3

The DNS records for Front Door were deleted as well. We have an app gateway to the app service, which is under an app service env. I can see traffic on my app gateway:

enter image description here

But none on the app service:

enter image description here

The error I get when I try to access the web app is generic:

:( Application Error If you are the application administrator, you can access the

The health probe on the app gateway was changed to 200-600 to show this error, because it was just a generic 502 at first. I'm not really sure where to even begin troubleshooting this. Any ideas on where I can start checking things?

ernest
  • 1,633
  • 2
  • 30
  • 48

2 Answers2

0

Did you changed the CNAME dns entry to point to your app service instead of the frontdoor address?
I suspect that you have completely removed the CNAME entry instead of changing it to point to your my-app.azurewebsites.net address.
Also check if you have correctly configured the binding to your custom domain for the app service

devTrevi
  • 41
  • 1
  • We are using an app gateway. Would the cname record to the ASE still apply? – ernest Jan 09 '23 at 16:35
  • Sorry I missed the fact that you have an app gateway configured, in this case the DNS should point to the app gateway acting as load balancer, and if you see traffic to the gateway when you make calls to the public address of your app, this seems to be the case. If the app service and the app gateway was working before, maybe the problem could be in the app gateway routing rules that redirect traffic to the old frontdoor address? I would suggest you to check if these rules are pointing to a wrong destination – devTrevi Jan 09 '23 at 20:26
0

Did you originally use the DNS record pointing to the AFD endpoint to point to the App Gateway? If so did you point it back to the App Gateway?

What's the backend settings for the App Gateway look like? Are you overriding the hostname, choosing it from the backend pool name, or not overriding (forwarding hostname from client)?

Also, on the App Service, when you implemented AFD in front did you setup access restrictions under the networking blade? Usually when placing AFD in front of App Service there is a rule to only allow the AFD service tag to reach the App Service so it can't be bypassed.

Lastly, check the environment variables for what port your app service is listening on. From searching that error message I see a lot of mentions about it being NodeJS and there being a mismatch in port configuration. Ensure the app service is listening on the same port as is configured on the App Gateway's backend settings as well as the probe.

DusDee
  • 136
  • 1
  • 5