Member-only story
Introduction
In my last post, we examined how to create an NGINX Ingress Controller to control IP access. This is fine for direct access from the internet, but the front endpoint this is not a Load Balancer.
- Application Gateway
- Front Door.
If you have a layer 7 load balancer such as, or a component that controls Internet traffic as the first stage, additional settings are required. The reason is that they rewrite the HTTP headers, and the source IP address that can be obtained on the backend is that of the component in front of them, not that of the client that sent the request.
Front Door settings
First, make the following settings to connect Front Door and AKS. The AKS endpoint is a Load Balancer, so specify this.
- In Add Backend, select Public IP Address as the host type.
- Select the resource with the corresponding IP address for the host name.
If you do not control access with the Ingress Controller at this point, you will be able to access the application normally with the URL of the Front Door. However, since the previous app1 has access control, when accessing through the Front Door, NGINX returns an HTTP 403 error because it is different from the IP…
