Route table is applied to a Azure subnet then virtual network gateway routes disappeared from effective Route table
I can not start a connection with Photon Server on Azure VM
Hi,
I'm trying to start a connection with Photon Server on the Azure VM, but I can not. (Everything is okay with my local machine, i can start a connection) I can make connection with RDP, there is no problem about remote desktop connection.
I opened up all required inbound ports at the "Networking" section, made public VM IP static, but again i can not connect to server.
Photon Server application automatically enables required ports on the Windows Firewall. I made all Photon side setups correctly (using public ip, started load balancing service etc.)
What should I do in addition on Azure side?
Thanks
Azure Private DNS - sporadically fails to auto-register VMs
Hello Guys,
I am trying to use Azure Private DNS zones (Refresh June release).
Regions - multiple (West US 2, South Central).
Configuration is straightforward. A private DNS zone that has a single auto-registering network attached to it. Sometimes VMs on vnet will register and sometimes they won't. The way it works: if VM started and it shows in portal as A record in DNS zone, nslookup resolution from that VM or its vnet neighbors works. If VM is missing from portal, nslookup doesn't resolve the name. Often when I want VM to register, I would stop and start it and it will work. I have, I think, about 50% failure rate of auto registration in West US 2, which is pretty high. Waiting for VM to register doesn't help: it either registers on start or will not register at all.
Is there a way to do something about it? I am thinking I should quit using the auto registration feature altogether and switch to manual A records.
Thank you for ideas!
Azure Utilization API Not Reporting Instance Data
I started browsing our Partner account's usage via records in the Utilization API and I noticed something peculiar that's throwing our reports off.
We expect AzureUtilizationRecords to have Instance Data populated, because we're taking stock of what Resource Ids are being utilized. This seems to be populated for all resources except for Public IP Addresses, which have InstanceData set to null. This is strange because Public IP Addresses seem to have a ResourceId available via the Portal, so I'm confused as to why they aren't available via the Usage API.
Virtual network Gateway no data out.
I have created Virtual network gateway and connected with on-prem network.
I can see in Azure that its connected but I can not ping or RDP. When look at Data there is only In but not Data Out.
There are default NSGs attached, i have not created any
Any pointers or advise
Expressroute and Azure VPN Challenge
could you give me some advice about the following challenge if have by one of the customers. They have Virtual network gateway with VPN and they have also know Expressroute. How can I configure this to use the VPN as the Expressroute on the same Networkgateway /VNET. This error I receiving: Failed to create connection 'ER'. Error: The Expressroute connection -networking/providers/Microsoft.Network/connections/ER'>ER must have an Expressroute gateway as the first endpoint.
But the network gateway has already a Point to site VPN configured and I receiving the error when configure the Expressroute Failed to create connection 'ER'. Error: The Expressroute connection camelot-networking/providers/Microsoft.Network/connections/ER'>ER
must have an Expressroute gateway as the first endpoint.
Azure Load Balance (internal/DNS name)
Hello,
I need some advice for Azure internal load balancing
It seems that when only using a Private IP Address you are not provided with a DNS record for the Azure Load Balancer.
Has anyone come across a way to assign a DNS Record to the private IP address. (I know you can give it a public IP and DNS name but this is for internal traffic only)
Things being considered:
Azure Private DNS Zone
Azure DNS Zone
Any ideas would be great
VPN Site To site problem
Good morning, I have a problem that I can't find. I have a site-to-site connection with your client in Azure,
on the azure side there are 6 virtual networks, where each one has its own group of addresses and they are paired
with each other. It runs smoothly. the tunnel is working fine, now create two new virtual networks do not overlap
with any network and when I check the tunnel configuration by downloading the configuration file the tunnel does not
include them. I did a reset of the Virtual Gateway (only reset do not delete it) but the new networks that I add on the
portal still do not appear. How can I do so that the networks that we have added the virtual portal tunnel connection are
included in the configuration and that by downloading the configuration file to give the company's network staff can see
everything that is agreed. Is there any command or way to update this information or just
resetting the virtual gateway would be enough? because it's not working for me. regards
Frequent disconnection through RDP over S2S
Hello All,
After a successful S2S tunnel setup , I am facing frequent Disconnection over RDP to my VM on Azure . The Connection get estabished for 5-10 minutes and the RDP get disconnected and doesn't come back untill I reset the Azure Connection by adding or removing address space in localgateway on azure. Any suggested solution ?
Regards
Jayesh
Can't connect to VM using Bastion
Azure Front Door Service w/Static Website on Blob Storage
I am posting this Azure Front Door issue on this forum per Microsoft recommendation.
I have a HTML static website file on blob storage and have set up Azure Front Door Service to access the file. When I click on the front end link AFD provided, I get an error "Value for one of the query parameters specified in the request URI is invalid." Then I add the specific file name at the end of the front end link, and I get this error "One of the request inputs is out of range." I have also tried using the link provided in the storage account and get this error "The specified resource does not exist." However, when I go into Storage Explorer and click on the HTML link directly, the website opens. From this, I know access from the storage account is working, but the routing thru the Front Door is not. Any help would be appreciated.
Keith
Purpose of resourceGuid property in Microsoft.Network/networkSecurityGroups ARM template?
I'm curious about the purpose of the resourceGuid property in the ARM template for Microsoft.Network/networkSecurityGroups. The template reference lists it as an optional property (https://docs.microsoft.com/en-us/azure/templates/microsoft.network/2019-04-01/networksecuritygroups#networksecuritygrouppropertiesformat-object), but it appears to be ignored when specified in a resource group deployment. It doesn't appear to be used for modifying existing NSGs, or even creating NSGs. On creation of a new NSG, the resourceGuid specified in template appears to be ignored as the resulting GUID is different.
