Hello!,
I am trying to simulate Hyper-v network concept in azure and want to get this right.
In hyper-v I have created 2 virtual networks, configured RRAS to route between 2 virtual internal networks
Internal Network ( 192.168.1.x ) <---> RRAS ( with 2 adapters ) <----> Internal Network ( 172.16.x.x )
But the above cannot be performed in Azure as the VM accepts only single Subnet - how to achieve routing between 2 virtual networks in azure
On virtual machines that exist on a certain virtual network, I am unable to connect to any websites on the internet (microsoft.com, google.com, any other sites by hostnameor IP address) but I can still RDP to them through their input endpoints. I have verified that DNS is configured correctly, as the hostnames are resolved correctly. Whenever I try to make an outbound connection to the internet, the connection times out.
My virtual network is configured with a site-to-site VPN, and I am able to successfully reach the machines on the other end of the gateway.
Support Case MS Azure
Case:
User s are disconnected from RDS. The session is disconnected, and reconnected. This happens ca. 15 times during a workday. (per user)
Case details:
Last year we started to use VM’s at the MS Azure environment. We created a W2008r2 domain controller, and 2 Terminal servers (W2012). This worked properly. We only experienced disconnections when a session was minimalized. But then we created a new environment because we had a new azure subscription. Since then we are suffering from disconnected sessions.
We tried to tweak our environment, by optimizing the keep-alive settings and the tcp-ip settings. This improved slightly the experience, but the problem remains. Further research came up with a number of errors in the event viewer.
This is the main error:
Log Name: Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational Source: Microsoft-Windows-TerminalServices-RemoteConnectionManager Date: 22-01-2013 16:28:11 Event ID: 1152 Task Category: None Level: Error Keywords: User: SYSTEM Computer: TS01.companycloud.local Description: Failed to create KVP sessions string. Error Code 0x8007007A Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-TerminalServices-RemoteConnectionManager" Guid="{C76BAA63-AE81-421C-B425-340B4B24157F}" /> <EventID>1152</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x1000000000000000</Keywords><TimeCreated SystemTime="2013-01-22T15:28:11.970697100Z" /> <EventRecordID>55796</EventRecordID> <Correlation /> <Execution ProcessID="1004" ThreadID="1008" /> <Channel>Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational</Channel><Computer>TS01.companycloud.local</Computer> <Security UserID="S-1-5-18" /> </System> <UserData> <EventXML xmlns="Event_NS"> <Param1>2147942522</Param1> </EventXML> </UserData></Event>
Then we see a user disconnected, en then we see in the event viewer that the session has been rebuild. The user experience a ‘freeze’, black screen and then the message that the session is disconnected. The session automatically reconnect and the user can work further from the point where the session has been frozen.
After more research, we found more errors, and we pointed to a Hyper-V problem. Foregoing error is a error that reports a problem between the Hyper-V host and the guest.
We also created a Windows 2008 server in the same network. And the problems are appear also. The main error on the W2008 server is:
Log Name: System
Source: TermDD
Date: 24-01-2013 08:38:19
Event ID: 50
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: COMPANY-TS03.companycloud.local
Description:
The RDP protocol component X.224 detected an error in the protocol stream and has disconnected the client.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="TermDD" />
<EventID Qualifiers="49162">50</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-01-24T08:38:19.410777900Z" />
<EventRecordID>6049</EventRecordID>
<Channel>System</Channel>
<Computer>COMPANY-TS03.companycloud.local</Computer>
<Security />
</System>
<EventData>
<Data>\Device\Termdd</Data>
<Data>X.224</Data>
<Binary>00050800020030000000000032000AC00000000032000AC0000000000000000000000000000000002200000000000000</Binary>
</EventData>
</Event>
Together with a partner of us, we tried to find the cause of this errors. We created on another Azure subscription a similar environment. The fact is that the problems not exist on the other environment. We also concluded, that when we stay within the Virtual Network of Azure, the connection remains!
