You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
# Connect Azure Front Door Premium to an Azure Application Gateway with Private Link (Preview)
16
16
17
17
This article guides you through the steps to configure an Azure Front Door Premium to connect privately to your Azure Application Gateway using Azure Private Link.
18
18
19
+
::: zone pivot="front-door-portal"
20
+
21
+
## Prerequisites
22
+
23
+
- An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
24
+
- Have a functioning Azure Front Door Premium profile and an endpoint. For more information on how to create an Azure Front Door profile, see [Create a Front Door](create-front-door-portal.md).
25
+
26
+
- Have a functioning Azure Application Gateway. For more information on how to create an Application Gateway, see [Direct web traffic with Azure Application Gateway using Azure portal](../application-gateway/quick-create-portal.md)
27
+
28
+
## Enable private connectivity to Azure Application Gateway
29
+
30
+
Follow the instructions in [Configure Azure Application Gateway Private Link](../application-gateway/private-link-configure.md), but don't complete the final step of creating a private endpoint.
31
+
32
+
## Create an origin group and add the application gateway as an origin
33
+
34
+
1. In your Azure Front Door Premium profile, go to *Settings* and select **Origin groups**.
35
+
36
+
1. Click on **Add**
37
+
1. Enter a name for the origin group
38
+
1. Select **+ Add an origin**
39
+
1. Use the following table to configure the settings for the origin:
40
+
41
+
| Setting | Value |
42
+
| ------- | ----- |
43
+
| Name | Enter a name to identify this origin. |
44
+
| Origin Type | Application Gateway |
45
+
| Host name | Select the host from the dropdown that you want as an origin. |
46
+
| Origin host header | Will be autopopulated with the IP of the chosen Application Gateway|
47
+
| HTTP port | 80 (default) |
48
+
| HTTPS port | 443 (default) |
49
+
| Priority | Assign different priorities to origins for primary, secondary, and backup purposes. |
50
+
| Weight | 1000 (default). Use weights to distribute traffic among different origins. |
51
+
| Region | Select the region that matches or is closest to your origin. |
52
+
| Target sub resource | Name of the Azure Application Gateway frontend IP configuration. |
53
+
| Request message | Enter a custom message to display while approving the Private Endpoint. |
54
+
55
+
:::image type="content" source="media/private-link/application-gateway-private-link.png" alt-text="Screenshot of origin dettings for configuring Application Gateway as a private origin.":::
56
+
57
+
1. Select **Add** to save your origin settings
58
+
1. Select **Add** to save the origin group settings.
59
+
60
+
## Approve the private endpoint
61
+
62
+
1. Navigate to the Application Gateway you configured with Private Link in the previous section. Under **Settings**, select **Private link**.
63
+
64
+
1. Select **Private endpoint connections** tab.
65
+
66
+
1. Find the *pending* private endpoint request from Azure Front Door Premium and select **Approve**.
67
+
68
+
1. After approval, the connection status will update. It can take a few minutes for the connection to fully establish. Once established, you can access your Application Gateway through Front Door. Direct access to the Application Gateway from the public internet is disabled once private endpoint is enabled.
69
+
:::image type="content" source="media/private-link/application-gateway-private-endpoint-connections.png" alt-text="Screenshot of private endpoint connections tab in Application Gateway portal.":::
0 commit comments