Does this property serve a function in the NSG template? Is the answer the same for other resources that contain this property? Thanks!
Unable to configure custom domain with Azure DNS
I have purchased a custom domain in Azure marketplace (internally Azure buys through GoDaddy).
I have followed the documentation in configuring a static website from custom domain to blob storage but I keep getting this error
Nested Virtualization Networking
Hello,
I have installed KVM and able to provision VM and provide networking with NAT.
KVM 10.03.4 (public) <--> NAT (192.168.0.0/24) <--> VM (192.168.0.100)
Like this and with port forwaring i am able to access vm.
What i need is one static ip per vm so my question is how i can apply different static ip to each vm?
Regards
Teo
CNAME not recognized, cannot validate subdomain
Hi,
despite me adding a CNAME on the DNS user interface of my domain provider I cannot validate a www subdomain for my website.
I correctly redirected the root domain using an A type entry and a TXT one, but when it comes to add a CNAME nothing changes despite following correctly the instructions and waiting more than 48 hours the button to add the domain on Azure is greyed out and the ownership of the domain is still labeled in red as missing. What is happening?
Can this be related to the datacenter choice I made for my app service and database (north europe instead of the default one) ?
Thanks in advance for any help.
Using VNet Preview from two plans
I have a couple of App Services in different plans
I am trying to connect from one AppService1 in plan 1 to a Vnet, using Vnet (Preview) and it is working fine
When I try to connect from AppService2 on Plan2 to the Vnet using Vnet Preview I cannot use the same subnet and if I add a new subnet and connect it it still can't reach the resource I tried tcpping and I am getting
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions
Does anyone had similar issue and what was the solution
The resource I have used to make this connection
https://docs.microsoft.com/en-gb/azure/app-service/web-sites-integrate-with-vnet
VPN Client Download
Hi,
I'm setting up a VPN Network for connecting to AZURE. Everything worked fine until I tried to download the VPN Client (like described here: https://docs.microsoft.com/en-us/azure/vpn-gateway/point-to-site-vpn-client-configuration-azure-cert#zipportal)
The documentation tells me to execute a VpnClientSetup file, which is not present in the download. ("Download VPN Client" in the portal)
I'm I missing something, or is the download broken?
best regards,
Roman
AD FS WAP server gives http 404 error for service URL https://fs.contoso.org
Internally thru an Azure Load Balancer, "https://fs. contoso. org" redirects to "https://fs. contoso. org/adfs/ls/idpinitiatedsignon.htm/" successfully. The HTTP Redirect is written in IIS on the ADFS server running on Server 2016.
Externally thru an Azure Load Balancer, then a Web Application Proxy server on Server 2016, "https://fs. contoso. org" gives an HTTP Error 404 error. But "https://fs. contoso. org/adfs/ls/idpinitiatedsignon.htm/" loads successfully.
I need the external behavior to match the internal behavior
I tried writing the same redirect in IIS on the WAP server but it doesn't work. Both servers are running in Azure.
Thanks for the assistance!
Route SQL Server Management Studio over VPN to Azure SQL
We are connected to an Azure p2s VPN from our local machines. When using SSMS, we would like traffic to be routed through the VPN tunnel to the back end Azure SQL database. Currently the connection routes through the internet.
Is it possible to have SSMS connect to Azure SQL over the VPN?
Slow File Transfer with IPSec Site to Site VPN to Azure VM
I have managed to successfully establish an IPSEC tunnel (Site to Site VPN) between my Azure environment and my on-prem RRAS server.
My Azure setup is as follows:
192.168.0.0/16 Address space with 2 subnets: default subnet 192.168.0.0/24 and 192.168.1.0/24 as my gateway subnet.
My on-prem is as follows:
10.0.32.0/24
I have a server on Azure that is 192.168.0.4 and server on my on-prem side that is 10.0.32.46. I can Ping both ways and I even managed to join my Azure server to the AD domain that is on my on-prem side.
However, when I do file transfer from On-prem server to Azure server it seem to hang. But from Azure to On-prem I can transfer files just fine at high speed.
NOTE: both on-prem and azure have high bandwidth and Im sure the issue is nothing to do with bandwidth.
From on prem to Azure file transfer works but Extremely slow. I am only seem to be able to copy files less than 10KB. anything larger than that seem to make it hang. Therefore, the issue is not firewalls or ports since the copy works.
I used Iperf.exe to check the connection and when I have my Azure server as a listening server I can see that I am not receiving anything (0 data ) from on prem side but can send to it. But when my on prem side is listening using Iperf I can see that I can send and receive data from azure end.
I tried changing the MTU on both ends lowering it down to 1400 and it didnt seem to fix the issue.
I used Wireshark to investigate the issue further, and I can see lots of re-transmission,duplicate TCP from my Azure end.
I do not know what else I can do, I know that the issue resides on the azure networking side, and im sure its not the Azure server (windows 2019) since I span up another server (2012 R2) on Azure and it ended up having the same behavior.
NOTE: I had to enable SMB1 to join my Azure server to my domain on the on-prem side, however file transfer uses SMB2. I thought there might be a protocol mixup but wireshark shows that file transfer uses SMB2 and SMB2 is enabled on both ends.
Any help would be highly appreciated.