问题
We have an Azure web app behind the Azure Application Gateway. Network restriction has enabled at web app level (only application gateway can access the web app). Incoming traffic comes through traffic manager but while web app response then it directly communicates with third party services. It does not go through the application gateway.
Is there any way to force the web app outbound traffic to go through an application gateway.
thanks
回答1:
Azure App Services use different outbound and inbound interfaces.
For firewall, as the article says:
You can't know beforehand which IP address a given app instance will use to make the outbound connection, so your back-end service must open its firewall to all the outbound IP addresses of your app.
https://docs.microsoft.com/en-us/azure/app-service/overview-inbound-outbound-ips
So, I do not think that is possible.
回答2:
I got the workaround solution for this issue using Azure NAT Gateway. Please refer to the below link for details. https://sakaldeep.com.np/1159/azure-nat-gateway-and-web-app-vnet-integration-to-get-static-outbound-ip
回答3:
As of last week this is now supported with Azure NAT gateway. https://azure.github.io/AppService/2020/11/15/web-app-nat-gateway.html
来源:https://stackoverflow.com/questions/60211204/web-app-outbound-response-not-going-through-application-gateway