Quantcast
Channel: Azure Networking (DNS, Traffic Manager, VPN, VNET) forum
Viewing all 6513 articles
Browse latest View live

Point to Site - Client IP address

May 9, 2014, 2:48 am
$
0
0

If I start the Azure VPN Client component, this client gets an IP address from the Azure network DHCP pool.

The problem is, that this is not the same address, once the client is closed - immediately after disconnect/connect cycle the IP address is increased to the next free.

Mainly this is an issue, because the VPN client is running on a DNS server for another host in the same Azure network. And flipping IP addresses are tedious, once you have to work with hosts file to ensure some name resolution.

(Using Site to Site directly is not possible due to corporate limitations.)

Thanks for any useful hints.

Best greetings from Germany
Olaf


Search

Connect from Azure VM to corporate network using VPN

October 14, 2013, 4:52 am
$
0
0

Hi,

I would like to connect from an Azure Virtual Machine to the corporate network using a client to site VPN connection.

Just like I would connect to the corporate network from my laptop using a client to site PPTP VPN connection.

I would like to avoid the Windows Azure Virtual Network site to site connection and I don't think the point to site connection is what I am looking for.

Any ideas on how to handle this?

Best Regards, Simon de Kraa.

VM in virtual network loosing connectivity

May 9, 2014, 11:58 pm
$
0
0

I have a setup where I have a virtual machine and a cloud service all using the same virtual network.

Initially I have no problems connecting between the different machines however after a time (I am not sure of the exact period) the VM seems to be unable to connect back to the cloud service machine (or any other new vm's I add to the virtual network). 

I have installed wireshark on the vm and the and cloud service instance and I can see the traffic going out of the virtual machine, reaching the vm, leaving the vm but never getting back to the virtual machine.

I have deleted and recreated the VM and this has happened both times I tired. 

It feels like an azure environment problem. 

I would appreciate any help.

How do you remove a VM from a subnet?

July 19, 2012, 9:48 pm
$
0
0

i set up two subnets in my virtual network. when i created a vm i added it to subnet1. i see that from the "configure" tab for the vm, it shows a "virtual network" section that has the available subnets in the virtual network, with checkboxes next to them. i was able to check the unselected subnet (subnet2) and save the configuration, but there was no way to remove the vm from subnet1. i was hoping to be able to move vms from one subnet to another, but these subnets are like a roach motels. vms can go into a subnet, but they can't get out.

DNS resolution time-out in Azure VM

September 25, 2012, 7:02 am
$
0
0 
Hi,
we have a VM using virtual private network
We notice very long response time when resolving external DNS names from the VM.

Here is an example:
C:\Users\Administrator>nslookup www.google.comDNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  168.63.129.16DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Name:    www.google.com
Addresses:  2a00:1450:400c:c05::69
          173.194.66.99
          173.194.66.105
          173.194.66.106
          173.194.66.103
          173.194.66.104
          173.194.66.147


Here is the output of ipconfig /all on the VM:
C:\Users\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : AZEUCKP02
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Peer-Peer
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : b1758a2a2c3b4de28dd0f5184d634414.azeuckp1
.626128157.europewest.internal.cloudapp.net

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . : b1758a2a2c3b4de28dd0f5184d634414.azeuckp1
.626128157.europewest.internal.cloudapp.net
   Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Ada
pter #2
   Physical Address. . . . . . . . . : 00-15-5D-49-28-87
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a816:521f:2e0:6ef9%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, September 22, 2012 3:04:39 AM
   Lease Expires . . . . . . . . . . : Friday, November 01, 2148 6:27:17 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 168.63.129.16
   DHCPv6 IAID . . . . . . . . . . . : 268440925
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-E3-78-AE-00-15-5D-49-28-87

   DNS Servers . . . . . . . . . . . : 168.63.129.16
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.b1758a2a2c3b4de28dd0f5184d634414.azeuckp1.626128157.europe
west.internal.cloudapp.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : b1758a2a2c3b4de28dd0f5184d634414.azeuckp1
.626128157.europewest.internal.cloudapp.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes


The performance of our application is poor because of that. By skipping DNS resolution (hard code IPs within hosts file), the performance issue is solved.

Can you help us?

thanks.

Openswan inside Azure - don't want to use semi product VPN gateway

May 12, 2014, 5:18 pm
$
0
0

Hi,

Since Azure has limitation of only 1VPN gateway i created Centos VM inside it and i sucessfully established VPN with Cisco 1800 router. Now i can ping both sides of the tunnel but traffic is not going trough when i want to ping something from Azure LAN to other side of VPN. I don't have any iptables rules and ipfowarding is enabled. Port 4500 and 500 are forwarded to the Centos VM.

