Hello Community, i have some questions and maybe i don't understand something about vnetting in Azure. I have 1 VNET in my resource group with 2 subnets.

I have also a App Service Plan S1 with windows (There is running a app service) for the frontend and a second App Service Plan S1 with Linux with 3 Function Apps for the Backend.

For the Frontend (Windows App Service Plan) i have added in the networking section an IP restriction for my IP so the public internet access is disabled. The 3 Function Apps should only be able to communicate with the Frontend AppService and the ServiceTag AzureDevOps. Right now the 3 function apps are public in the internet. (Security issues!)

How can i configure the VNET? I've already tried to:

Windows Frontend App Service --> Outbound Traffic VNET to SubNet1

Linux Plan Function Apps --> Inbound Traffic Allow to SubNet1, Outbound Traffic VNET to SubNet2 (SubNet1 is greyed out so i have to choose the second subnet. But it should not be the problem because every subnet in the same vnet can talk to each other right?!)

After i configured this i get some CORS Errors when i open the frontend app like this: (Without the networking config i get no errors because function apps are public then) .... has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

What i have to do?