Sometimes companies requires simple URL redirections and those have been made several different ways for different services. Some organizations has used some ADC (Citrix ADC [Netscaler] or F5 or Nginx etc.) to redirect URL’s to the target application. You can do the same thing with an Application Gateway (in SKU 2 and SKU2 + WAF). If you are publishing some applications with Application Gateway, you are already paying for it, so why not to use it also for URL redirections.
You can use URL redirections to give more simplified addresses for your end users. As on example your company is Bloggerz Inc. You would like to inform your end users that they can reset their passwords from https://pwreset.bloggerz.cloud. DNS points pwreset.bloggerz.cloud towards application gateway’s public IP where is the redirection rule to https://passwordreset.microsoftonline.com/.
Another use case is that you deploy Windows Virtual Desktop service for your company’s internal and external users. To give HTML5-client access for users, you have to redirect them towards https://rdweb.wvd.microsoft.com/arm/webclient. You can brand the WVD internally with some name and use it to publish the service or just publish it with a URL https://wvd.bloggerz.cloud. Wvd.bloggerz.cloud points in DNS towards the HTML5-client URL and end user does not have to remember the whole URL, only the branded URL.
Application Gateway configuration for URL Redirections
You have to configure application gateway to get the redirection working. I suppose that you have already public frontend IP in your AppGw. If not you can create it from Frontend IP Configuration page. First you configure a listener that tells which site it is listening about in what IP. Second you configure a rule for the redirection itself.
First create a listener for your host. Select multi site and provide a hostname for the redirection.
Keep in mind, that you must do the same for HTTPS-protocol and provide the certificate for the listener. Certificate must include of course the hostname that you are redirecting from otherwise it is not working correctly. You can import the certificate to the Application Gateway or save it to the key vault and access it with a managed identity.
Add your HTTPS listener almost the same way than HTTP listener. You must select only HTTPS as a protocol, upload the certificate in .pfx-format, give a name for recognition of a certificate in application gateway and a password for the certificate encryption.
To make a redirect rule, create a new rule to Application Gateway and give a descriptive name for it. Select the listener that you wish to redirect. In backend targets choose Redirection as a permanent mode and target type External site. For target URL place your target URL. Now just save the rule. Remember to create separate rules for HTTP and HTTPS listeners.
You must create a DNS Records to the public DNS server of your domain to redirect public name to right IP-address. For example:
wvd.bloggerz.cloud A 220.127.116.11
Your target IP is found under public endpoint in Frontend IP Configurations in Application gateway.
You don’t have to anymore host any 3rd party appliances or custom websites for redirections. You probably have already some Application Gateway in your Azure that you can use for these redirections. Remember to use all power of it!