This is my conf:

version 2.0     # conforms to second version of ipsec.conf specification

# basic configuration

config setup

        # Debug-logging controls:  "none" for (almost) none, "all" for lots.

        # klipsdebug=none

        # plutodebug="control parsing"

        # For Red Hat Enterprise Linux and Fedora, leave protostack=netkey

        protostack=netkey

        nat_traversal=yes

        virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12

        oe=off

        # Enable this if you see "failed to find any available worker"

        # nhelpers=0

#You may put your configuration (.conf) file in the "/etc/ipsec.d/" and uncomment this.

#include /etc/ipsec.d/*.conf

conn test

        auto=start

        type=tunnel

        authby=secret

        keyexchange=ike

        ike=3des-sha1;modp1024

        ikelifetime=8h

        esp=3des-sha1;modp1024

        keylife=1h

        pfs=no

        ###our gateway

        left=172.17.1.19

        leftnexthop=%defaultroute

        leftid=1.1.1.1

        leftsubnet=172.17.1.0/25

        ###remote peer

        right=2.2.2.2

        rightsubnet=192.168.38.0/24

I can ping Centos LAN interface from other subnet so looks like tunnel is only working one way. I added the route to several machines to use Centos VM to reach my remote geteway but looks like packets are not going trough. I don't see any traffic even reaching LAN interface of Centos Vm when i try to ping remote subnet. It looks to me that Azure is doing source/destination checking (blocking).

Can anyone confirm this?

Thanks!

Importing XML Config for VNet to VNet Connectivity

May 13, 2014, 1:23 pm
$
0
0
Microsoft has just released VNET to VNET Connectivity but I am running into an issue with an existing Subscription and VNETs. 

I already have create two Virtual Networks under the same subscription,  let's just call them VNET1(US) and VNET2(EU).  Then I created an XML file that I could import two new, but different, Virtual Networks (NewVNET1(US) and NewVNET2(EU)).  So inside my subscription there would be 4 total Virtual Networks.  

The problem when trying to import this new XML config is that it is asking me to Delete the existing VNETs in which I already have Servers and Services located.  I would prefer to migrate these a little more gracfully rather than breaking the existing VNETs all at once and having to rebuild everything under the new ones in one fell swoop.

Is that any way to create new Virtual Networks via an XML file without having to obliterate my existing configuration?



Problem creating an Internal Load Balancer (ILB)

May 14, 2014, 8:12 am
$
0
0

As per Scott Guthrie's blog post here, I understand Internal Load Balancing (ILB) is now available in preview form.

Unfortunately, despite following the instructions here, I've not been able to create a new load balanced cloud service.

I noted that in the blog post it says, "ILB is available only with new deployments and new virtual networks", so before starting I deleted everything from an existing Azure subscription and recreated from scratch a site-to-site VPN and a cloud service (which included two VMs). When I now try to create an internal load balancer I get the following error:

Add-AzureInternalLoadBalancer : BadRequest: Internal Load Balancer usage not allowed for this deployment.

Has anyone else had a chance to experiment with this new functionality yet? If so, have you seen a similar issue? Do I need an entirely new subscription? (i.e. by 'new deployment' does the note in the blog mean a new subscription?)

Search

Reserved IPs for Cloud Services

May 14, 2014, 10:14 am
$
0
0

Hi All,

Just updated to V2.3 Azure SDK and all going well.  I have configured the Reserved IP in the Configuration file but when updating my deployment in Azure, I get the error message of 'The deployment cannot use the ReservedIP XYZ that belongs to a region.  (XYZ being the name of the reservation).  My deployment is in North Europe and I created the IP in North Europe also.  The storage account happens to be in West Europe which appears to be the issue?  When I move everything to West Europe it works fine.

I have tried creating it in West Europe with an IP in West Europe which returned a sensible and expected error of 'The location constraint europenorth specified for this hosted service is invalid. The hosted service must reside in the same location as the reserved ip europewest'.  I then tried using europenorth instead of Europe North but nothing seemed to work.

Is it correct that everything has to be in the same datacentre including storage and if so, could the error message be updated to assist others.

Steve.

VNET-VNET Connecttivity - how to Setup

May 14, 2014, 11:49 am
$
0
0

This was announced in Scott's Blog a few days back here

Any details on how to this up? Also can we share Domain Controllers between the VNets?

Network: Multiple Site-to-Site in Azure

May 14, 2014, 2:40 pm
$
0
0

This week the new multiple site to site is announced as now general availability

how can I implement this?

rs

VNET to VNET communications

June 28, 2012, 7:31 am
$
0
0

Hello,

We have a case where we would like to connect two separate corp networks to Azure (Brazil and Netehrlands). We understood that we can have max. one S2S VPN per VNET. So we obviously need two VNET to connect the two corp. sites. However, is there a possibility to connect the two VNET's in Windows Azure, so the VM's (Domain Controllers) can replicatie?

