Quantcast
Channel: Azure Networking (DNS, Traffic Manager, VPN, VNET) forum
Viewing all 6513 articles
Browse latest View live

Azure Load Balancing if VM (Backend pool) port fails

October 28, 2016, 5:18 am
$
0
0
Hi There,

We have an Azure Load Balancer (LB) which is connected to Two VMs (VM1 and VM2) over the same backend pool port 8443(using Rule type #1: No backend port reuse). The load balancer works fine and redirects the traffic to the either of the VMs according to its topology. If the VM2 goes down, all the connections will be redirected by the LB to the VM1.  
In the current scenario, if the backup pool port of any one of the VMs fails(port 8443 is dropped on VM2), the connections that are redirected by the LB to the VM2 throw an error. How can we redirect the connections to VM1 in such cases. 



Thanks & Regards
Venu


Search

virtual machine

October 28, 2016, 12:19 pm
$
0
0

i put the ip adrs in network card

then my virtual machine hange and i can' login again

i need to clear ips in machine network card

Convert VPN IP from dynamic to static?

October 28, 2016, 1:10 pm
$
0
0

Hello!

I have a virtual network set up in Azure.  Unfortunately, I seem to have created the virtual network gateway's IP as dynamic rather than static.  The gateway's IP changed, which caused it's VPN connection to a local gateway to break since it was locked down by IP.

I tried to follow this approach to convert the IP to a reserved one: https://azure.microsoft.com/en-us/documentation/articles/virtual-networks-reserved-public-ip/#how-to-reserve-the-ip-address-of-an-existing-cloud-service

But, when using New-AzureReservedIP with an existing IP, you have to specify the ServiceName.  I'm not sure what to pass for that parameter in this case.

Any ideas?  Is there any way to convert my VNG's public IP to a static or reserved one?  If not, am I stuck recreating most of the virtual network?  It sure seems that way... I don't see a way to change the public IP without deleting the VNG, which would then require that I delete the VPN connection, too. 

Question about two VMs behind an internal load balancer and their corresponding IP addresses

October 28, 2016, 8:11 pm
$
0
0

1.  I used the following quickstart template to create two VMs behind an internal load balancer:

https://github.com/Azure/azure-quickstart-templates/tree/master/201-2-vms-internal-load-balancer

2.  I also created an Azure SQL database in the same resource group

3.  I then connected from one of the VMs to the Azure SQL database

I would expect that the Azure SQL server would show that the connection from the VM has an IP address of either the internal IP for the VM or the private IP address of the internal load balancer.  Instead my connection is using a random IP address that belongs to Microsoft?  I verified this by turning off the "Allow access to Azure services" firewall rule for the Azure SQL Server while at the same time granting access to both the private IP of the VMs and also the private IP of the internal load balancer.  After making these firewall changes I was no longer able to connect from my VM to the Azure SQL database. This makes it difficult to lock down access to the Azure SQL database.  We plan to provision our environment in an automated fashion with ARM templates.  But we have no way of knowing at the time of provisioning what IP address will end up being used for the connection from the VM to Azure SQL?

Why wouldn't the private IP of the VM or the private IP of the internal load balancer be used to connect to the Azure SQL database?

P2Site client vpn errors (I am using self signed certs).

October 30, 2016, 6:14 am
$
0
0

Followed  https://azure.microsoft.com/en-us/documentation/articles/vpn-gateway-howto-point-to-site-resource-manager-portal/

When initiating VPN connection, from Win 10 getting error  (Error 0x80090326), from Win 7 getting error Error 0x800b0109

Thoughts ?

Unable to use PowerShell to link an App Service Web App to a Virtual Network via a Virtual Network Gateway

October 31, 2016, 6:25 am
$
0
0

I'm attempting to automate the provisioning of an App Service Web App that can connect to private resources in a virtual network via a Virtual Network Gateway. I've been using the script provided at https://azure.microsoft.com/en-us/documentation/articles/app-service-vnet-integration-powershell/ but it does not seem to completely work. 

