Application Gateway v2 Custom Health Probe not working

%3CLINGO-SUB%20id%3D%22lingo-sub-1603164%22%20slang%3D%22en-US%22%3EApplication%20Gateway%20v2%20Custom%20Health%20Probe%20not%20working%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1603164%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20all%2C%3C%2FP%3E%3CP%3EI%20have%20an%20application%20running%20behind%20an%20Azure%20Application%20Gateway%20v2.%20With%20the%20default%20health%20probe%20everything%20works%20fine.%20Communication%20from%20AppGW%20to%20application%20is%20http%2Fport%2080%2C%20AppGW%20does%20SSL%20offloading%20without%20reencryption.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20default%20health%20probe%20doesn't%20check%20the%20path%20of%20the%20application%20on%20the%20server%2C%20meaning%20it%20considers%20the%20application%20as%20healthy%2C%20even%20if%20it's%20not%20(because%20application%20e.g.%20has%20error).%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20would%20need%20to%20check%20the%20following%20url%20with%20a%20custom%20health%20probe%3A%3C%2FP%3E%3CP%3E%3CA%20href%3D%22http%3A%2F%2Fapplication.domain.local%2Fapplication%2Flogin.jsp%3Fsso%3Dn%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttp%3A%2F%2Fapplication.domain.local%2Fapplication%2Flogin.jsp%3Fsso%3Dn%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E-%20The%20custom%20health%20probe%20does%20not%20work%20(Status%20code%20500)%3C%2FP%3E%3CP%3E-%20Need%20the%20full%20url%20to%20bypass%20forwarding%20to%20Azure%20AD%20single%20sign%20on%3C%2FP%3E%3CP%3E-%20When%20I%20query%20the%20same%20URL%20from%20a%20machine%20via%20powershell%20(invoke-webrequest%26nbsp%3B%3CA%20href%3D%22http%3A%2F%2Fapplication.domain.local%2Fapplication%2Flogin.jsp%3Fsso%3Dn%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttp%3A%2F%2Fapplication.domain.local%2Fapplication%2Flogin.jsp%3Fsso%3Dn%3C%2FA%3E%26nbsp%3B)%20I%20get%20a%20status%20200%20OK%20from%20the%20server.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20I%20shorten%20the%20url%20for%20the%20custom%20probe%20to%26nbsp%3B%3CA%20href%3D%22http%3A%2F%2Fapplication.domain.local%2Fapplication%2Flogin.jsp%3Fsso%3Dn%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttp%3A%2F%2Fapplication.domain.local%2Fapplication%2F%3C%2FA%3E%26nbsp%3Bthen%20I%20also%20receive%20status%20200%20OK.%3C%2FP%3E%3CP%3E-%20Looks%20like%20there's%20problem%20with%20the%20last%20part%20of%20the%20url.%26nbsp%3B%3C%2FP%3E%3CP%3E-%20Tells%20me%20that%20the%20general%20config%20of%20the%20custom%20probe%20should%20be%20fine%20(servers%20can%20be%20reached%2C%20are%20hit%20with%20the%20correct%20hostname%2Fport%2C%20etc).%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20ideas%20what%20I%20could%20test%3F%3C%2FP%3E%3CP%3EAre%20there%20incompatibilities%20with%20.jsp%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%20in%20advance!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1603164%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EApplication%20Gateway%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Highlighted
Occasional Visitor

Hi all,

I have an application running behind an Azure Application Gateway v2. With the default health probe everything works fine. Communication from AppGW to application is http/port 80, AppGW does SSL offloading without reencryption.

 

The default health probe doesn't check the path of the application on the server, meaning it considers the application as healthy, even if it's not (because application e.g. has error).

 

I would need to check the following url with a custom health probe:

http://application.domain.local/application/login.jsp?sso=n 

- The custom health probe does not work (Status code 500)

- Need the full url to bypass forwarding to Azure AD single sign on

- When I query the same URL from a machine via powershell (invoke-webrequest http://application.domain.local/application/login.jsp?sso=n ) I get a status 200 OK from the server.

 

If I shorten the url for the custom probe to http://application.domain.local/application/ then I also receive status 200 OK.

- Looks like there's problem with the last part of the url. 

- Tells me that the general config of the custom probe should be fine (servers can be reached, are hit with the correct hostname/port, etc).

 

Any ideas what I could test?

Are there incompatibilities with .jsp?

 

Thank you in advance!

 

 

 

0 Replies