hi
i had a project where i have to set connexion between instance VM ubuntu and the router in my workspace ,the router had a local adresse 10.x.x.x and the VM had 55.X.X.X
so please any help to establish a session between the two ?
thanks in advance .
Team,
How do we configure multiple cname for a single server on azure.
Team,
Is there any API like AWS provides to spawn a VM ? Basically i need to spawn a azure VM via Ansible from my local machine.
Hi All
Given that we are totally failing to create FrontEnd endpoints using the API/Nugets (https://github.com/Azure/azure-sdk-for-net/issues/7050) and have a critical need to programmatically add a Front-end hostname to an existing backend/ruleset, including a custom HTTPS certificate from keyvault, we are now trying to do this using powershell.
In general we have got this working now, adding the endpoint to the configuration and adding it to the ruleset. The problem is that it is not adding the SSL certificate.
Without the full trimming the relevant part of the command script I'm using is
$TargetCertificate = Get-AzKeyVaultCertificate -VaultName $VaultName -Name $CertificateName $NewEndpoint = New-AzFrontDoorFrontendEndpointObject -Name $NewName -HostName $NewHostName -SessionAffinityEnabledState Enabled ` -WebApplicationFirewallPolicyLink $StandardWebApplicationFirewallPolicyLink -CertificateSource "AzureKeyVault" ` -ProtocolType "ServerNameIndication" -Vault $TargetCertificate.VaultName -SecretName $TargetCertificate.Name -SecretVersion $TargetCertificate.Version
Everything else is created successfully, just the SSL isn't added. I've already validated the permissions etc, and the settings are matched by another endpoint that was created successfully on the same front door through the portal.
If someone could point out what silly mistake I've made it would be very much appreciated.
Thanks in advance.
Mark
Hello,
Im looking for a Virtual Proxy Solution. Azure has any?
We need to filter access and cache mode
Help!
Thanks in advance
Regards
We are trying to adopt the Azure Event Grid on our platform, but we need to ensure we can keep all the communication in our private address space. Is it possible to provision Event Grid on private network? If not, is there a way to have the Event Grid endpoint call a webhook that's available only on our VPN without writing an Azure functions that does the routing?
Hi All, I am new in Azure platform. We have 2 issues between on premises & Azure platform. Please guide me on those issues-
Issue#01: As a beginner, we have seen some videos / KB to create site to site VPN create.Now we have successfully created S2S with on premises network device. We can ping on premises VM IP from Azure vm. But we are unable to ping Azure VM IP from on premises VM. In NSG, we allowed all port for any any connections in inbound outbound setting. We have also checked that no blocking in on premises network device.
Issue#02:For DC-DR Active Directory testing, we have an on premises Active Directory (DC site). We have created a VM in Azure and add the server to our test domain. After that we have promoted the Azure VM as a domain controller (DR site). The problem is from the on premises AD we are unable to resolve DR Active Directory DNS server IP. Also we are facing replication issues. When object is created in DR AD ( Azure VM ) then objects are not showing on premises AD. but when we create object in on premises AD, objects are showing in DR AD ( Azure VM). We have allowed all port in NSG but no luck.
I hope experts will guide me to solve those issues.
I have written a script for retrieving rules of all nsgs and for few of the rules I get the output for sourceaddressprefix as {} while I have ip/ips placed in azure portal,which are actually working.
Hello,
I need some advice for Azure internal load balancing
It seems that when only using a Private IP Address you are not provided with a DNS record for the Azure Load Balancer.
Has anyone come across a way to assign a DNS Record to the private IP address. (I know you can give it a public IP and DNS name but this is for internal traffic only)
Things being considered:
Azure Private DNS Zone
Azure DNS Zone
Any ideas would be great
The document https://docs.microsoft.com/en-us/azure/frontdoor/front-door-faq doesn't indicate "where" I go to achieve this.
I'm not using a VNET.
I'm assuming "backend" = "app service"
I don't see anywhere where the steps in the above document can be performed.
Hello,
<style type="text/css">p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Helvetica Neue'} p.p2 {margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px 'Helvetica Neue'; min-height: 14.0px} </style>I have installed Grafana on my AWS account and Azure account. In AWS grafana running on 443 port but it failed start on azure on port 443. I have used self signed ssl certificate.
I verified that both configuration file are same except the IP address and DNS name. Both cloud I am using public DNS (provided by cloud operator) name to configure the Grafana.
What difference I found that, in AWS the public DNS is resolving to public IP address on internet but resolving to private IP inside the instance. But in azure it is resolving only to public IP (from internet and the machine itself) address and grafana failed to listen in 443 port.
Can anybody know how to resolve it? In AWS am using default VPC.
Error:
logger=server reason="listen tcp xx.xx.xx.xx:443: bind: cannot assign requested addressWhen I use azure virtual machine private ip for Grafana it will start on the port 443 but when I access from outside grafana not loading, is it something related IP forwarding.
Regards
It seems the firewall is blocking access to the website hosted on that IP address since locally on my virtual machine I can browse that IP address just fine.
Both Network adapters and configured for the same security group so I am at a loss why this does not want to work.
I updated the DNS on go daddy just like I did for the site on the working IP address.
Any ideas ?
How many concurrent connections can a single Bastion host handle?
Scenario: I have configured a Bastion (subnet and all) and am connection to a VM using the Bastion, how many of my colleagues can also use the Bastion service at the same time to connect to different servers in the same VNET?
Hi,
We create connections between two virtual network gateway and while creating connection, we need to select
Shared Key (PSK).
I would like to know, should I use the same Shared Key (PSK) value in both connection?
Regards
InTechSys
InTechSys
I'm trying to get real client IP addresses from the X-Forwarded-For, X-Real-IP, or equivalent header.
Doing this securely requires configuring the CDN to authenticate to the backend, eg. client certificates like Cloudflare, or configuring the backend to trust those headers only when sent from a known IP range.
I'm attempting to do the second, but this requires a source of trusted IP ranges.
For Cloudflare, it's https://www.cloudflare.com/ips/
For Cloudfront, it's https://ip-ranges.amazonaws.com/ip-ranges.json
For AzureEdge, the nearest I can find is https://docs.microsoft.com/en-us/rest/api/cdn/edgenodes/edgenodes_list - but this is authenticated (which is annoying, but workable), and as I understand it, gives only the currently-active addresses for the account, which change frequently. Depending on the frequency, this would require significant work to use.
https://www.microsoft.com/en-us/download/details.aspx?id=41653 has also been suggested repeatedly. This would be even more infuriating to use, as it is:
- Not scriptable, so must be updated manually
- Includes "compute" ranges, implying that anyone who rents an azure VPS will be included
Is there a plaintext or json list of all trusted IP ranges I can use for this? If not, is there another method of authentication available?
Hi,
I believe Point to Site VPN connection is divided in two parts; creating virtual network gateway and creating root certificate.
I completed till virtual network gateway.
For the next part i.e. creating root certificate, I have gone through steps explained on some website.
e.g. https://www.assistanz.com/steps-to-create-point-to-site-vpn-using-azure-portal/
I installed Windows SDK successfully.
For creating Root Certificate, I found
To create, open the command prompt and navigate to C:\Program Files (x86)\Windows Kits\10\bin\10.0.16299.0\x86.
Type the below command to set the path value for windows SDK kit.
SET PATH=%PATH%;C:\Program Files (x86)\Windows Kits\10\bin\10.0.16299.0\x86;
But in case of my Windows 10, I see path as
Please let me know, what I need to do next?
Regards
InTechSys
InTechSys