12 comments · Networking » Virtual Networks (VNET) · Flag idea as inappropriate… · Delete… · Admin →

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Oct 5, 2017

Unfortunately we do not have any updates at this time, but we will update this post whe the status changes.
Azure Loadbalancer / Application Gateway : Provide basic status indication for nodes
99 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
7 comments · Networking » Load Balancing · Flag idea as inappropriate… · Delete… · Admin →

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Mar 28, 2017

On Application Gateway, backend health is available. Refer to documentation at https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-diagnostics.
Backend heath status of Application Gateway
30 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
4 comments · (General Feedback) » Availability · Flag idea as inappropriate… · Delete… · Admin →

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Mar 28, 2017

Currently inbound internet traffic on port ranges 65503-65534 should be opened for health probes to work. This is documented in FAQ at https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-faq.

Thanks,
Amit
Monitor container network traffic within a node
1 vote
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
2 comments · Networking » Network Watcher · Flag idea as inappropriate… · Delete… · Admin →

under review · AdminAzure Networking Team (Admin, Microsoft Azure) responded

Monitoring communication between containers on the same node is not currently supported with Network Watcher. Thank you for your feedback and we will review your suggestion as we continue to improve the service.

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Mar 3, 2017

Monitoring communication between containers on the same node is not currently supported with Network Watcher. Thank you for your feedback and we will review your suggestion as we continue to improve the service.
Decouple vNIC count from VM Size
19 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
2 comments · Networking » Virtual Networks (VNET) · Flag idea as inappropriate… · Delete… · Admin →

under review · AdminAzure Networking Team (Admin, Microsoft Azure) responded

Thank you for your suggestion. We are still considering including this in our roadmap.

AdminAzure Networking Team (Admin, Microsoft Azure) commented · Feb 24, 2017

This is still being considered.
subnet expansion
33 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
1 comment · Networking » Virtual Networks (VNET) · Flag idea as inappropriate… · Delete… · Admin →

under review · AdminAzure Networking Team (Admin, Microsoft Azure) responded

Idea of subnet expansion is in review. The topology view showing VNets, subnets and VMs under that is now available through Netwatcher which was just announced to preview. More information here: https://azure.microsoft.com/en-us/updates/public-preview-network-watcher/

— Narayan [MSFT]
Multiple Network Security Groups per subnet
79 votes
Vote

Sign in
prestine

Your name

Your email address
Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)
0 comments · Networking » Virtual Networks (VNET) · Flag idea as inappropriate… · Delete… · Admin →

planned · AdminAzure Networking Team (Admin, Microsoft Azure) responded

Hi Gaurav

Thanks for the feedback, we are exploring options to cover this scenario, Application Security Groups it’s a good start
https://docs.microsoft.com/en-us/azure/virtual-network/create-network-security-group-preview

← Previous 1 2 Next →

AdminAzure Networking Team (Admin, Microsoft Azure)

My feedback

Allow Network Security Groups (NSGs) to Reference Application Security Groups (ASGs) From Different Location

pls put the two powershell scripts together

Add NSG Service Tag for OMS Services.

Global VNET peering remote gateway and gateway transit support

List the private IP address of a virtual network gateway

Add DNS name label to private IPs

automatically download the latest ip ranges used by MS Azure Datacenters

More frequent NSG Flow log rollover, and consumption into Traffic Analysis

Traffic analytics error reporting IP vs NIC

VNET Gateway VPN Client should have easy way to refresh routes

custom domain verification for Azure users is a hassle and blocker

Audit logs for DNS record changes

Allow country specific characters in Azure DNS

Want that VNet Peering can be created in another Directory

Azure Loadbalancer / Application Gateway : Provide basic status indication for nodes

Backend heath status of Application Gateway

Monitor container network traffic within a node

Decouple vNIC count from VM Size

subnet expansion

Multiple Network Security Groups per subnet

Feedback and Knowledge Base

Searching…

Give feedback

Microsoft Azure

Your password has been reset