Quantcast
Channel: Azure Networking (DNS, Traffic Manager, VPN, VNET) forum
Viewing all 6513 articles
Browse latest View live

Availability set:Durable VM

June 5, 2013, 5:38 pm
$
0
0

If availability set is selected for Durable VM,

1. Would same set of application (which are installed on current durable VM on top of OS image.) would automatically get installed on upgrade\Fault domain ?

2. If no, how to manage that , what  type of event durable VM  needs to handle?

3. If Data disks are attached to Durable VM , on fault or upgrade , will these disks get automatically attached to the new VM in upgraded\faulted domain ?

4. which events durable VM receive in case of Azure "Host" OS upgrade  ?

Search

ASA 5510 to Azure Site-to-Site VPN - ERROR: Failed to find a matching policy

June 5, 2013, 7:37 pm
$
0
0

I am trying to connect my ASA 5510 to Azure with a site-to-site VPN.  We currently have two sites and two ASA 5510 creating a site-to-site VPN and both ASAs have the latest 9.1 ASA firmware release.  One site is the main site and the other site is a satellite site.  I press the "Connect" button on Azure to connect Azure to our main site, but it errors out.  The ASA logs say (the XXXs are my masked local IP and Azure IP) this:

4|Jun 05 2013|21:16:13|750003|||||Local:XXX.XXX.XXX.XXX:500 Remote:XXX.XXX.XXX.XXX:500 Username:Unknown Negotiation aborted due to ERROR: Failed to find a matching policy
5|Jun 05 2013|21:16:13|750002|||||Local:XXX.XXX.XXX.XXX:500 Remote:XXX.XXX.XXX.XXX:500 Username:Unknown Received a IKE_INIT_SA request

I am using a Dynamic Gateway on Azure.


How to open ports 10000 to 20000 for Linux (Asterisk) Virtual Machine in Azure?

October 5, 2012, 5:34 pm
$
0
0

Hi,

Ports are opened as new Endpoints in the virtual machine. Hence, I was able to open ports like 5060 & 22 which are needed for VoIP. However, I need to open a range of ports from 10,000 to 20,000 which I can't do manually by adding the Endpoint for every port. 

Hence, can you let me know if there is any simple way to add these endpoints through some commands and if so, where should I execute those commands (Windows azure commandlets?)?

End to end connectivity

June 6, 2013, 7:20 am
$
0
0

I can't get end-to-end connectivity between two virtual machines. Network Scenary:

VM 1 -> Azure VM connected to Virtual Network Address Spaces using DHCP (e.g. 10.0.0.0/27)
VM 2 -> Private VM (On_Premise) connected to Local Network (e.g. 192.168.1.0/24)
S2S VPN working!!! between On-Premise LAN and Azure

Objective of pilot: Extend my On-Premise network to Azure Cloud

- Ping (ICMP) test = Not working!!!
- RDP test = Not working!!! 
- Only I can connect to VM using RDP ... public name and not usual port 60101 (e.g.)
- Firewall rules = OK
- Telnet end-to-end = Closed
- VPN S2S Status = OK
- A static route was created (VM2) to reach Azure from LAN

Everything seems to work except the connection between virtual machines
What's missing in my settings?

Access is denied. (Error 0x80070005) For customized troubleshooting information for this connection, click Help.

June 6, 2013, 10:46 am
$
0
0

Using the procedure in Configure a Point-to-Site VPN in the Management Portal to create a point-to-site VPN connection produces  this in the dashboard:

When I attempt to connect I get this:

I also found this in the vpn connection log:

[cmdial32] 12:44:47 21 On-Error Event ErrorCode = -2147024891 ErrorSource = RAS

So, why is the dashboard yellow? Does that mean the configuration is incomplete or faulty? And does this connection error look familiar to anyone?

Point to site connection Error 80070057

June 6, 2013, 10:36 am
$
0
0

I created my virtual network, gateway, and certificates.  I upload my management certificate and created my VPN client.  I successfully installed the VPN client.  When I attempt to connect I get the following error:

"Custom script (to update your routing table) failed (80070057)."

