Quantcast
Channel: Azure Networking (DNS, Traffic Manager, VPN, VNET) forum
Viewing all 6513 articles
Browse latest View live

Configure Traffic Manager to Load Balance On-prem and Azure ADFS hosts

September 28, 2016, 3:46 am
$
0
0

Hi,

I've configured an Azure environment as a DR solution to my O365 identity services.  The Azure environment currently consists of an ADFS Server, DC and a WAP host.  The WAP is located in a separate DMZ subnet away from the core subnet.  I've also configured a site to site VPN connection between Azure and on-premise.

I've setup a traffic manager profile and configured the Azure WAP endpoint successfully.  Now I'm looking for some direction on how I go about configuring the on-premise endpoint.

On-premise we have 2 ADFS servers and a virtual Big-IP load balancer which acts as a reverse proxy for the external ADFS connections.  The current external dns name is adfs.domain.com which of course points to the Big-IP.

H

I assume I need to change the external DNS entry for adfs.domain.com to point to the external traffic manager address but then how do I setup the traffic manager endpoint for the current on-premise solution?

Any guidance is appreciated.

Search

Network Security Group not blocking DNS resolution

April 22, 2016, 9:55 am
$
0
0

I am trying to isolate a VM for testing purposes by associating the NIC for the VM with a NSG and putting a block all in place for outbound traffic.  Once I verify the rule is in place, I login via RDP and check to make sure that I cannot in fact reach any external resources.  It would seem that I am mostly blocked, however, I can still run an nslookup and resolve IPs.  If I have a NIC associated with an NSG and have that set to block * to *, shouldn't DNS resolution be blocked as well?



Thanks!

Create a VPN with VM and Raspberry Pi

September 28, 2016, 8:58 am
$
0
0

Hi,

I need to create a VPN that connects some VM that with have in Azure with Raspberry Pi that are going to be connected to internet (DMZ). The raspberry pi have ubuntu installed. And the VM are Ubuntu servers inside Azure. 

Best,

Internet facing load balancer logging

September 23, 2016, 2:35 am
$
0
0

Hi,

I have enabled diganostics for the native azure load balancer but I dont see any logs on my storage account. Load balancer is deployed in West Europe region.

Best,

Kaido

Is it possible to allocate extra private IPs to freebsd based VM like secondary private IP in AWS?

September 28, 2016, 11:11 pm
$
0
0

I would like to understand whether I can have more IPs allocated to my VM than the number of network interfaces and use them as floating IPs.

Also is it possible to add more network interfaces to existing VM with one interface ?

Thanks

Ram

Does Azure will support for Cyberoam (site to site VPN)

September 29, 2016, 3:11 am
$
0
0

Hi Team,

we are planning for VPN tunnel between Azure & Cyberoam (on Premises), please let us know weather Azure supports for Cyberoam Firewall !!

Thanks in advance!!

NTRao.

Cloud Only VNet with Direct Access and Azure AD with GPO successfully pushing

September 28, 2016, 7:37 pm
$
0
0

Hi,

I essentially need to push GPOs out to my domain joined devices but they are Azure AD joined (Win 10).

Effectively I need to bolt-on a mechanism to push GPOs to Azure AD joined machines as Azure AD is not a full DC.

So, we took the approach below.

  • O365 and Azure AD (domain join and AD management)
  • Azure Virtual Network (internal app, external websites and NLS server for Direct Access i believe)
  • Azure VPN: contingency access (if Direct Access connection dies - we're pushing for `always on` and `silent`.)
  • Azure VM: DC01 (domain controller - deployed in the VNet)
  • Azure VM: DC02 (domain controller - high availability - deployed in the Vnet)
  • Azure AD Connect: Sync the DC to Azure AD for computer devices etc
  • Azure VM : app in Vnet w/private data accessible via RDP

Is this wrong approach? Is it possible? Any good starter templates?

Suggestions for something different to achieve the end goal, a cloud-only VNet integrated with O365 with GPO functions actually working successfully - would be greatly appreciated.

Thanks!


SPF Record on Azure DNS

July 14, 2015, 3:18 am
$
0
0

Hi,

I need to add an SPF record to a Azure DNS Zone and I'm just a bit unsure of the command as the documentation doesn't specifically include SPF records. So I've used the following:

PS C:\> $rs =New-AzureDnsRecordSet-Name"spf1"-RecordType TXT -Zone $zone -Ttl60
PS C:\> Add-AzureDnsRecordConfig-RecordSet $rs -Value"v=spf1 mx ip4:0.0.0.0 ip4:0.0.0.0 mx:mail.example.com include:example2.com ?all"
PS C:\> Set-AzureDnsRecordSet-RecordSet $rs

Does it matter what -Name I give it? and do I need to include the v= at the beginning of the -Value?

Thanks,

Richard McKenna


Search

Connect Azure with SharePoint on-prem

September 29, 2016, 4:39 am
$
0
0
how Can i connect SharePoint on-prem and retrieve data from that to my azure hosted app

DNS Costs when Flood Targetted

September 28, 2016, 8:49 pm
$
0
0

Before moving my domains to Azure, I am curious how DNS pricing works when your domain is targeted for DDoS attacks on your namespace.

If someone (or a distributed group of systems) winds up flooding Azure DNS for repeated requests to a DNS namespace I own/published, will I be charged for all that illegitimate traffic, or does Azure provide a means of filtering or otherwise not charging for that traffic?