Steps to show the issue (unfortunately, I don't have a shorter way to demonstrate it since there's a lot of moving parts):

1. Create a Resource Group. All other resources will be added to this Resource Group.

2. Create a Virtual Network with an address space of 10.0.0.0/16 and one subnet in 10.0.0.0/24. Ensure that the Network Security Group for the subnet allows HTTP inbound on all interfaces. 

3. Create an Ubuntu Server VM in the subnet created above (as well as with a public IP). The script at https://bbjameswillmiscstorage.blob.core.windows.net/scripts/setup_linux_demo.sh will configure this VM to respond to HTTP GET requests with the VM's hostname and the IP address of the requester. 

4. Create an App Service Plan sized as S1.

5. Create an Web App App Service in the plan created above. Configure it to deploy from a local repository hosted at https://github.com/blackbaud-james-williams/appsvc-demo.git -- this is a simple ASP.Net web app that will make GET requests to servers configured in the app settings for the App Service.

6. In the app settings for the App Service, add a key pingaddress_public with a value of the public IP address of the Ubuntu Server VM. Add another key for pingaddress_private with a value of the private IP address of the Ubuntu Server VM. 

7. Access the App Service's URL and verify that it can make a request to the public IP of the VM. Ensure that it cannot make a request to the private IP of the VM. 

8. Use the script provided at https://azure.microsoft.com/en-us/documentation/articles/app-service-vnet-integration-powershell/ to connect the App Service to the Virtual Network. The script will create a Virtual Network Gateway. 

9. Access the App Service's URL and attempt to make a request to the private IP of the VM.This is the part that does not work even though it should. 

10. In the Portal, access in the Networking configuration section for the App Service. Note that it appears to be connected correctly and the certificates are in sync.

11. In the Portal, disconnect the VNET from the App Service.

12. In the Portal, connect the VNET to the App Service. 

13. Repeat step 9 and note that the request to the private IP now works. 

The PowerShell script appears to be missing one or more steps for making this connection; but because there's no error in the Portal, it's not clear what those steps would be. 

Any help would be appreciated. 

Point-to-Site Setup Problem - Can setup no problem logged on as Administrator but can't as user

August 10, 2016, 5:39 pm
$
0
0

I run Windows 7 Professional with all updates. An individual machine, no domain. I was able to create a VNet in Azure w/ Gateway. I was able to create root and personal certificates, uploaded to root, etc. All good. Logged on as Administrator I can download the 64-bit Client VPN package and run it and it creates the VPN connection and I'm able to logon and the gateway completes and registers 1 client in Azure. IPConfig looks good. All good.

However, when I logoff Administrator and switch users to my user account, the connection is not there, the VPN connection is not there and the classic portal shows the gateway disconnected and 0 clients. When I run the 64-bit Client VPN package logged on as user (run as Administrator), it blinks through the CMD screen very fast (can't read it) and it's over and nothing has happened. No VPN, nothing. Gateway still broken, no clients.

I check all event logs and nothing stands out. I have no idea what's happening but I think it's obviously permission or security oriented. Possibly services? Not sure. Anybody have any ideas please.

Bandwidth and Vnet relationship

October 31, 2016, 6:47 am
$
0
0
Hi,

We are architecting a system on Azure and following is the architecture:

1. The system (on Azure) will access a web service on open internet. It will have the egress of 'X' GB.

2. The system (on Azure) would be accessed by some users (via Vnet). 

3. The system (on Azure) would perform sync with another system (on Azure but in a different region) via Vnet.

We have the queries pertaining to the costs incurred because of the bandwidth (data flow). Queries are as follows:

a. In the bandwidth calculation - would only the egress cost (mentioned in point 1. be considered)? Or will the data flowing over Vnet be also need to factor in (mentioned in point 2. and 3.)?

b. In the pricing calculator, there is an item by the name Inter Vnet transfers. According to my understanding - these charges would be applied to ne only if I have data flowing between two different Vnets. I wont be charged if the data is flowing in the same Vnet. Is my understanding correct?

c. Can I have same Vnet spanning across two regions?

d. If I have my system in one Azure region and a back up system in another Azure region and if both the systems are in the same Vnet, then do I need to set up the Site-to-Site VPN between my on premise and the Vnet only once? Or do I need to set it twice (one for every region).

e. Does setting up a Vnet incur costs - except for the VPN?

