本文介绍了为什么Azure Application Gateway需要一个空子网的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!



When I try to execute New-AzureRmApplicationGatewayIPConfiguration to create an application gateway, I get an exception:

Subnet xxx cannot be used for application gateway yyy since subnet is not empty.


I encountered this error when I tried to add the application gateway to the same subnet as the backend servers.


Why is this not an option? Does each gateway require a separate subnet? What is the recommended configuration?


  • 文档说,后端服务器属于虚拟网络子网时,可以添加它们.如果应用程序网关必须位于单独的子网中,后端服务器如何才能属于该应用程序网关的虚拟网络子网?
  • 如何在后端服务器上不需要公用IP地址的情况下配置应用程序网关?



The application gateway must be in a subnet by itself as explained in the documentation, hence the reason it is not an option. Create a smaller address space for your application gateway subnet (CIDR 'x.x.x.x/29') so you're not wasting IP addresses unnecessarily.


It's a good practice to strive for a multi-tier network topology using subnets. This enables you to define routes and network security groups (ie: allow port 80 ingress, deny port 80 egress, deny RDP, etc.) to control traffic flow for the resources in the subnet. The routing and security group requirements for a gateway are generally going to be different than routing and security group requirements of other resources in the virtual network.

这篇关于为什么Azure Application Gateway需要一个空子网的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

10-16 15:22