Thanks!

Martin Vliem

Point to site vpn error. "Error 853: The remote access connection completed, but authentication failed because the certificate that authenticates the client to the server is not valid

May 14, 2014, 10:43 pm
$
0
0

Followed this article http://msdn.microsoft.com/library/azure/dn133792.aspx  to configure point to site vpn.

Created certificates as mentioned in the above article, when I tried to connect vpn it asks for client cert and once I select the cert then it throw this error.

The remote access connection completed, but authentication failed because the certificate that authenticates the client to the server is not valid. Ensure that the certificate used for authentication is valid.
 (Error 853) For customized troubleshooting information for this connection, click Help.

I tried deleting and uploading root cert again, but not working.

Thanks.

Azure SMTP endpoints is not working.

May 15, 2014, 12:14 am
$
0
0

FTP, HTTP, Remote Desktop endpoints are running fine.

SMTP (ports 25) endpoints is not working.

telnet IP 25 or telnet name.cloudapp.net 25 on server are running fine.

telnet IP 25 or telnet name.cloudapp.net 25 are not working!


How to have Multiple Infrastructures in Windows Azure platform

May 15, 2014, 6:13 am
$
0
0
I would like to know, How to have Multiple Infrastructures in Windows Azure under one subscription?
Search

Network traffic from local network to Azure Virtual Network

May 15, 2014, 9:02 am
$
0
0

Hi,

_____________________________________________________

I have multiple local (on-premise) networks:   

    <AddressPrefix>10.0.0.0/9</AddressPrefix>
      <AddressPrefix>156.30.0.0/16</AddressPrefix>
      <AddressPrefix>172.16.0.0/12</AddressPrefix>
      <AddressPrefix>10.128.0.0/11</AddressPrefix>
      <AddressPrefix>10.160.0.0/12</AddressPrefix>
      <AddressPrefix>10.176.0.0/14</AddressPrefix>
      <AddressPrefix>10.180.0.0/16</AddressPrefix>

_____________________________________________________

My Azure Virtual network address space and subnets are below:

<AddressSpace>
          <AddressPrefix>10.181.0.0/16</AddressPrefix>
        </AddressSpace>
        <Subnets>
          <Subnet name="Subnet-1">
            <AddressPrefix>10.181.0.0/18</AddressPrefix>
          </Subnet>
          <Subnet name="Subnet-2">
            <AddressPrefix>10.181.64.0/18</AddressPrefix>
          </Subnet>
          <Subnet name="GatewaySubnet">
            <AddressPrefix>10.181.128.0/29</AddressPrefix>
          </Subnet>
        </Subnets>

_______________________________________________________

-    I have created a VM (VM1; 10.181.0.4) in Azure and have been able to join it to local AD domain.

-    I can RDP from local resources to Azure VM (VM1)

-    From VM1 I can ping DCs/servers on local network.

-    However from local DCs/Servers I cannot ping VM1 (10.181.0.4)

-    From local server I can ping address 10.181.0.0; Not sure what's this address though.

Can someone please assist? What's missing or configured incorrectly?

Thanks.

Kamran

ILB

May 15, 2014, 9:14 am
$
0
0

When will ILB become Generally Available? 

When I try to create an Internal Load Balancer I receive Internal Load Balancer usage not allowed for this deployment.

VPN Client install fails. Cannot capture the error!

May 15, 2014, 7:18 pm
$
0
0

This posting is just informational. I have already solved the problem...

I had followed all steps for installing a VPN client for point-to-site connection. But, as described in few other cases in this forum, my install was failing with a command Window flashing quickly and having no way of detecting the error.

As it turned out, I had created bunch of client certificates on the same machine which I exported and installed on my other client PCs. But I forgot to remove the extra certs from MY cert store. So that was causing the problem. I deleted all extra certs/keys from my cert store, except one cert for this PC which was signed with my self-signed root. I retried the install and it all started working!!

Riaz

rdns

May 16, 2014, 1:20 am
$
0
0

How can I setup rDNS for my VM?

mailcheck.cloudapp.net

No network access to Microsoft.com?

May 16, 2014, 5:58 am
$
0
0
I have 3 VM's running on a virtual network all running windows server 2k12.  One VM is a domain controller, and the other two are dev servers that are joined to the domain.  I can access almost any websites, but cannot sign into my live account nor can I access any downloads from Microsoft and visual studio cannot load updates, it says download.microsoft.com is unreachable.  Another quirk is my virtual IP addresses are apparently showing me in Brazil, which may also be a part of the problem, but I'm not sure....  I've stopped and restarted the machines many times with no effect and the dns forwarding address on my domain controller is set to the dhcp server from azure.  Just trying to get pointed in the right direction to troubleshoot.
Viewing all 6513 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>