Tried in 3 different computers (2 windows 7 and 1 2008 R2).

I've been looking around and found that the connection is done if I delete the SetRoute part in the .cms file installed by the client (user\AppData\Roaming\Microsoft\Network\Connections\Cm\myConection\myConnection.cms); I then have to set manually all routes and gateways. It works but it's not what I need, because I need the installer.

Any ideas?

port forward to a vm ?

June 6, 2013, 2:17 pm
$
0
0

Can I open ports to a VM in azure? For example can I host an email server in a VM? web server, etc ? How many public IP's will I get on azure? I am new to azure

Anand_N

S2S connected but without connectivity

June 7, 2013, 7:19 am
$
0
0

I can't to connect from my Edge On-Premise Server and My Azure VM.

S2S show me connection status OK between Azure Gateway and my RRAS Windows Server 2012.

Search

VPN completed Phase I but got "All IPSec SA Proposals found unacceptable" on Phase II

June 7, 2013, 4:04 pm
$
0
0

All,

I tried to setup Azure Virtual Network with Cisco ASA 5505 IOS 7.2 (I know Azure requires IOS 8.3 and up but I think it's just the syntax is different) at our main office following exact given template by Azure portal and got the VPN connection phase I completed but error "All IPsec SA Proposals found unacceptable!" on phase II, anyone has overcome this? any settings that I need to change on the Cisco side? I tried to toggle ON and Off between NAT-T and IKE negotiation mode "aggressive group 2" (these parameters weren't specified in Microsoft document) but still got the same error.

Thanks,

Windows 8 Virtual Network connection install

June 10, 2013, 5:23 am
$
0
0

install the client cert, run the installer but no VPN connection available to connect with.  Works fine on vista, win 7.

Anyone else had similar issues or any tips on how to create manually?

Windows Azure for Site Fault Tolerance

June 11, 2013, 10:09 am
$
0
0

I have on premises implementations of Exchage, SQL Server and custom applications. Can I use Azure as  fail over servers for my on premises servers? How? Software licenses for Windows Server, Exchange or SQL are included in Azure?



Non Server Virtual machine on Azure

June 11, 2013, 10:26 am
$
0
0
Hi, I am looking for an option to have few virtual machines outside of our corporate network for some testing purposes. Can I create a Virtual Machine running Non Server (i.e. No Windows Server 2008 image) Windows OS like Windows 7 Pro, Windows 8 Pro etc?

Regards, Adarsha

Sonicwall NSA 3500 not connecting

November 19, 2012, 7:37 am
$
0
0

Greetings,

I have a Sonicwall NSA 3500 firewall and I just cannot get it to connect to the Azure VPN, here are the current settings at both ends:

Azure

Gateway 168.63.X.X

Address 10.4.0.0/16

FrontEnd 10.4.2.0/24

Backend 10.4.3.0/24

AD 10.4.4.0/24

DNS Servers 10.0.X.X

Connectivity connect to local network is ticket, gateway subnet is 10.4.1.0/24

Sonicwall

Policy type is site to site

Auth Mode IKE using preshared key

IPSEC Primary Gateway 168.63.X.X

Preshared key is copied from Azure

Local IKE ID IP Addy 194.217.X.X - my external IP

Peer IKE ID IP Addy 168.63.X.X - Azure gateway IP

Network

Local Network is firewalled subnets

Remote network is the address object I set up for the Azure ip range

Proposals

IKE (Phase1) Exchange Main Mode

DH Group 2

Encryption AES-128

Authentication SHA1

LifeTime (seconds) 28800

IPsec (Phase 2)

Protocol ESP

Encryption ESP

Authentication SHA1

Enabled Perfect Forward Secrecy is selected with DH group 2

Lifetime (seconds) 3600

Advanced

Enable keep alive is ticked, everything else is blank.

Can anyone spot my error, the VPN just will not connect. I get occasional phase 1 connections then they fail and never get a phase 2 connection at all.

Any help you can give is greatly appreciated!!

Danny

Is there a limit to the number of Virtual Networks one can have with a single subscription?

