Forum Discussion
1311archit
Aug 29, 2024Copper Contributor
Firewall Tls Inspection With AKS
I was working with azure firewall tls inspection with Azure AKS. I deployed following test infra:- - AKS - Nginx Ingress Controller with internal loadbalancer. - Cert Manager with Lets-encrypt. ...
kyazaferr
Sep 02, 2024MCT
Firewall Rules: Ensure that the Azure Firewall rules are correctly configured to handle TLS traffic and that the inspection policies are applied to the relevant traffic flows.
DNS and Routing: Confirm that DNS records and routing rules are correctly pointing to the Azure Firewall’s public IP, and that there are no misconfigurations causing traffic to bypass the firewall.
SSL/TLS Certificates: Verify that the Azure Firewall’s SSL/TLS inspection is properly configured and that the certificate chain is correctly set up. This includes checking if the Azure Firewall certificate is correctly placed in the Key Vault and accessible.
Application Gateway Integration: If using an internal load balancer with the Nginx Ingress Controller, make sure the integration with Azure Firewall is correctly set up to allow inspection.
Client Browser Cache: Sometimes, browsers cache certificates. Try clearing the browser cache or using a different browser to see if the issue persists.
TLS Inspection Policies: Ensure that the TLS inspection policies are correctly configured and applied in the Azure Firewall to intercept and inspect the traffic.
DNS and Routing: Confirm that DNS records and routing rules are correctly pointing to the Azure Firewall’s public IP, and that there are no misconfigurations causing traffic to bypass the firewall.
SSL/TLS Certificates: Verify that the Azure Firewall’s SSL/TLS inspection is properly configured and that the certificate chain is correctly set up. This includes checking if the Azure Firewall certificate is correctly placed in the Key Vault and accessible.
Application Gateway Integration: If using an internal load balancer with the Nginx Ingress Controller, make sure the integration with Azure Firewall is correctly set up to allow inspection.
Client Browser Cache: Sometimes, browsers cache certificates. Try clearing the browser cache or using a different browser to see if the issue persists.
TLS Inspection Policies: Ensure that the TLS inspection policies are correctly configured and applied in the Azure Firewall to intercept and inspect the traffic.