Request your help on this.


Regards, Saurabh
Search

2012 R2 Server networking / DNS issues

October 31, 2016, 11:19 pm
$
0
0

I have setup a very simple 2012 Server with AD / DNS. I am having the following networking connectivity problems:

DNS is not working correctly, have tried using only ROOT hints and or forwarder. ROOT hints works , sometimes. But I am still unable to connect to most sites (Bing works, but google times out??) 

While attempting to setup Hamachi VPN it is unable to setup a direct connection despite having allowed ALL TCP / UDP on both the azure side and the windows server side. 

Trying to do simple ping of google DNS server from VM or directly use google dns fails / times out? I can ping CNN.com though?

Azure Web App with Azure Point To Site VPN -- Access Resources from network

October 17, 2016, 6:04 am
$
0
0

Hi Team,

Little Background:

We have Azure Site- 2-Site VPN connectivity (Classic V1) and it is working well with our Azure Cloud Service (Classic V1). Now we received a requirement to connect our Azure Web App (ARM V2) with this network and user some of the resources from the Azure VPN Network.

For that, We have enhanced our Azure VPN and enabled Point-2-Site Connectivity. Now, We come back to Azure Web App tab and there we have Networking Option, we enable Point-2-Site and select our this network. after few minutes, we got success status and we can see all green with enough details.

Real Issue:

Now, I want to access one of UNC Path under that network we have through our Azure Web App. But it is not working. I am getting an error message "Access to the path '\\<vmname>\testing' is denied. However I have tested the code (C#) and it's working well in local computer. 

This issue I don't think is related to access or permission. Because though I give any name in place of <vmname> whether that VM is really exists in the network or not, It gives me the same error message. So, Its not specific to permission.

My Observation: 

Virtual Network has one domain and that domain username and password different and when you are accessing anything from IIS to some other local, I suppose Impersonate and Identity may come in picture. 

But If that is the real issue, I should get some different error message if I type ABCD as my <vmname> which doesn't exists in the Virtual Network. Isn't it? But I am getting same access denied message.

Troubleshooting:

Using Console Tab under Azure Web App blade, I tried to check nameresolver and dnsping exe and both are able to access my this vm where I have shared the folder. So, from Azure Web App VM they are able to access the Virtual Network VM. 

Some References: 

Regards, Brijesh Shah



HA implications for new Vnet-to-Vnet hub connections

November 1, 2016, 3:51 am
$
0
0

My understanding is the new Vnet-to-Vnet functionality allows for a hub and spoke design to be implemented . A single Vnet gateway can now be used to connect multiple Vnets to express route circuits or other services reducing the amount of G/W's and connections required.

My question is:

What happens if the Hub gateway fails, are all the Vnets connected to the hub isolated from the rest of the network?

Can a second HA gateway be configured as a hot standby?

The new functionality improves managabilty and latency but if it extends a single point of failure to many Vnets it limits the enviroments where it can be deployed.

May be DDos attack?

November 1, 2016, 11:46 pm
$
0
0

My azure VM seemed strange, the Network and IO was too high to be impossible, I have no idea about this, and it leaded to my process crashed. Here is the Network traffic:

and the CPU usage:

the Disk Read speed:

It's really really terrible for me, I was not able to pay for so much data traffic fee!! Please help me.

Using Ishlangu Load Balancer ADC IS-5000 to route traffic outside Azure

November 2, 2016, 1:17 am
$
0
0

Hi

Can I have a Ishlangu Load Balancer ADC IS-5000 on Azure, and balance traffic to web servers outside Azure environment? Will it have 5 Gbps of bandwidth?

