Forum Discussion

venu15's avatar
venu15
Copper Contributor
Apr 25, 2023

Need Help on Azure Firewall Deny and Allow actions

Dear Members,

 

i have Azure Firewall with two set of action type Allow and Deny  as shown in the below screenshot.

in this two action we have same rule defined in the both actions

 

SMTP Network rule is defined in the both allow and deny action, now i need to check which action goes first

 

Here How does that work?  When does that deny rule get evaluated compared to the priority 112 rule?

 

Does the rule block the traffic it is supposed to and does it still allow the other traffic? how can we check the logs if the rule is allowing traffic still.

 

Please advise on this. thank you

 

  • danieljsaldana's avatar
    danieljsaldana
    Copper Contributor
    The priority defines which rule applies first, in this case it would be rule 112.

    If, for example, you allow SMTP traffic in rule 112 and then deny it in rule 903, this last rule would not apply. Once a rule matches a service, you don't need to process another rule for the same service.

Resources