I'm looking to integrate Azure Front Door with an existing Application Gateway. It's difficult finding any documentation on this type of implementation, but I will share my scenario.

The Application Gateway is currently managing all incoming traffic and offloading it to the configured routes which hit specific backendpools. The application is currently externally facing with a public IP address.

In order to configure Azure Front Door would you change the Application Gateway to be internally facing? The reason I justify this is because if it retains a public IP address then doesn't that make it external/exposed? Another note.. I see that inside of this post that for a private IP you can atatch an NSG to the App GW NIC and enable the inbound rules specified? https://learn.microsoft.com/en-us/azure/application-gateway/configuration-infrastructure#network-security-groupsInbound rule | 80,443 | TCP | AzureFrontDoor.backend | VirtualNetwork | Allow Inbound rule | 65200 - 65535 | TCP | Gateway Manager | Any | Allow

What type of DNS changes would you need to do?.. Would the routing remain inside of the App Gateway and you just need to assign the App Gateway as a backend pool?

AFD Configuration with Application Gateway

CodePudding user response：

What type of DNS changes would you need to do?.. Would the routing remain inside of the App Gateway and you just need to assign the App Gateway as a backend pool?

Azure Front Door will take care of global routing whenever we were configuring the backend pool as App Gateway load balancer. I have replicated the same with two application gateway endpoints via the front door.

Solution is kept origin details as Custom

Host Name as DNS name of Applicaiton gateway hostname

Step1:
Hosted two application gateway connection which are up and running

Step2:
Establishing connection for Front Door CDN service

Step3:
Gateway configurations for Origin group and added both Application Gateway End Point details.

Origin Type: Custom
Host Name: Provide Public IP
Origin Host Name: Application Gateway URL
Find details from the Application Gateway service

Testing URL from Applicaiton Gateway URL directly:

The same from Front Door URL