June 11, 2013, 12:54 pm
$
0
0

Looking at my options for hosting training classes in the cloud and this came up.  FYI...they all need to be active at the same time.

Thanks!

Rob

Rob Kuehfus | Infront Consulting Group

Point-to-Site VPN connection stopped working (Error 0x800704d4: The network connection was aborted by the local system.)

June 10, 2013, 5:22 am
$
0
0

We have a Point-to-Site VPN connection between an on-premise server and Azure.

The connection worked for several days, then suddenly stopped working on Saturday 08th June. After that, connections to the Virtual Network have failed with the error:
"The network connection was aborted by the local system.
(Error 0x800704d4) For customized troubleshooting information for this connection, click Help."

- Connections to other Virtual Networks with Point-to-Site VPN work from our network.
- I have tried downloading a new VPN Client installation package from Azure portal, didn't work with that either
- The connection to the problematic Virtual Network also fails with the same error message if the VPN connection is installed on an Azure instance (not one in the problematic Virtual Network), so this doesn't seem to be related to our firewall settings. I tried also with the new VPN Client package, without making other configuration changes. Connecting to another Virtual Network from the instance worked.

We managed to create another Virtual Network, create staging deployment using that network, install new VPN connections on the on-premise servers, and then switch the staging to production. This means that the immediate situation is over.

However, we would like to know what has caused this and how we can avoid this error in the future. The problematic network is still unreachable.


I found the following page with a proposed solution for the error, but I couldn't get it to work:

http://blogs.technet.com/b/rrasblog/archive/2009/08/12/troubleshooting-common-vpn-related-errors.aspx

The same solution was proposed on the Virtual Network forum:
http://social.msdn.microsoft.com/Forums/en-US/wavirtualmachinesvirtualnetwork/thread/38d67091-a789-480d-b065-83c8365d7b80

"Possible Solution: Check your proxy settings inside the Internet explorer. If the settings are correct, please ensure you are able to access other web sites (e.g.www.microsoft.com) using the browser. If that also works through, try accessing the URI which SSTP uses internally i.e.https://vpn_server_name/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/  -  please replace vpn_server_name with actual VPN server name. If you see error “the website cannot be found” inside your browser, that validates the hostname resolution failure. If you know the IP address of VPN server, try connecting with that. Else contact your network administrator (who is responsible for managing the web proxy – most probably your ISP) – giving them the details of the problem (i.e. hostname resolution is failing for that particular hostname)."


I tried the following addresses:
https://<gateway IP address>/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/
Certificate problems (name doesn't match), then empty page (IE10)
Certificate problems (name doesn't match), then "The server requested a login authentication method that is not supported." (Opera 12.15). Probably Opera doesn't support certificate selection for the login.

https://azuregateway-<VPN connection address>-0.cloudapp.net/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/
Empty page (IE10)
Incomplete certificate chain, then "The server requested a login authentication method that is not supported." (Opera 12.15).


So it seems that this isn't a hostname resolution failure either.

Search

Point-to-site VPN connects and then disconnects

May 25, 2013, 1:56 pm
$
0
0

I've successfully connected with the VPN client, and begun an RDP session with one of our servers. Then the connection immediately drops out. The log looked like this:

[cmdial32]21:42:0603Pre-Init EventCallingProcess = C:\Windows\system32\rasautou.exe
[cmdial32]21:42:0904Pre-Connect EventConnectionType = 1
[cmdial32]21:42:0906Pre-Tunnel EventUserName = jc.vpn.AAA Domain =  DUNSetting = AAANetwork Tunnel DeviceName =  TunnelAddress = azuregateway-3d073d3b-c4a2-460f-a91a-ee07f9bff57c-0.cloudapp.net
[cmdial32]21:42:1507Connect Event
[cmdial32]21:42:1908Custom Action DllActionType = Connect Actions Description = to update your routing table ActionPath = C:\Users\James\AppData\Roaming\Microsoft\Network\Connections\Cm\AAANETWORK\CMROUTE.DLL ReturnValue = 0x0
[cmdial32]21:43:1713Disconnect EventCallingProcess = C:\Windows\system32\CMMON32.EXE
[CMMON32]21:43:1726External Disconnect due to Lost Connection
[CMMON32]21:43:1714Reconnect Event

After the initial connection drop, I then persistently get

The network connection was aborted by the local system.
 (Error 0x800704d4) For customized troubleshooting information for this connection, click Help.

