Forum Discussion
Azure App Service Environments Internal and External access
I am looking to deploy a internal Intranet site and an external internet site and i would like to try and use Azure Web Apps to do this. The intranet should only be accessible from internal networks however the public facing website will obviously need to be accessible from anywhere.
At the moment it is looking like i would need to deploy an App Service Environment and host the intranet site in there but it would be nice if i could then create a separate app and host that from within the same ASE. I suspect i could do it if i put a web application gateway on the network with a public IP but i want to try and avoid that as it is additional management and overhead.
How have others done this? Do you just host Web Apps using multiple app service plans?
1 Reply
Hi, I’d normally keep the internal and public workloads separated at the network boundary. An internal ASE is a good fit for the intranet app, but for the public-facing app I’d usually use a regular App Service or a separate public-facing setup unless there is a strong reason to place both in the ASE. You can front things with Application Gateway or Front Door depending on the design, but mixing internal-only and public entry points in the same environment can make the network and security model harder to reason about.