3

I have created an application gateway with WAF (default detection mode) in an Azure Resource Group (no ASE) with an App Service Web App backendPool member/target MS link (followed instructions to the letter both via the Azure Portal and via PowerShell).

Im not using any custom domains, just the basic config with my backendPool member being an Azure Web App ie mywebapp.azurewebsites.net (Web App is a basic ASP.NET test site which runs fine on its .azurewebsites.net address).

MS application gateway documentation states they now support App Services as backendPool targets (FQDN/which I use).

My basic httpSettings, basic listener and rule are all setup correctly as far as Im aware (HTTP port 80.

So in essence my app gateway should listen on port 80 of the public IP attached to it and forward any incoming requests to the backendPool member (Web App).

But when I try to access the gateways public IP (or DNS address) I keep getting an 'Azure 404 Web Site not found.' page/error.

Strangely if I stop the Web App from the Azure portal I get a 502/bad gateway error until I restart the Web App where the 404 page returns.

I dont know if Im missing anything here? Does anyone have any suggestions at all? I cannot seem to get this working.

cty
  • 357
  • 5
  • 16

1 Answers1

5

You probably are missing a couple of configuration elements. Backend http settings should require 'PickHostNameFromBackendAddress' flag. You should also use a custom probe which has 'PickHostNameFromBackendHttpSettings' flag set. The end to end PowerShell documentation is at link which details your scenario.

amsriva-msft
  • 319
  • 1
  • 5
  • I had to use PowerShell, I thought I'd already tried that but the link you provided worked - thanks! – cty Apr 04 '18 at 17:22
  • You just helped me fix an issue I've been having for a couple day, Thanks! – Gowiem Jun 28 '18 at 19:37
  • Thanks, this worked for me (App gateway infront of web app worked through powershell, but not when configured through portal). Is the 'PickHostNameFromBackendAddress' flag not enabled by default from the portal? – aazeem Aug 28 '18 at 15:50
  • but in my case my web app having a ssl certificate so i need to rub it in https and port 443 not on http and port 80 ,so how i can do that ???? – Sayed Azharuddin Sep 05 '18 at 10:40
  • There is a bug with the Azure Portal GUI. Upon ticking the "Pick host name from backend address" checkbox and hitting save, it doesn't actually get persisted. I had to do it manually using powershell. It's mapped to the PickHostNameFromBackendAddress field. I'm using the WAF tier. Strangely enough I tried using WAF V2 tier and it didn't have this persisting problem. – Frank Fu Oct 16 '18 at 07:35
  • Further findings : I've noticed that if you create a "healthprobe" and attach it against a "backendhttpsetting" then the the flag "PickHostNameFromBackendAddress" will actually persist upon saving. – Frank Fu Oct 18 '18 at 01:58