Thanks

Maximum bandwidth for a single virtual machine

November 2, 2016, 1:44 am
$
0
0

Hi

What is the maximum bandwidth (in Gbps) allowed for a single virtual machine?

Thanks

Point-to-Site on Windows 8 Client connection Error 798

May 16, 2013, 7:09 am
$
0
0

Hello,

Install Certificate and Client Package and when I try to connect it shows the following error

"A certificate could not be found that can be used with this Extensible Authentication Protocol. (Error 798) For customised troubleshooting information for this connection"

I have checked both cert are installed under current user in both personal and trusted root, and have tried every resource we can

We have successfully installed using same settings & process on Windows 7 without problem, the log file is as follows

******************************************************************
Operating System      : Windows NT 6.2 
Dialler Version        : 7.2.9200.16384
Connection Name       : Dxxxxxxxxx2
All Users/Single User : Single User
Start Date/Time       : 16/05/2013, 15:04:48
******************************************************************
Module Name, Time, Log ID, Log Item Name, Other Info
For Connection Type, 0=dial-up, 1=VPN, 2=VPN over dial-up
******************************************************************
[cmdial32]15:04:4822Clear Log Event
[cmdial32]15:04:5104Pre-Connect EventConnectionType = 1
[cmdial32]15:04:5106Pre-Tunnel EventUserName =  Domain =  DUNSetting = Dxxxxxxxxx2 Tunnel DeviceName =  TunnelAddress = azuregateway-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.cloudapp.net

Search

Cant log into F5 BIG-IP Loadbalancer via SSH or Configuration utility using the default root &pass or default admin and pass for Big-IP

October 14, 2016, 1:26 pm
$
0
0

i provisioned a F5 loadbalancer the Best one, but when I go to configuration utility and try logging in with username admin and password admin it fails, also when I try and log in via SSH using root and default for the password it says access denied. I provisioned the VE several time..and same issue.


Koomi Koomz

can someone please tell me what is going on? I'm using the default user names and passwords, but not working


Koomi Koomz

i used admin for username and admin for password which is supposed to be default for F5 BigIP


Koomi Koomz

Using Putty to SSH

Koomi Koomz

Here I'm supposed to use 'root' and for password use 'default' that is what the default username and password for SSH for F5 big ip

clear

22m20 minutes ago
Koomi Koomz

i provised the F5 big IP best several times and I even tried with the log in and password I provisioned with, but that doesn't work either


19m17 minutes ago
Koomi Koomz


Request for more information on using VPN to access Azure Server

November 2, 2016, 6:23 pm
$
0
0

Hi,

I have set up an Azure Virtual Machines but can't connect to site through IP address. I am thinking if using VPN "IPSET" but i want to have more information on the networking of Azure. Please kindly provide me the information about the issue. Thank you!


VPN Connection issue

November 2, 2016, 11:04 pm
$
0
0

After the no 4 connection is up all the connection is down.
The status show failed. Error message when we trace

$captureDuration = 60

$storageContainer = “vpnlogs”

Start-AzureVirtualNetworkGatewayDiagnostics  `
 -GatewayId $vnetGwId `
 -CaptureDurationInSeconds $captureDuration `
 -StorageContext $storageContext `
 -ContainerName $storageContainer

Start-AzureVirtualNetworkGatewayDiagnostics : Cannot validate argument on parameter

'GatewayId'. The value EdipVNetDev is an invalid GUID.

