Load Balancer in front of Application Gateway, port steering

Copper Contributor


I have both HTTP(S) and non-HTTP(S) traffic going into a VM. I would like to have a WAF for the HTTP(S) so I have created an Application Gateway and connected it with the VM which works well. However, I have non-HTTP(S) traffic as well going over different ports which I would like to go straight to VM. To split the traffic I have created a Load Balancer with the previously mentioned AppGw in its backend pool. I have configured the AppGw's private IP, listener for it, backend settings and backend pool with VM in it. Unfortunately, I am not able to connect to the VM using the Load Balancer public IP and HTTP. Is it possible to have an LB in front of the AppGw? If not, does anyone have an idea on how we split the traffic while still having an AppGw just for HTTP(S)? Thanks!

4 Replies
I have seen many people put a load balancer as a backend pool for application gateway, but never saw the opposite. In the first place, application gateway can only handle HTTP/S traffic only, so using it for anything else will not work.

I don't see a good reason to put the application gateway behind a load balancer. Better option will be to create a backend pool in your load balancer and put the VMs in the AppGw backend in that pool, not the AppGw. Of course, you will have different IPs for the HTTP and non HTTP traffic this way but it should work.
L4 Application Gateway is in private preview and it will handle not only HTTP/S traffic, but also layer 4 TCP traffic. All of your problems will soon be solved =)
Do you have a reference for the preview of Layer 4 App Gateway, please?



Do you think there is a simple diagram for your current network connection?