Email for my custom domain
what provides failover for The Traffic Manager Service itself?
From @securehitvia Twitter:
I understand Traffic Manager can be configured to provide failover, but what provides failover for The Traffic Manager Service itself?
Thanks,
@AzureSupport
How to create a site-to-site vpn using DH group 5 or 14
From Jacob Huizenga @jhuizenga2 via Twitter:
Is there any way to create a site-to-site VPN using DH group 5 or 14? At the moment I cannot find any way to configure this Azure VPN.
http://twitter.com/jhuizenga2/status/658629389505179648
Thanks,
@AzureSupport
Azure VPN Phase-1 Negotiation using the wrong methods
I've just setup a VPN for our customer and we are getting failures. The Endpoint Gateways should be using SHA1 but Microsoft are trying to communicate with SHA2 on Phase-1
set security ike proposal azure-proposal authentication-method pre-shared-keys
set security ike proposal azure-proposal authentication-algorithm sha1
set security ike proposal azure-proposal encryption-algorithm aes-256-cbc
set security ike proposal azure-proposal lifetime-seconds 28800
set security ike proposal azure-proposal dh-group group2
set security ike policy azure-policy mode main
I found the Log on the Firewall endpoint receiving a SHA2-256
2016-05-09 17:05:35 iked (ONPREMIP<->AZUREIP)IKE phase-1 negotiation from ONPREMIP:500 to AZUREIP:500 failed. Gateway-Endpoint='AZUREVPN' Reason=Received hash SHA2-256, expecting SHA1 id="0203-0005" | Debug |
I've double checked the Firewall for settings matching the cfg files.
infologic telecom
Azure with Office 365
Hey Guys & Girls,
I am currently setting up a cloud solution for a company with Azure.
Everything is good on that part, but they have a lot of users who are off site connecting via VPN (Azure Point to Site) to the domain. What I need to know is can I limit the connection to there corporate office 365 account so that when
they are not connected through the VPN essentially off domain. Can I do this through office 365 or Azure?
I will also be setting up Intune in the future to help manage these remote users is there anything with in that, that will help me?
Any help would be appreciated.
Thanks
Grant
"Could not contact any CDS load balancers" Using Yum on RHEL 7.2 VMs
From Matt Shorrosh @matt_shorrosh via Twitter
@AzureSupport Is there any known issues with red hat update infrastructure? I am getting issues across multiple subscriptions trying to use yum
I am getting Could not contact any CDS load balancers when using yum on RHEL 7.2 VMs. It appears those RHUI servers may be down or unavailable.
https://twitter.com/matt_shorrosh/status/729730010614005760
Thanks,
@AzureSupport
Cannt link VMs with Loadbalancer
Hello,
I Cannot find my VMs into backend address pools
Regards,
Hamza
SharePoint Load Balancing Blues
Hi,
I have an IaaS SharePoint farm hosted in Azure with 2 WFEs and 2 APP servers. I have implemented an internet facing Load Balancer for the WFEs for incoming internet requests (ref: https://azure.microsoft.com/en-us/documentation/articles/load-balancer-internet-overview/ ). We use Azure Resource Manager (ARM).
For the APP servers to resolve our URL as internal IPs, I can setup an entry in the APP servers' HOST file (to resolve the URL to one of the WFE internal IP addresses) OR setup a DNS forward lookup zone, but these would always refer to a single internal IP which could be the IP of one of the WFEs. What if that server is down?
Q. Do I also need to setup and INTERNAL Azure load balancer so that internally the URL is also load balanced, allowing one of the WFEs to be OFF for some time? I am further confused because they say SharePoint has its own load balancing.
Thank you.
Marcel
Can't create gateway because "This virtual network is already associated to gateway 'xxx'".
Hi,
We created a route based gateway. Then we figured out our Cisco ASA can't handle route based gateways, so we deleted the gateway.
Then I created a policy based gateway with the same name. This failed with an InternServerError and status "conflict". So I deleted that gateway too and wanted to create a new gateway with a different name.
Now I can't create the gateway, because the virtual network is already associated to the gateway 'xxx'. The gateway that Azure said it couldn't deploy, and that I afterwards (after it was not deployed, although it sort of was) deleted. So my network is now
in use by a gateway that doesn't exist and that therefore I can't delete either.
What can I do now?
In case Microsoft sees this: the subscription Id is ee7e246c-1fb6-4288-ae82-8e7040c9c82d, there is only one virtual network which is the one I'm trying to use.
Is there any way to report issues like that? We're still evaluating Azure and I find it wrong as a matter of principle that I have to buy support in order to tell Microsoft their software messed up my data.
Thanks, Chris
Can't delete DNS-zone or resource group due to non-ASCII characters
Hi
I've created a DNS-zone (I know it's in preview) but I can't make any records or even delete it.
Azure gives me the following error (I've replaced sensitive information with brackets):
"Failed to delete DNS zone [domain omitted - no non-ASCII character]. Error: The request with parameters subscription: [omitted] resourceGroup: [omitted - a non-ASCII character] Zone: [omitted - no non-ASCII character] is not valid because it contains non-ASCII characters."