Our conclusion is that our problems can be ascribed to a defect in the Windows Azure Virtual Network, or in the Hyper-V solution from Windows Azure. We think that, when we rebuild our complete environment ( approximately 4 days of work) and create a new network (or even a new subscription) the problem is solved.
An resume of our environment:
Hello,
I have configured point-to-site vpn according to this tutorial http://blogs.technet.com/b/cbernier/archive/2013/08/21/windows-azure-how-to-point-to-site-vpn-walk-through.aspx
When I try to connect from a client i get the following error:
The specified server cannot perform the requested operation.
(Error 0x8007003a).
Log file shows following:
[cmdial32]10:51:3703Pre-Init EventCallingProcess = C:\Windows\Explorer.EXE
[cmdial32]10:51:4104Pre-Connect EventConnectionType = 1
[cmdial32]10:51:4106Pre-Tunnel EventUserName =[xxxx] Domain = DUNSetting = [xxxx] Tunnel DeviceName = TunnelAddress =[xxxx].cloudapp.net
[cmdial32]10:52:2121On-Error EventErrorCode = -2147024838 ErrorSource = RAS
Here is the part of the log that can also be useful
Operating System : Windows NT 6.1 Service Pack 1Can you provide any insight regarding this error?
Thanks,
Nenad Rakic
Hello,
I've changed the IP address of the one DNS server of a test Azure virtual network from 10.0.04 to 10.0.0.5, but every time that virtual machines boot, they receive the old DNS server address (10.0.0.4). Deleting and creating the DNS server record again in the Virtual Networks interface has made no difference.
Has anyone seen this issue before?
Good day,
I need some assistance. I am trying to have my Azure Virtual Network connect to my on-premise network using a site-to-site VPN.
Since I don't have a static WAN IP address at my on-premise network, I am using a DynDNS service.
In Azure, it seems that we can only point the "VPN Remote Gateway" to an IP Address, and not to a DNS domain name (example : Network123.dyndns.org).
It surprises me because a lot of VPN devices/firewalls offer this feature.
Is there an alternative to this? Thanks! :)
Hi
We currently have a production sharepoint environment in Azure.
The company has now decided it wants a test environment so it can test changes and patches before they go live as they have had some bad experiences by not doing this.
I have seen that there have been issues adding new environments, some resulting in the gateway being deleted and recreated once the new network(s) has been added to get them to work.
Are these old posts or has the problem now been fixed ?
What is the best practise here ?
Thanks
Nigel
Nigel Price NJPEnterprises
I have successfully set up a single point to site Root with 20 client certificates. Once I tested this and verified that it worked on several clients I then created 12 different Root certificates each with 10 to 20 client certificates (these are used for sub-contracting companies each with different contact terms that will need access terminated or extended I planned on doing this thru revoking the associated Root Certificated assigned to each sub-contracting company).
I have no issue creating the Root or Client certificates and each of the Root certificates are all uploaded into the Azure network certificate area. The Client PDK installs with the assigned password successfully. The VPN client also installs successfully ( the only difference is the VPN client now has a long string of numbers and letters and not the network name like the fist install).
I can launch the VPN client, hit connect it list the certificates I have installed and when I click connect I get this error:
The remote access connection completed, but authentication failed because the certificate that authenticates the client to the server is not valid. Ensure that the certificate used for authentication is valid.I have recreated a new Root cert and Client Cert same Error.
I have removed all client certs from my computer installed the new client same error.
I have removed all client certs from my computer and installed the single first one again same error.
I have uninstalled the VPN client and tried each on with the same results.
I have asked other users that were successful with the first single Root cert test to do the same things I have done on my computer and same results.
I removed all client certs, VPN client, installed the single client cert with the single VPN client and it connects.
I have read over and over that Azure Point to Site support up to 20 root certificates.
What am I missing. Any help would be great!
Thanks
Steve
For some reason, I'm unable to create a new virtual network in Azure.
I have two subscriptions: one is a free trial, which has since expired, and an MSDN subscription through my employer.
