Deploying an Application Behind a Firewall on Azure

Sowmya VallepuSowmya Vallepu
3 min read

In this guide, we will walk through deploying an application behind a firewall on Microsoft Azure. This step-by-step process ensures security by restricting access to only authorized users.

Step 1: Creating the Virtual Network (VNet)

  1. Log in to your Azure portal.

  2. Navigate to Virtual Networks and click Create.

  3. Configure the VNet:

    • Choose a Resource Group.

    • Provide a Name for the VNet.

    • Select a Region.

    • Configure IP Address Space.

  4. Click Review + Create, then Create.

Step 2: Setting Up Azure Bastion and Firewall

  1. Inside your newly created VNet, go to Subnets.

  2. Enable Azure Bastion for secure access:

    • Navigate to Bastion under the VNet.

    • Click Create Bastion and configure it.

  3. Enable Azure Firewall:

    • Deploy Azure Firewall in the VNet.

    • Azure will automatically create the required subnets (AzureBastionSubnet and AzureFirewallSubnet).

    • Assign a public IP to the firewall.

Step 3: Creating the Virtual Machine (VM)

  1. Navigate to Virtual Machines in the Azure portal.

  2. Click Create a new VM.

  3. Configure the following:

    • Choose the same VNet created earlier.

    • Select an operating system (e.g., Ubuntu).

    • Configure Administrator credentials.

    • Choose a size based on requirements.

  4. Click Review + Create, then Create.

Step 4: Connecting to the VM via SSH

  1. Once the VM is running, copy the private IP address (since we are using Bastion).

  2. Open Azure Bastion and enter the VM credentials to connect securely.

Step 5: Installing and Configuring Nginx on the VM

  1. Update the system:

     sudo apt-get update

  2. Install Nginx:

     sudo apt-get install nginx -y

  3. Navigate to the HTML directory:

     cd /var/www/html

  4. Create and edit an HTML file:

     sudo vim index.html

  5. Add the following content and save:

     <h1>I learned Azure Networking</h1>

  6. Restart Nginx to apply changes:

     sudo systemctl restart nginx

  7. Verify the setup:

     curl localhost:80
    • This should display your HTML content.

Step 6: Configuring Azure Firewall Rules

  1. Go to Azure Firewall in the portal.

  2. Under Rules, configure an Inbound Rule:

    • Source: Any or a specific IP range.

    • Destination: The VM’s private IP.

    • Protocol: TCP.

    • Port: 80 (for HTTP traffic).

    • Action: Allow.

  3. Apply the rule to enforce network security.

Step 7: Accessing the Application

  1. Copy the public IP address of the Azure Firewall.

  2. Open a terminal and access the application using SSH tunneling:

     <ipaddress:port>

  3. Open a web browser and enter:

     http://localhost:8080

  4. You should see the webpage displaying "I learned Azure Networking".

  5. You should see the webpage displaying "I learned Azure Networking".

Conclusion

By following these steps, we successfully deployed an application behind a firewall on Azure. This setup ensures controlled access, improving security while maintaining availability.

0
Subscribe to my newsletter

Read articles from Sowmya Vallepu directly inside your inbox. Subscribe to the newsletter, and don't miss out.

AzurefirewallMicrosoftvirtual machinevirtual-networkBastion

Written by

Sowmya Vallepu
Sowmya Vallepu

I am currently pursuing my master's degree at Indiana Wesleyan University, with a focus on expanding my knowledge and expertise in the field of DevOps. Previously, I worked as an Azure DevOps Engineer at RSI SoftTech India Private Limited, where I gained 3 years of hands-on experience in managing Azure DevOps pipelines, cloud infrastructure, and automation processes. During my time in this role, I developed a deep understanding of CI/CD, version control, and deployment strategies. I am passionate about continuous learning and improving software development workflows to drive efficiency and scalability. My goal is to leverage my academic and professional experiences to contribute to innovative DevOps practices in the future.