I am trying to create a VPN connection between Azure and a Cisco ASA 5506. I have been very unsuccessful and really could use some help
↧
Not able to get the VPN to connect
↧
SOA Serial number not updating
Hello,
I've created and imported some reverse DNS zones into Azure DNS.
However now, when I make a change to the DNS records, the serial number is not incremented for both the newly created zones and the imported zones (which had the serial number imported).
I tried waiting a while and refreshing the views, but the serial number doesn't change.
Is that normal behavior in Azure?
↧
↧
Point To Site VPN
Hi,
In the about point to site vpn page https://docs.microsoft.com/en-in/azure/vpn-gateway/point-to-site-about it is mentioned that P2S solution is useful if you're having less number of clients to access.
What is the less number here? If I am having 100 clients is it a ideal solution?
Thanks
↧
Error linking vnet to private DNS zone that was previously deleted
Hi, hope this is in the correct place and someone can help with this.
I linked a vnet to a private DNS zone using the Azure web portal, I then had cause to delete and re-create the resource group containing the vnet which I did.
I noticed that the link to the private DNS zone remained so, I deleted this manually (again using the portal) thinking it would need to be recreated due to new resource IDs.
Now, when I try to link the newly recreated vnet to the DNS zone I get the following error:
Failed to create virtual network link 'xx-xxxxxx-vnet'. Error: Virtual network resource identity 'xx-xxxxxx-rg/providers/Microsoft.Network/virtualNetworks/xx-xxxxxx-vnet'>xx-xxxxxx-vnet' already in use. This is possible in case the virtual network was moved, or re-created. Please contact support.
I linked a vnet to a private DNS zone using the Azure web portal, I then had cause to delete and re-create the resource group containing the vnet which I did.
I noticed that the link to the private DNS zone remained so, I deleted this manually (again using the portal) thinking it would need to be recreated due to new resource IDs.
Now, when I try to link the newly recreated vnet to the DNS zone I get the following error:
Failed to create virtual network link 'xx-xxxxxx-vnet'. Error: Virtual network resource identity 'xx-xxxxxx-rg/providers/Microsoft.Network/virtualNetworks/xx-xxxxxx-vnet'>xx-xxxxxx-vnet' already in use. This is possible in case the virtual network was moved, or re-created. Please contact support.
↧
I cannot apply custom health probes to my HTTP settings
I created two custom health probes and then opened one of my HTTP Settings configuration and selected "Use custom probe". I received the error message:
There are no HTTP probes available. Create a new probe and then try again.
- Ryan
↧
↧
Inbound NAT where Target VM in a Different Resource Group
Hi Team,
Please confirm is there any way to create Inbound NAT where Target VM in a Different Resource Group.
Note: Currently i am not able to see Different Resource Group VMs in External LB Target VM list but same Resource Group VMs are showing.We have created Outbound NAT (PAT) which is working fine.
Sandy
↧
Does Azure Front-Door support wildcard hostnames?
Hi
Does Azure Front Door support, or plan to support, frontend hosts with wildcard custom hostnames routing to the same backend pool? If not, does this mean that we need to add a new frontend host, and a routing rule for each host name?
We have several hundred hostnames in the same domain that we need to route to the same backend pool of app services, and these are continuously added to.
If wildcard hostnames aren't supported is there support in the management API for adding new frontend hosts?
Thanks in advance
↧
Peering networks in Azure using VPN Gateway.
Hello, I have next network infrastructure in the Azure:
Resource Group 1:
- Network: 10.0.0.0/16
- Subnet: 10.0.0.0/24
- Gateway subnet: 10.0.1.0/24
- VPN to the Office HQ - Route-Based
Resource Group 2:
Network: 10.100.0.0/16
Subnet: 10.100.0.0/24
Gateway subnet: 10.100.1.0/24
VPN to the Office Branch #1 office (Cisco ASA 9.6.(4)) - Policy-based
Resource Group 3:
- Network: 10.200.0.0/16
- Subnet: 10.200.0.0/24
- Gateway subnet: 10.200.1.0/24
- VPN to the Office Branch #2 office (Cisco ASA 9.6.(4)) - Policy-based
There are peering networks in Azure:
- Resource Group 1 <-> Resource Group 2
- Resource Group 1 <-> Resource Group 3
There are next on-prem subnets in Office Branch #1 (192.168.1.0/24) and Office Branch #2 (192.168.2.0/24).
So I successfully can ping servers in the next directions Office Branch #1 <-> Resource Group 2and Office Branch #2 <-> Resource Group 3. But I can't ping servers that located in Resource Group 1 from theBranch Offices.
I'm not sure but maybe I have to add some routes in Azure. How to fix it?
Thank you!
K.
↧
After adding the VMSS to the backend pool in Azure Application gateway the instance count shows as 0 in application gateway pane-> backendpool
Hi,
I have created the VMSS with Upgrade Policy as "Manual". I have added the VMSS to the backend pool of application gateway and it got added successfully.
