Questions tagged [azure-networking]
Questions related to azure networking: Virtual Networks, Load Balancers, routes, gatewayes and vpn/expressroute
373 questions
1 vote
2 answers
205 views
Azure VM firewalling does not allow port 161,162 (SNMP) over IPv6?
I want to collect SNMP data from Azure VM over IPv6 but have come to the conclusion that traffic on port 161-162 over IPv6 isn't allowed. This is with NSG on the VM. Any documentation as to why this ...
- 1,364
0 votes
0 answers
25 views
Why does egress to Ingress Controller IP not work, but label selector does in NetworkPolicy?
I'm facing a connectivity issue in my Kubernetes cluster involving NetworkPolicy. I have a frontend service (ssv-portal-service) trying to talk to a backend service (contract-voucher-service-service) ...
- 211
0 votes
0 answers
76 views
Get original (forwarded) client IP in Azure Logs of an Azure FrontDoor routed to WebApp Service (linux)?
My goal is to be able to inspect in the AppServiceHTTPLogs the original client IP and not the IP address provided by the Front Door "proxy" itself. The main issue is that the "X-...
- 121
0 votes
1 answer
101 views
Azure Migrate Assessment fails for AWS Windows Server: WinRM error due to certificate not found for HTTPS transport
I'm attempting to migrate a t2.xlarge Windows Server (hosted on AWS) to Azure using the Azure Migrate tool. To do this, I’ve set up an appliance server on AWS with the following specs: Instance type: ...
- 101
0 votes
0 answers
29 views
Azure MultiContainer WebApp deployment issue
Background: I am trying to deploy a multi-container web app using docker-compose. Docker compose file is shared below. backoffice and frontoffice (laravel) images are being pulled from ACR. Rest 2 ...
- 99
0 votes
0 answers
51 views
Resolve domain name to private IP on VNet and publicly resolve to public IP on Azure Web Apps
I have web services running in a subnet on a virtual network. They all have public IP addresses. In an effort to reduce ENAT exhaustion, I am trying to have a private IP returned inside the VNet but ...
- 111
0 votes
0 answers
33 views
In what situations are User Defined Routes not used?
I'm trying to get my head around in what situations user defined routes can be used and cannot be used, as part of a design I'm doing. Take for example Azure Container Apps when in a consumption based ...
- 721
1 vote
0 answers
29 views
Setting up unique proxy on each public IP per NIC on AZURE
ENVIRONMENT Azure VM Ubuntu 18 has: 2 NICs. NIC #1: has 2 public IPs. Private IPS: 10.0.0.4, 10.0.0.5 NIC #2: has one public IP. Private IP: 10.0.0.6 OBJECTIVE How do i ultimately create a HTTP ...
- 11
0 votes
0 answers
38 views
External access for an nginx container in Azure, with access to other vnets
I'm struggling trying to solve a problem of setting up an NGINX as a container with external access and routing traffic to different vnets. I'm aware that a container instance cannot have an external ...
- 101
0 votes
0 answers
136 views
Routing issue between peered VNets and VPN
In order for me to more easily explain, I have added the above graph. A more detailed explanation of my issue follows: I have 2 virtual networks, VNet1 and VNet2, that are peered. Connectivity ...
- 1,704
0 votes
1 answer
83 views
IP-based redirection
I am running a Linux VM on Azure (IaaS) which is providing an SFTP service to the Internet. I am migrating this service back to on-premises, through a firewall on a different public IP address. Sadly, ...
- 3
0 votes
0 answers
76 views
configuring Wordpress on azure app service to avoid canonical issues
I am a non programmer and am looking to host an educational site using word press on Azure app services with azure front door. I learnt about canonical issues and wanted to ensure that the following ...
- 1
1 vote
1 answer
278 views
Dynamic routing with Azure VPN Gateway and with inspection by NVA
I'm searching for possibility to implement a topology like this: Spoke VNETs <====> NVA, for instance FortiGate <=====> VPN Gateway <=====> on-premises To implement this with static ...
- 343
0 votes
1 answer
317 views
Azure Application Gateway: Backend health returns HTTP 463, users get circular loop of 301s
I have an application gateway for which my backend settings are configured with health probes allowing status 200-499 as healthy (I've included the 4xx series codes as some solutions have site roots ...
- 1,408
1 vote
0 answers
120 views
How can I get SignalR to work with a static Azure Web App which is linked to an API which is an App Service?
In Azure, I have an Angular app hosted as a Static Web App and an API hosted as an App Service which also uses SignalR. Recently, to avoid preflight requests, I used the Static Web App feature to link ...
- 131
1 vote
0 answers
60 views
How to connect my Java app to an Azure CosmosDB service with no public access?