Thanks!

RD Gateway /RD connection Broker setup

September 29, 2016, 12:46 pm
$
0
0

Hello,

I just started playing with Azure. I already setup Vnet with subnets. VnetGateway and configured site to site vpn. I also configured DC in Azure. I need to setup RD gateway, RD connection broker and RD licensing server for TS server. For the timebeing only one TS server we need but in the future we need to add more. Can someone point me to step by step instructions links?

Also will I need separate VMs for RD gateway and RD connection Broker/Licensing?

Thanks,


Cannot delete classic VNET

September 29, 2016, 8:30 pm
$
0
0

Hello,

I have been trying to delete a classic VNET, there are no gateways attached and I have tried using the old and new portal and powershell to no avail.

My Subscription id is < removed PII Sensitive Information >


Can't delegate dns from godaady

September 30, 2016, 4:44 am
$
0
0

trying to delegate my domain from godaddy to azure dns ... used the nameserver names I got when create the Azure DNs zone... but in the godaddy change name server --> custom. I get the message 'invalide character' when filling "ns1-05.azure-dns.com." removing the closing '.' will solve that message but than I get the message, the used values can't be use, please verify the nameserver name entry... called the godaddy helpdesk, that asked me to "verify the nameserver names"... :(

anything, I'm missing?

thanks,

Clemens

Forced Tunneling with Policy Based VPN Gateway

September 29, 2016, 11:52 pm
$
0
0

Hello Team,

I am using Policy Based VPN Gateway for my Site to Site connectivity. Is there any way to force internet traffic to on-premise? As per this https://azure.microsoft.com/en-us/documentation/articles/vpn-gateway-forced-tunneling-rm/ article it is only possible with the Route Based VPN Gateway. Kindly suggest, what is the best possible ways to restrict Internet Access to VMs and redirect the Internet Traffic to On-Premise. I know NSG, is one option to restrict Internet Access to Azure VMs, but I am not sure If we can use NSG or Force Tunneling for directing traffic to Policy Based VPN Gatewat.

Best way to troubleshoot a failing Point to Site VPN

September 30, 2016, 5:58 am
$
0
0

I have created a point to site VPN that works fine on my own personal laptop, but not on my corporate workstation (Error: 2147024891)

What is the best way to trouble shoot this? I'm assuming it's not a firewall issue as port 443 is open on our firewalls, but apart from that, I don't know what else to check - Any ideas?

Thanks

Search

Azure LoadBalancer traffic 80, and Haproxy Linux Server Port 80 Conflicts ?

September 30, 2016, 12:08 pm
$
0
0
I want configure a Virtual IP using a Azure Load Balancer to a Haproxy Linux Server in Ubuntu 16.  My idea is use the Haproxy server to load balacing traffic of http, and not have two functions of load balancing, working to this  port.  Additional I need know if I have a Azure load balancer to traffic 80 and haproxy linux vm to load balancing the traffic http, can create conflicts or lost performance ?

Azure VM - allows only 2 concurrent remote desktop connections

September 30, 2016, 2:41 pm
$
0
0

Hi,

Azure VM - allows only 2 concurrent remote desktop connections. What are solutions available to get more users to log on to an Azure VM as a jump box.

Thanks


Unable to connect WebApp to Virtual Machine using VNET

October 2, 2016, 7:43 pm
$
0
0

I have a web app built on .Net 4.6. The application utilises elasticsearch and redis which are hosted in an Azure VM. I am trying to connect Azure VM(ElasticSearch+Redis) to Azure WebApp(.Net WebApp) using internal network. i.e, WebApp and VM should interact with each other on LAN and not the internet. I am not able to understand Azure VNET use case scenario from its description in docs.

Does Azure VNET enable the above-mentioned scenario? If yes, How? If No, Please suggest the best way to archive this.

ICMP packets and the Azure VM.

October 3, 2016, 11:15 am
$
0
0

Hello.  I am aware that the Azure border router will filter out ICMP packets, but I would like to be able to use ping, traceroute, etc from my Azure VM.  Currently traceroute -T will show the target IP but none of the intermediate IPs.  Is there any way to allow inbound ICMP packets to my Azure virtual machine?

Additionally, I'm curious about the reasoning behind filtering out ICMP packets.  Is it a security issue

Azure ARM Load Balancer not working with ACTIVE FTP (PASV FTP working fine).

September 27, 2016, 4:02 pm
$
0
0

We are trying to configure a highly available FTP server using two ARM VM's with FileZilla server running on them - in an availability set - with a Microsoft Load Balancer in front.

- We are having troubles getting ACTIVE FTP to work through the Load Balancer.  We get 425 errors indicating the data channel connection.

- PASV FTP works fine with NAT rules to each server in the for the PASV ranges we have setup.

- ACTIVE FTP works fine when connecting to the individual servers through their public IP address.  Not through the load balancer public IP address.

- I have tried adding inbound/outbound rules to the network security group for the load balancer for ports 21, 20, ephemeral ports 1024-5000.  

- Disabled the firewalls on each VM.

- Does anyone know if FTP is supported on the Micosoft Load Balancer in ARM?

Any ideas?  We have a client with devices that use ACTIVE FTP spread though out the world, so its not an option to change to PASV FTP.  I am losing my hair on this one ......

Thanks in advance for any ideas, recommendations, anything :-)

BMo

Viewing all 6513 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>