This post is about fixing the Azure application gateway issue caused by health probe settings.
Environment
Azure Application Gateway Standard Tier, Medium SKU, one instance count
Network setting such as VNET peering, subnets, route tables
No NSG, firewall and Web Application Firewall in place
The backend pool, backend settings, listeners and rules are all looking ok
No custom domain/DNS is configured as of yet
Default health probe with the default setting
The Application Gateway page shows error “All the instances in one or more of your backend pools are unhealthy. This will result in a 502 error when you try to access your application hosted behind the Application Gateway. Please check the backend health and resolve the issue.”
Health Staus page give the below error:
Unable to retrieve health status data. Check presence of NSG/UDR blocking access to ports 65503-65534 from Internet to Application Gateway. To learn more visit – https://aka.ms/UnknownBackendHealth
Solution
It is pretty painful to troubleshoot Azure Application Gateway issues as HTTP 502 server error can be caused by a list of reasons, going through Microsoft Office documentation first:
https://learn.microsoft.com/en-us/azure/application-gateway/application-gateway-troubleshooting-502
Since no custom DNS/Domain configured, the default Health probe is configured “NOT to pick host name from backend settings”. The fix is to configure a customize health probe with “pick host name from backend settings” enabled
Then associate it with the backend setting