This was asked on stackoverflow and is a copy. My Java app is using gradle and the mongo-spring starter dependency: implementation('org.springframework.boot:spring-boot-starter-data-mongodb'). I can ...
- 11
0 votes
2 answers
335 views
Using an Azure private endpoint for Exchange Online Relay - GCC high
We have an online only configuration in Azure GCC high. We have virtual compute. We would like to setup an SMTP relay to be used for notifications as a trusted connection to exchange online. I ...
- 69
0 votes
0 answers
870 views
Better way to block IP Addresses with an Azure VM
I am using Azure for my virtual machines and it gives you a way to block IP addresses in the Network Security Group. However this IP list is getting quite long. Is there a better option to do than ...
- 234
2 votes
1 answer
349 views
Azure VM can't reach remote network with connected VPN
I have setup an Azure VPN gateway with a site to site VPN connection and the status of the VPN Connection is "Connected". I have also created an AKS cluster and an Azure VM in the same ...
- 91
0 votes
0 answers
346 views
TNS error while connecting to an Oracle DB running as ACI through an Azure Application Gateway
I have an Oracel DB runnning as an Azure Container Instance. To connect to the container, I set up an Azure Applicaiton Gateway as described here: Expose a static IP address for a container group Now ...
- 1
2 votes
1 answer
470 views
Accessing azure internal container app though P2S vpn connection
I'm a little new to azure networking so this might be obvious but I'm kind of stuck. I've created an azure VNET. Inside that I've setup a P2S gateway which seems to work fine. I can connect to it and ...
- 21
0 votes
1 answer
284 views
Routing traffic between newly established S2S VPN between AWS and Azure
I am trying to establish a site-to-site VPN connection between AWS and Azure to connect some VMs together. I followed a set of instructions from Microsoft and have successfully connected an Azure ...
- 1
0 votes
1 answer
344 views
How to SSH to different Virtual Machines attached to same Azure Firewall using same port?
We have host-Windows, proxy-Linux(same VNET, different subnets) and sftp-Linux(different VNET and subnet) machines in which SSH is enabled in port 815(SSH is done to domain set to each machines). Now ...
0 votes
1 answer
221 views
Microsoft Defender: extract Automatic log upload data
Is there a way to extract this automatic log upload table from defender: my goal is to use this information to aid in responding to the System alert: Cloud Discovery automatic log upload error alert ...
- 101
0 votes
0 answers
123 views
Azure SQL Datasync IP address
We have to sync 2 SQL servers located in different clouds under the different tenants. One in Azure global cloud and another one is in Azure China. I've created a sync group in global cloud, added ...
0 votes
1 answer
446 views
Azure Private Link Scope (AMPLS) Limits
Can anyone please confirm if this limit of Azure Monitor Private Link Scope (AMPLS) is soft or hard: An AMPLS object can connect to 300 Log Analytics workspaces and 1,000 Application Insights ...
0 votes
0 answers
704 views
Forwarding requests to another Azure Container App in the same environment results in 403 forbidden
-- Copied from Stackoverflow -- I am trying to setup two containers in an Azure Container App Environment. One Container App has a Caddy reverse-proxy plus SPA app files (app-www) and another has an ...
- 153
0 votes
1 answer
156 views
How to route TCP traffic through a fixed IP in Azure during local development?
Hello ServerFault Community, I'm working through a challenge related to accessing a third-party OPC UA server and am considering a solution using Azure's cloud infrastructure. Background Our team ...
0 votes
1 answer
268 views
Reply traffic lost when using an NVA to SNAT
I am trying to implement the following in a lab subscription, as described in https://learn.microsoft.com/en-us/azure/architecture/guide/networking/ipv4-exhaustion#implement-snat-via-third-party-nvas (...
- 2,695
0 votes
1 answer
530 views
How to backup an Azure PostgreSQL Single Server instance which is available on a private endpoint with Azure Backup Vault
I'd like to back up an Azure PostgreSQL Single Server instance using the Azure Backup Vault, which is only available through a Private Endpoint. I've created the Backup Vault and the Backup Instance ...
- 101
0 votes
2 answers
2k views
Using Azure Firewall's DNS Proxy with an internal DNS Server
Question If using Azure Firewall's DNS Proxy with internal DNS severs behind this same firewall, what happens to requests for external DNS records (i.e. does this cause an infinite loop where the DNS ...
- 1,408
0 votes
2 answers
2k views
Force Azure Outbound Traffic via a Single Public IP
Question Is there a way, when using an Azure VWan with outbound traffic directed via the VWan's firewall, to ensure all outbound traffic breaks out via the same, single public IP address. Note: I'm ...
- 1,408
2 votes
1 answer
1k views
What does the Reset Hub button on an Azure Virtual Hub do?