But when I checked the instance count it shows Target as 0 in application gateway backend pool. It gives an error
1. "Upgrade all the instances for this change to work" . Dont understand the cause of the issue?
2. Adding second VMSS fails with "Error:
At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details.“,”details”:[{“code”:“BadRequest”,“message”:“{\r\n \“error\“: {\r\n \“details\“: [\r\n {\r\n \“code\“:
\“NotFound\“,\r\n \“message\“: \“Resource /subscriptions//resourceGroups/QAproviders/Microsoft.Network/loadBalancers/ <name> not found.\“\r\n }\r\n ],\r\n \“code\“: \“InvalidResourceReference\“,\r\n \“message\“: \“Resource /subscriptions/resourceGroups/QA/providers/Microsoft.Network/loadBalancers/resourceGroups/QA/providers/Microsoft.Compute/virtualMachineScaleSets/qaazatcn-was
not found. Please make sure that the referenced resource exists, and that both resources are in the same region.\“\r\n }\r\n}“}]}
↧
↧
How is vWAN highly available and resilient?
How is vWAN resilient? If a datacenter (or situation b:a region) goes down, and the hub in that region is knocked offline, how do branch offices maintain connectivity?
↧
Azure DNS - find out what records are being queried
Hi,
I have a number of Azure DNS zones. I've looked at metrics for various zones and can see one zone in particular is getting a lot of queries. Is there any way to see what record is being queried and from where?
Many thanks,
Chris
↧
How to access IP-restricted resources from Azure Databricks
The question is rather straightforward. How can I define a predictable outbound IP address for virtual machines running in an Azure Databricks cluster? The VMs are inside a VNET dedicated to Databricks. The resources I'm trying to access are non-native so VNET storage endpoints are not an option - the resources themselves also cannot be provisioned inside a VNET.
In other words, I have a storage resource e.g. a database protected with a simple IP-based ACL. How would I go about enabling access to said resource from Azure Databricks - from Databricks-managed VMs inside a VNET?
Azure Databricks does allow me to provision cluster VMs within a VNET under my control, in which case I would be able to create UDRs. They call this feature "VNET injection".
↧
How to verify account
Apparently I can't include an image until my account had been verified...
...But I can't see a link anywhere to allow that to happen.
So: How does one verify an account on these 'ere forums?
↧
↧
Point to Site connected but no access to private network
Hi all,
I've configured a Virtual network Gateway with a Point to Site configuration to access from the Internet to my Azure resources. I did follow all the steps documented by Microsoft and I can connect to the VPN and get an IP Address from the P2S Pool. However I can't reach the private IP addresses being connected through the VPN.
When the VPN connects it successfully adds in the clients the required routes to reach the private network ranges. Also I've reviewed the Network Security groups and they are allowing the inbound traffic from the P2S Pool.
What I'm missing? Any help is appreciated.
Thanks!
↧
How to set Azure DNS forwarding(or redirect)?
I'm using Azure DNS now.
I'm in trouble to set 'forwarding(or redirect)' for my domain.
Can i set 'forwarding(or redirect)' for my domain like this?
for example) www.test.com -> test.com
↧
Azure for DR
DR question, client uses hyper V, there building burns down, we restore there server VM to Azure and start it back up, how do the employees then connect to this VM from there homes to continue working until a work site can be set-up?
I see that you can RDP into the server, but how would it provide File Shares for employees to work out of, or how could Accounting staff connect to the server to work in QuickBooks or Sage packages?
Would we have to set-up a Point to Site connection at every employee's home? What if they are traveling for business?
Thank you for your answers, we are trying to understand how we can promote this to our clients as DR solution but need to have a full understanding of how it functions first.
Cheers,
Curt Winter
Certified Microsoft Professional
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied. If you found my post helpful, please mark it as the answer.
↧
Adding ApplicationSecurityGroups From C#
Hi,
i'm trying to add an applicationSecuirityGroup from c# in my Azure Networkinterface...
can't figure that out...
anyone have any clue how to do this ?
everything else works great... just can't find where to put that in.
thank you so much !!
would really appreciate your help !!
Matt
↧
↧
IPSec Lifetime duration
Hi Everyone,
May i know if there's a way to adjust the IPSec Lifetime duration for Azure?
Regards,
Brylle
↧
NSG Rules for WebLink
Hi Experts,
Please guide if a web link like http://ctldl.windowsupdate.com/ be allowed in azure NSG.
Thanks
↧
Network ACLSs expected time to start working
Hi,
I'm working with Network ACLs in Azure. I created rules using the CLI and also the GUI with the same result: sometimes it takes 1 min to start blocking an IP or sometimes it takes up to 15 mins. Is this the normal behavior? If it is, can someone please recommend me another solution for blocking IPs with simple ACLs?
Thanks!
↧