How to Use Azure Application Gateway

This guide provides step-by-step instructions and best practices for deploying, configuring, and managing Azure Application Gateway to effectively route and secure your web traffic.

1. Deploying Application Gateway

Learn how to create and deploy an Application Gateway instance using the Azure portal, Azure CLI, or ARM templates.

Using the Azure Portal

  1. Navigate to the Azure portal and search for "Application Gateway".
  2. Click "Create application gateway".
  3. Fill in the required details, including subscription, resource group, name, region, SKU, tier, and instance count.
  4. Configure frontend IP addresses (public or private).
  5. Define backend pools, health probes, and HTTP settings.
  6. Set up listeners and routing rules.
  7. Review and create the gateway.

Using Azure CLI

az network application-gateway create \
    --name myAppGateway \
    --resource-group myResourceGroup \
    --location eastus \
    --sku Standard_v2 \
    --public-ip-address myAppGatewayPublicIP \
    --vnet-name myVnet \
    --subnet mySubnet \
    --servers server1.contoso.com server2.contoso.com

2. Configuring Listeners and Rules

Understand how to set up listeners for different protocols (HTTP/HTTPS) and configure routing rules to direct traffic to your backend servers.

HTTP Settings

HTTP settings define how Application Gateway communicates with your backend pools. Key configurations include:

  • Protocol (HTTP/HTTPS)
  • Port
  • Cookie-based affinity
  • Connection draining
  • Request timeout

Path-based Routing

Set up rules to route traffic based on the URL path. For example:

  • /images/* to a backend pool serving images.
  • /api/* to a backend pool serving API requests.
Learn More about Path-Based Routing

3. Enabling SSL/TLS Termination

Secure your web applications by terminating SSL/TLS connections at the Application Gateway.

  1. Obtain an SSL certificate.
  2. Upload the certificate to Application Gateway through the portal or CLI.
  3. Configure your listener to use HTTPS and select the uploaded certificate.

4. Implementing Web Application Firewall (WAF)

Protect your web applications from common web exploits and vulnerabilities using Azure WAF with Application Gateway.

WAF policies can be configured to block or log malicious requests based on predefined or custom rules.

Configure WAF Policies

5. Monitoring and Troubleshooting

Utilize Azure Monitor and Application Gateway logs to gain insights into performance and troubleshoot issues.

  • Metrics: Monitor request count, latency, and error rates.
  • Activity Log: Track operations performed on your Application Gateway.
  • Diagnostic Logs: Access detailed logs for traffic, WAF, and connection data.
View Monitoring Details