With the error log looking like this:

[cmdial32]21:49:3604Pre-Connect EventConnectionType = 1
[cmdial32]21:49:3606Pre-Tunnel EventUserName = jc.vpn.AAA Domain =  DUNSetting = AAANetwork Tunnel DeviceName = WAN Miniport (SSTP) TunnelAddress = azuregateway-3d073d3b-c4a2-460f-a91a-ee07f9bff57c-0.cloudapp.net
[cmdial32]21:49:3621On-Error EventErrorCode = -2147023660 ErrorSource = RAS

I've googled around and seems to be something to do with when "the hostname of the VPN server is not resolved by the forward proxy in-front of the VPN client". Except I have no forward proxy.


Any ideas?

Thanks


Calls to external Web services never complete

June 10, 2013, 3:49 pm
$
0
0

We have a .NET 2.0 process (can be either an ASP.NET Web service, or just a standalone command line) that calls a 3rd party Web service.  We can run this process flawlessly on every machine we can get our hands on locally and in other clouds, however it hangs when run from any VM created in Azure.

All of our VM's in Azure are Windows Server 2008 R2 SP 1.  We've tried it on VM's within our private virtual network, as well as outside of the virtual network.  It works once or twice and then never works again. The 3rd part Web service is accessed via SSL.

It appears that the request is sent to the Web server, and in fact looking at the CPU usage, it appears the process is parsing the response - but it never detects the response is done and thus it just hangs at 0% CPU utilization. Again, it appears with smaller, faster requests it does work.  But most of the time it does not.

Any ideas would be greatly appreciated!

Rob

Revoke Client Point To Site VPN Connection

May 28, 2013, 9:44 am
$
0
0

Hi,

We are currently using the 'point to site' VPN in Azure to connect to our virtual machine and everything is working great.  The question we had was in regards to handling when an employee leaves the company?  We have issued unique certificates to each client and needed to know the best way to revoke a given certificate so the user will no longer be able to connect to the virtual machine. 

I realize that the 'point to site' VPN is still in preview mode and not all features are currently implemented, but I needed to know if this was possible or not.

Thanks!

Point2Site disconnects frequently (on-premise to azure)

June 13, 2013, 4:38 am
$
0
0
Hi,

We are experiencing frequent disconnects of the vpn agent after x minutes, sometimes x hours.

Automatic reconnect doesn't work (or can't work because the certificate has to be selected manually).



We found many threads on the forum where people are complaining about the same issue. For now NO working solution was proposed. We didn't want to start another thread, but now we don't want to wait any longer. 

Some users with the same issue are JamesCrowley, KlausBretten, Ryan Fielding, Juho Nokela, Frederik V, FlorianDemeter,...

We could describe our problem in detail, but the log and the problems are the same like in all other threads by the mentioned users.


Is anyone at Microsoft working on that issue?

Thanks in advance

HEhrmann



PS: Please don't copy a standard answer and mark it as answer like:

"Please check your proxy settings inside the Internet explorer. If the settings are correct, please ensure you are able to access other web sites using the browser. If that also works through, try accessing the URI which SSTP uses internally i.e.https://vpn_server_name/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/ - please replace vpn_server_name with actual VPN server name. If you see error “the website cannot be found” inside your browser, that validates the hostname resolution failure. If you know the IP address of VPN server, try connecting with that. Else contact your network administrator (who is responsible for managing the web proxy – most probably your ISP) – giving them the details of the problem (i.e. hostname resolution is failing for that particular hostname)."


123 Flashchat

June 13, 2013, 8:19 am
$
0
0

Hey Guys i have installed 123FlashChat on a VPS all is going good except when i try to link their official module to the server on my forums its telling me the ports are incorrect even though they are correct.

It is the same with one of my Azure teamspeak servers when i try to pull content through my website.

Any idea's?

Viewing all 6513 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>