Hello everyone,
I am trying to setup a SonicWall SSL VPN connection using LDAP (Which has been completed) into a corp network. Once inside the network, I need to setup a route to the azure network to access a SQL server. I can resolve the hostname however I am unable to ping into the network. Any suggestions?
Keep getting this error when ever i try to make a point to site configuration in my Virtual Network Gateway:
The virtual network gateway's VPN client address pool overlaps with the virtual network's address space. The overlapping address space prefixes are 10.1.0.0/16 and 10.1.0.0/25.
I'm using the Azure Dashboard to do this.
Error Code: VpnClientAddressPoolOverlapsWithVnetAddressSpace
I'm following the instructions on https://azure.microsoft.com/en-us/documentation/articles/dns-getstarted-create-recordset-cli/ to create a CNAME record I executed the sample commands as shown below which are working copies of the page above in section 'Create a CNAME record set with a single record' However you can see the 2nd command fails with 'Cannon read property 'cname' of undefined $ azure network dns record-set create -g 'foo' foo.xyz 'test-cname' CNAME --ttl 300 info: Executing command network dns record-set create + Creating DNS record set 'test-cname' of type 'CNAME' info: network dns record-set create command OK
$ azure network dns record-set add-record 'foo' foo.xyz test-cname CNAME -c 'www.contoso.com' info: Executing command network dns record-set add-record + Looking up the dns zone 'foo.xyz' + Looking up the DNS Record Set 'test-cname' of type 'CNAME' error: Cannot read property 'cname' of undefined error: network dns record-set add-record command failed
Anyone know why, or the correct syntax to set a CNAME value?
Hi,
I have enabled diganostics for the native azure load balancer but I dont see any logs on my storage account. Load balancer is deployed in West Europe region.
Best,
Kaido
The preconfigured rule for "MS SQL" on a NSG is using port 1443.
It should be 1433.
Apparently I can't include an image until my account had been verified...
...But I can't see a link anywhere to allow that to happen.
So: How does one verify an account on these 'ere forums?
I'm trying to configure peering between Azure classic and ARM. In ARM we have a gateway in use and pointing to our on premises environment. Eventually we would like to get rid of this and utilize AADDS. I need to know which is the best option for setting up peering while maintaining our existing gateway. Since we have this gateway in place the "UseRemoteGateways" option is greyed out. The descriptions that I have found are very non-descript...
Hi,
In the Classic Azure VM, I can add a new endpoint to map public port 443 to private port 3389 for RDP. How can I do that for the new Azure VMs? I looked into Network Security Group, but didn't find a way to do the same thing.
Thanks!
Julie
Hi,
At 6PM yesterday our S2S connection which has been running perfectly just stopped working. No changes were made to the on-prem environment and RRAS throws event id 20111
"A Demand Dial connection to the remote interface Azure on port VPN2-127 was successfully initiated but failed to complete successfully because of the following error: The network connection between your computer and the VPN server could not be established because the remote server is not responding. This could be because one of the network devices (e.g, firewalls, NAT, routers, etc) between your computer and the remote server is not configured to allow VPN connections. Please contact your Administrator or your service provider to determine which device may be causing the problem."
I've tried to re-create the connection to no avail.
Any ideas?
Br,
Chris
Hi,
We are currently running our webapps and databases on Azure in North Europe. Most of the web requests is coming from Sweden. Therefore we're thinking about changing location to West Europe, cause it's the closest one from Sweden in order to get a lower latency.
But will a move from North (Ireland) to West Europe (Amsterdam) have any significant impact on the load times on the website?
Trying to connect Azure to an ASA Cisco Router. I have followed all of the tutorials I have found but can't figure out how to configure the Phase 1 and 2 settings on the Azure side. Are these defaulted to specific settings? For example I need the encryption type, hash, PFS and lifetime settings to match up the ASA settings on my LAN.
Thanks,
Hi,
I have my ADFS just built in Azure in this config:
Azure Site 1:
1 x DC
1 x ADFS (Primary)
1 x WAP
Azure Site 2:
1 x ADFS (Secondary)
1 x WAP
I have also two VPN site-to-site tunnels one between my site and Azure Site 1 and one between my site and Azure Site 2.
Also i have a vnet-to-vnet tunnel between the two Azure sites.
If all three are up and running no issues.
Here is the problem.
If one of my site-to-site tunnel is down (for example the tunnel to Azure Site 1) the servers from Azure Site 1 can't reach my on-premise servers via the other tunnel going through the vnet-to-vnet tunel.
What am I missing here?
Thanks for help
I've been working to setup Deis on Azure and have been having some issues when it comes to getting the whitelist configurations working. I have tried using a variety of configurations over the last two weeks and continually come up against the same barriers.
The problem is that when I use Azure Load Balancer, the client servers end up seeing traffic as coming from either the private IP of the Load Balancer or the Docker container. When I manually pass in an 'X-Forwarded-For' header, I end up with the correct functionality.
I have tried using the Application Gateways, but given that I need to blacklist/whitelist TCP port activity I ended up running in to problems (i.e., the probes think there's a failure because they don't get a valid HTTP response).
Is there any configuration I can make/set that will ensure that the load balancers maintain the source IP information for all requests (i.e., whether adding an "X-Forwarded-For" header or prepending "PROXY TCP ..." to the request)?
Hello,
I have problem with my site to site vpn connection between Palo Alto Firewall and Azure Networks.
I made all the configuration and everything looked like it was working however i keep getting disconnects every 5-6mins. It is not happening - it goes on EVERY single 5-6min. I just can't keep in up all the time. I started digging into logs on Palo Alto and after successfull creating of tunnel it receives: IKEv2 IPSec SA delete message received from peer. Protocol ESP, Num of SPI: 1
I have no idea why this is happening. Any solutions?
PanOS is 7.1.0.
We are trying to configure a highly available FTP server using two ARM VM's with FileZilla server running on them - in an availability set - with a Microsoft Load Balancer in front.
- We are having troubles getting ACTIVE FTP to work through the Load Balancer. We get 425 errors indicating the data channel connection.
- PASV FTP works fine with NAT rules to each server in the for the PASV ranges we have setup.
- ACTIVE FTP works fine when connecting to the individual servers through their public IP address. Not through the load balancer public IP address.
- I have tried adding inbound/outbound rules to the network security group for the load balancer for ports 21, 20, ephemeral ports 1024-5000.
- Disabled the firewalls on each VM.
- Does anyone know if FTP is supported on the Micosoft Load Balancer in ARM?
Any ideas? We have a client with devices that use ACTIVE FTP spread though out the world, so its not an option to change to PASV FTP. I am losing my hair on this one ......
Thanks in advance for any ideas, recommendations, anything :-)
BMo