At line:6 char:13

+  -GatewayId $vnetGwId `

+             ~~~~~~~~~

+ CategoryInfo : InvalidData: (:) [Start-AzureVirt...ewayDiagnostics],

   ParameterBindingValidationException

    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.WindowsAzur

   e.Commands.ServiceManagement.Network.Gateway.StartAzureVirtualNetworkGatewayDiag 

  nostics


Traffic Manager Profile tagging

October 21, 2016, 9:07 am
$
0
0

Hello,

I'm experimenting with tagging in the new Azure portal and via Powershell. It seems I cannot add any tags to the Traffic Manager Profile, while this works for my other services.

The error I get via the portal and via powershell is the following:

The 'endpoints' property cannot be specified when updating a profile using PATCH. Please use PUT to update the profile instead. (Code: BadRequest)

Anyone else experiencing the same issue?

Thanks!

Rgds,

Thomas

Cloud Service - Reserved IP address

November 3, 2016, 1:49 pm
$
0
0
We recently, through our own actions, lost our public facing IP address on a cloud service we ran in Microsoft Azure. Most of our customers rely on DNS to resolve the IP address and were not affected by the newly assigned IP address. However, a few of our customers were using the static IP address provided by Microsoft to punch holes through their firewall. We now have to require those customers to use a new IP address.

The solution we were given by the support rep while trying to unsuccessfully recover the old IP address was to reserve the IP address within Azure and then bind that IP address to the running service. I had a few questions about this.

I tried the following command in a dev instance and it did reserve the IP address that was currently assigned to the server.
New-AzureReservedIP -ReservedIPName new-service-ip-address -Location "North Central US" -ServiceName my-service-in-azure

I am wondering what deployment slot that IP address will now be assigned to. Will that stick with the production slot, or will it flip when I do a prod/stage swap? I ask that because I was given a bit of service deployment code that suggested I needed to change the service configuration on the cloud service so that the reserved IP would be used during deployment.


<ServiceConfiguration serviceName="ReservedIPSample" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceConfiguration" osFamily="4" osVersion="*" schemaVersion="2014-01.2.3"><Role name="WebRole1"><Instances count="1" /><ConfigurationSettings><Setting name="Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString" value="UseDevelopmentStorage=true" /></ConfigurationSettings></Role><NetworkConfiguration><AddressAssignments><ReservedIPs><ReservedIP name=" new-service-ip-address"/></ReservedIPs></AddressAssignments></NetworkConfiguration></ServiceConfiguration>


So if I deploy this service into the stage slot, with the above changes made to the service configuration file, will the reserved IP address also deploy into staging? And if that happens, what IP address will be applied to the prod deployment slot? Why is the reserved IP mentioned at all in the service config? 


Viewing all 6513 articles
Browse latest View live
Search

Latest Images

7 clever tricks Primark does to keep you walking & buying more than you need...

7 clever tricks Primark does to keep you walking & buying more than you need...

July 20, 2025, 5:14 am
Art for Everyone! Autism advocacy, local stories, and indigenous pride in one...

Art for Everyone! Autism advocacy, local stories, and indigenous pride in one...

July 20, 2025, 5:06 am
Paintings of English Downs 2

Paintings of English Downs 2

July 20, 2025, 4:30 am
How Kerala Women Rescued a Dying Forest and Turned It Into a Safe Haven for...

How Kerala Women Rescued a Dying Forest and Turned It Into a Safe Haven for...

July 20, 2025, 3:30 am
Met Eireann warns of heavy rain & spot flooding for DAYS before big...

Met Eireann warns of heavy rain & spot flooding for DAYS before big...

July 20, 2025, 1:14 am
Who is Kevin Lerena’s wife Geraldine?

Who is Kevin Lerena’s wife Geraldine?

July 20, 2025, 12:57 am
Man stabs woman, baby to death inside Queens home, police say

Man stabs woman, baby to death inside Queens home, police say

July 19, 2025, 11:00 pm
Ang papel ni whistleblower Julie Patidongan sa kaso ng mga nawawalang sabungero

Ang papel ni whistleblower Julie Patidongan sa kaso ng mga nawawalang sabungero

July 19, 2025, 9:45 pm
Telangana Human Rights Commission (TGHRC) seeks report from revenue dept on...

Telangana Human Rights Commission (TGHRC) seeks report from revenue dept on...

July 19, 2025, 7:29 pm
Crisis-hit NHS fat cats raking in MASSIVE salaries as frontline services cry...

Crisis-hit NHS fat cats raking in MASSIVE salaries as frontline services cry...

July 19, 2025, 2:11 pm
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>