Azure Web App and regional vNET integration

February 20, 2020 ,

Route outbound traffic of web app to the VNet.

Solution: Integrate web app with VNet for the empty subnet and configure UDR for that subnet to route traffic to the desire location. By default, the web app only forwards RFC 1918 (private  IP) traffic to VNet. We need to need to do some application settings to route all the traffic to the virtual network using app settings WEBSITE_VNET_ROUTE_ALL. After that, outbound traffic flow will be web app->VNet/Subnet->Network Appliance Static public IP. You can whitelist that IP in the third-party payment systems. Even, web app outbound IP got changed there will be no distribution in service.

Let's walk through step by step guide for configuration.

1. Assume the web app has created.

2. Create a virtual network and subnet. You can use default subnet but it's better to name something like XXX-WEBAPP-SUBNET If you have already the virtual network then create an empty subnet. 

3. Navigate to the web app->Networking and click on Click here to configure.

4.  Click on Add VNet.


5. Select the VNet and subnet.

6. You can see the configuration below.

7. You can see the subnet has delegated to Microsoft.web/serversfarms as below.

Configure UDR: add the route as below and then associate the UDR to the subnet.

Configuring Web App: to route traffic to VNet, add app settings WEBSITE_VNET_ROUTE_ALL  with value 1.

15. Navigate to web app->Configuration->Application Settings->New Application Settings.

16. Provide the value as below.