Can I force a delete through PowerShell?
Thank you for your reply.
Connect 1 Vnet to On-premise AND another Vnet - how?
Hello
I have a Vnet called vnet1 to that vnet i have a gateway, policy-based. To that gateway I have a connection (and a local network gateway with my on-premise networks) ipsec site-to-site to my on-premise datacenter. on-premise i'm using a ASA 5545 therefore the azure gateway needs to be policy-based.
Then I got another vnet, vnet2 (located in another region). I want to connect vnet2 to vnet1. I've create a gateway for vnet2 and used route-based as vnet-to-vnet connections should require. But on vnet1 i can't add another gateway that useds route-based, I have only one gatway that uses policy-based to connect to on-premise site.
When I try to create a connection between the two vnet it got an error because one gateway uses route-based and the other policy-based.
Hmm. How do I connect those two vnets while still having a VPN connection to my ASA5545 on-premise??
Thank you in advance, Steffen.
Can I have two virtual net gateways for VPNs that both connect to the same Azure subnet?
From @jpagan via Twitter
"Is it possible to config two virtual network gateways for VPN connections (1 policy 1 route) to the same virtual subnet?"
https://twitter.com/mjpagan/status/730234538413039616
Thanks,
@AzureSupport
Deployment failure because of end point uniqueness
Hi,
When I am creating a new virtual machine in the existing cloud service I am getting below error message.
The operation 'bca1ee4afad5abaca6b067d6c85d37ff' failed: 'Port 1433 is already in use by one of the endpoints in this deployment. Ensure that the port numbers are unique across endpoints within a deployment
What I can understand from the message I cannot use same port number within a deployment.
Solution to this problem can be using different Public and Private port configuration. Below is the example.
Public Port : 40001
Private Port : 1433
Kindly help by answering below questions.
1) Is there any other solution to this problem?
2) By using different public port will I be exposed to any security threat?
I will appreciate any help...let me know if you need any other detail.
Thanks.
Multiple External IPs to single VM
I'm looking for a way to have multiple external IPs assigned to a single VM. They can be NAT'd.
I know it is possible in the classic model with cloud services, but can't seem to figure out a way to do it with ARM.
Any ideas?
Casper Pieterse - Snr. Solution Architect - Dimension Data
Cannot connect to virtual servers through point to site VPN
Greetings,
We have a point to site VPN setup through powershell. We are using azure resource manager. We are able to connect to the VPN but unable to connect to any of our servers in a different subnet on our virtual network.
The virtual network has 2 subnets, one for our servers and the other is the gatewaysubnet.
My impression from most of the literature is that the routing between the 2 subnets in the same virtual network is automatic. Am I missing a configuration step somewhere?
Thanks in advance.
Unable to create vnet gateway, get error "could not find resource when attempting to deploy"
From @perthguppy via Twitter
"@AzureSupport Seem unable to create vNet Gateways on Az portal atm. Says could not find resource when attempt to deploy? Worked recently."
https://twitter.com/perthguppy/status/730611244231581697
Thanks,
@AzureSupport
Connect to the Internet through VPN Connection fail
Hello,
I have problem with connecting to the internet through VPN, I have a VPN connection enabled on premise environment, now I created the VPN-Connection, and I configure the certificate and the VPN client when I connect the state say that I am connected, social Websites are blocked from access now what I am trying to do is to connect to social websites through VPN connection, I added the public DNS for Microsoft, its test environment is there anyway to do this to connect to the internet through the gateway and routes the packet ??
Regards,
Ayesh.
Azure Network Security Groups - Allow Ping
Hello,
After applying NSG's, i am not able to ping my clients from an other subnet (same VNET).
How can i get these clients to ping eachother while NSG's are up?
Subnet 1: 172.0.0.0/25
Subnet 2: 172.0.0.128/15
Subnet 3: 172.0.1.0/25
I applied NSG's on all 3 subnets:
Subnet1 is able to ping subnet 2 and visa versa
Subnet3 is NOT able to ping Subnet 1 and 2
If i remove the NSG's Subnet 3 is ABLE to ping subnet 1 and 2
Connect Machine to the Internet throgh VPN Connection
Hello,
I am trying to connect My Machine through VPN connection, I have VNET with DNS 168.63.129.16, A3 machine with RRAS service deployed and configure now the problem is I can't connect to RRAS I tried using L2TP/IKEv2 connection and SSTP and none of them work, In L2TP it give me connecting while in SSTP the local security could not be contacted I disable the firewall on VM, for Azure VM when selecting the NATing I chose Hyper-V port and enable Public interface connected to the Internet, Enable NAT on this interface. I followed the step in the URl bellow do I need to add muti interface machine ? or is there any other solution for this scenario.
I am trying to connect MY Machine to Internet throw VPN Connection.
https://blogs.msdn.microsoft.com/notime/2013/06/01/how-to-setup-windows-azure-server-2012-as-an-sstp-and-l2tp-vpn-provider/
Regards,
Ayesh.