Application Gateway Integration
Last updated
Inforiver Writeback Matrix On-Prem
Last updated
Application gateway with a firewall would be a very good addition to this setup. This will boost the security and provide additional configuration on the network side. It would also helps you to monitor the traffic and block unwanted traffic.
Please follow the steps below to integrate Application Gateway.
Search for Application Gateway in Azure Marketplace and click on Create
Select the Resource Group, Region and VNet same as the Inforiver app service and select all other options as per need and recommendations. We need to create a new subnet for this gateway, click on ‘Manage subnet configuration’
Proceed to create a new subnet called ‘gateway’ and you may leave the address range as prefilled and ‘Save’
Carefully go back to the ‘Create application gateway’ step without losing any progress and select the newly created subnet and proceed to the next step
Create a new public IP address and proceed to next step
Click on ‘Add a backend pool’ and select the Inforiver app service as a backend target
In this step we need to add the routing information for the gateway
Fill the Listener information as per the screenshot and you may either get the SSL certificate from Key Vault or upload a PFX certificate directly here. We are adding a certificate from Key Vault In this example
Go to the Backend targets and select the already created target then add a new backend setting
Fill the backend setting as per the screenshot and add the setting
Now the configuration part is completed you may proceed to review and create the resource
You may use the public IP address from the Overview page and configure an A record at your DNS server or hosting provider. In this example we have shown GoDaddy DNS.
Finally we need to whitelist the Application gateway at our App service for unrestricted communication. For this, Go to the Networking page of the app service and click on ‘Access Restriction’
Add a new rule in the app service tab and select the gateway subnet to be whitelisted
Validate the Endpoint status is ‘Enabled’
Go to the ‘Backend health’ page in the gateway and make sure you are getting ‘Healthy’ status
The gateway integration part is now completed, and your app service is now fully private, and the inbound traffic can only be allowed through this gateway. You may now choose to have this gateway converted into a Web Application Firewall with a few toggles as shown below