When trying to create a new virtual network, my MSDN subscription does not appear in the dropdown list of available subscriptions. I can create VM's with no problems whatsoever.
What's going on here?!?!
Any help would be appreciated...
A. M. Robinson
Hi,
My customer using following VPN router in On-prem. We could not able to connect Azure VPN, this router model not listed as tested equipment for Azure. Is there anyone who has use this router for Azure VPN?
"Cisco 2811 Series router IOS version: 12.4.24.T2 Advanced IP Services"
Initially this this router was configured for AES 256 bit encryption, we have change it to AES 128 bit encryption but no success.
Appreciate if someone able help us to solve the issue.
-Malinda
Mali
I cannot figure out how to get a VM onto my virtual network. I have successfully created a virtual network and connected it to my on-premise network via VPN. Now I can't get a VM deployed on the network. All of the examples I have read through show an option to select the network. I have tried every angle I can find. I never get an option to connect the VM to the network. It's always a stand-alone with a public IP address. You would think I could simply take any VM that I have provisioned and goto settings and set the network, very similar to Hyper-V.
Please let me know what I am doing wrong. I just don't think I should pay for support for something that should be obvious and simple. But everything I have done takes several hours of searching through forums to figure out.
Lee
I have been trying for three days now to join an Azure SQL Server VM to my Azure network/domain and have had zero luck.
I've followed all the steps required to create the network, domain controller, etc. Whenever trying to join it to the domain, I get the following error:
Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "OLSONPOC.com":
The error was: "This operation returned because the timeout period expired."
(error code 0x000005B4 ERROR_TIMEOUT)
The query was for the SRV record for _ldap._tcp.dc._msdcs.OLSONPOC.com
The DNS servers used by this computer for name resolution are not responding. This computer is configured to use DNS servers with the following IP addresses:
10.0.0.4
Verify that this computer is connected to the network, that these are the correct DNS server IP addresses, and that at least one of the DNS servers is running.
The domain name I'm providing is spelled correctly, the DNS server is up and running. As you can see from the screen shot, the Active Directory server is on a domain, but for some reason can't add a SQL Server VM to the same domain.
I have no problem pinging the DC at 10.0.0.4
Not sure what the scoop is here...this is about the fifth time I've tried putting together an Azure SharePoint environment and each time get s past one sticking point, get stuck on another...
Getting a little frustrating. Any help would be appreciated
A. M. Robinson
From what I can tell, there is no way to know if any of the VMs configured as part of a Load-Balanced Set has been taken out of rotation based on bad configuration such as incorrect probe configuration. I see a PS script to set the Azure Load Balancer Endpoint - Set-AzureLoadBalancedEndpoint.
But there is no way from what I can tell via PS or in the Portal to notify or alert me when a VM is no longer part of the LB Set due to some issue. I can use the PS CmdLet Get-AzureEndpoint to list the configured endpoints for the VM, including if it's part of a LB Set. But I can't see that it tells me that it's not receiving requests.
Is there a way via PS or in the Portal to notify or alert me when a VM is no longer part of the LB Set due to some issue. If not, is there any thought in terms of the roadmap to making this feature available via a PS Script, the Azure Portal, or via SCOM?
Hi,
We are setting up RDS 2012 standard deployment on Azure where high availability is mandated.
We are currently stuck with setting up of RDS gateway farm. Microsoft recommends NLB or any other load balancer for gateway farm and research suggest Kemp LVM.
But we do not want Kemp or any other software load balancer to be single point of failure.
Please suggest if we can make Kemp load balancer highly available or are there any other options to make sure the availability of gateway server is not compromised.
Thanks.
Please see my question on ServerFault:
Hi,
A while ago i configured a Virtual Network, with a VPN gateway to connect to our vm's in Azure. Everything went well and worked as expected. Now we are moving to a different ISP for our Internet line, so our public IP address changes.
Were can I change the IP address of the "VPN device IP address". The IP address you enter when you create the Virtual Network...
Thanks,
Sven.
Good day
I need help for configure a Rv042 Linksys router (No cisco)
thanks