Configuring The Utility Guidelines In Azure Firewall
Introduction
In our earlier article, we realized find out how to deploy the Azure Firewall; and configure the DNAT Guidelines in Azure Firewall. At present, we are able to entry our Digital machine. We will entry web sites with none restrictions; this text will discover ways to prohibit the web sites utilizing the Utility Guidelines within the Azure Firewall.
Step 1
Log in to our Digital Machine and check out some URLs within the net browser; we are able to entry it with none points.
Step 2
We have to create a Route desk to limit the general public web entry, so choose the Create a useful resource and search Route Desk.
Step 3
Within the create Route desk web page, choose the subscription, Useful resource group, enter the Route desk’s identify, click on create + overview, and click on Create.
Step 4
Now, we have to affiliate our subnet to our route desk, so choose Subnets underneath the Settings and click on + Affiliate, choose the Digital community, choose the Digital machine’s subnet, and click on okay.
Step 5
We have to add the route, choose Routes underneath the settings, and click on + Add.
Step 6
Within the Add route, enter the identify for the route; within the Handle prefix, enter 0.0.0.0/0 choose the Subsequent hope kind is Digital appliance, and the next-hop deal with is our Firewall’s personal IP deal with and clicks Okay. So any site visitors coming from exterior the site visitors goes robust the digital equipment (Firewall).
Step 7
After we kind the URL within the Digital machine, we’ll obtain the Motion Deny message.
Step 8
We’ll allow the Utility rule to entry the URL, so go to the Azure Firewall and choose the Firewall coverage.
Step 9
Choose the Utility rule underneath the settings and click on + Add a rule assortment.
Step 10
Within the add rule assortment, enter the beneath parameters,
- Title: identify for the rule
- Rule assortment kind: Utility
- Precedence: 100
- Rule assortment group: DefaultApplicationRuleCollectionGroup
- Guidelines
- Title: AllowGoogle
- Supply: our Digital Machines IP deal with
- Protocol: HTTP and HTTPS
- Vacation spot kind: FQDN
- Vacation spot: www.google.com, .google.com,
Step 11
After we refresh the browser once more, we are able to reaccess Google.