Azure's Virtual Hub has a couple of buttons at the top: Reset Router and Reset Hub. I've found some documentation on Reset Router here but so far cannot find anything on Reset Hub. I'm trying to ...
- 1,408
0 votes
0 answers
219 views
Does Azure Stack HCI allow creation and management of Private VLAN (PVLAN)?
My customer is looking at deploying Azure Stack HCI. The network infrastructure I am responsible for designing will be based around Aruba CX10000 switches which have embedded Pensando module that will ...
- 239
0 votes
1 answer
248 views
Azure Ubuntu VM direct S2S VPN - without VPN Gateway. Is it possible?
I would like to connect on prem Fortigate FW with one azure Ubuntu VM - direct. Is it possible without Azure VPN Gateway? Config works with other vendor but no in Azure. Is that kind of config blocked ...
1 vote
0 answers
270 views
Accessing CosmosDB from a VPN
I have a CosmosDB instance that allows connections originating from a virtual network (let's call it "online-vnet"), in an address space 10.0.0.0/16. In the tenant there is a VPN defined (&...
0 votes
0 answers
458 views
Cannot RDP To Server - Local Admin Password Expired/Reset Fixed Issue?
I received reports that users trying to RDP to an Azure Win Server 2019 VM via JIT or any other means were not able to. This used to work previously. In addition, users RDP using they own user account ...
- 217
0 votes
1 answer
305 views
Allow Azure VMSS instances to connect to a mysql server running on a VM in another resource group
In Microsoft Azure, I've got a Virtual Machine Scale Set in (say) 'resourceGroup1' in region West EU. I also have a single Virtual Machine (let's call it 'VM1') which contains an instance of mySql, ...
- 103
1 vote
0 answers
743 views
AKS Egress Internal via Load Balancer to on-premise service
I have an AKS cluster and one of the pods, call it "my-service", needs to connect to an on-premises service via VPN and that service requires whitelisting of IPs. Unfortunately, it can only ...
- 111
0 votes
0 answers
549 views
Issues with telnet to external web service from azure vm
I have an Azure VM running Windows server. There is a job running on this server that fetches data from an external web service on port 80. This job has suddenly stopped working after a reboot (I know ...
- 1
0 votes
1 answer
268 views
static external IP for azure hosts
I am creating an Azure Virtual Desktop implementation. What is the correct way to make sure that the AVD's use a static IP address for outgoing connections? Is it by creating a NAT Gateway?
- 23.3k
1 vote
1 answer
998 views
Why do my AKS node have public IP even though "enableNodePublicIP" is set to false?
I have an AKS cluster where I added a new node pool. While creating the node pool, I set the option "Enable public IP per node" as Disabled. However, I still notice that my nodes in the VMSS ...
- 218
1 vote
1 answer
3k views
Azure equivalent for logon script or Group Policy to launch programs on user login
We have a tool (portable exe) that runs from an on premises server in a traditional domain that launches on user login via GP (and can also run from logon script). It references a location on the ...
- 91
0 votes
1 answer
230 views
Low cost TCP listener for Azure
We've been going through the process of migrating VMs from our data centres into Azure. When migrating, one of the gotchas is networking rules; i.e. there are NSGs, hardware firewalls, OS firewalls, ...
- 1,408
0 votes
0 answers
158 views
redundant VPN connections over Expressroute private peering
I have configured redundant VPN connections over expressroute private peering with private IPs. BGP is configured making router 2 backup using BGP as-path. Wondering how the traffic is sent back to on-...
- 1
1 vote
1 answer
809 views
Adding my remote public static IP to an Azure VNET so I can access a private VM inside the VNET
I don't even know if this is possible. But I have a VM in azure running just private IP. I can access this VM from my azure web app when it is running in Azure. But I need to develop against it and I ...
- 111
1 vote
0 answers
30 views
Azure Network Adapter without Windows Admin Center
I want to use Azure Network Adapter, but I don't want to use Windows Admin Center. Windows Admin Center is a security headache and I don't want it. I just want to install an Azure Network Adapter on ...
- 569
0 votes
1 answer
129 views
when configuring Azure file sync between a azure file share and an on-premise server can this be done with private link?
Trying to configure azure file share between and on-premise file server and azure file share but am unsure about how to make it secure. We will be using express routewith private peering to connect ...
- 1
0 votes
1 answer
750 views
How to move an IP address in Azure from one VM to another?
I have an old VM with a static IP address - let's say IP address A. I want to dissociate this IP address from the old VM, make a new VM, and then associate IP address A with the new VM. They would ...
- 569
1 vote
0 answers
88 views
Multiple S2S Connections for Azure
I’m confused by all of this and need help. I setup an Azure S2S tunnel from Azure to my On Prem DC. This is for AD and AAD to sync. We have a new billing system coming in and the only way they’ll ...
