Hello,
when i change the computer name of a client, i get this error:
A certificate could not be found that can be used with this Extensible Authentication Protocol. (Error 798) For customised troubleshooting information for this connection
How can I make this machine reconnect to the VPN?
Thanks,
Stefan
I was given the task of getting an instance of our software working on Azure. I was handed two virtual machines: one for IIS, one for SQL server. So far, so good. I was able to get those components working. Then I needed to connect to SQL Server from the IIS box. However, in the management console, there were no virtual networks set up. Although, both machines are connected on "Network 3". So, I followed the help on setting up Virtual Networking, but the help says that I need to have set up virtual networking BEFORE I deploy the virtual machines.
So, what am I supposed to do? How can I tell if the machines are already on the same network? How can I redeploy the machines so that they are on the same virtual network?
We have ADFS 3.0 setup on several VMs in Azure with a Site-to-Site VPN between them and the local Network.
All works fine until the VPN goes down and although external users can access the ADFS logon screen (via the ADFS Proxy in Azure) they are unable to authenticate, even though there are two Domain Controllers in Azure.
We can't understand why the DC's in Azure won't authenticate the users while the VPN is down?
As soon as the VPN comes back up again it all starts working.
We've checked that the Azure VMs are using the correct DNS settings i.e. they are looking at the local DC rather than on-premise and that seems ok
Anyone else had similar problems?
Cheers for now
Russell
Hi,
Is it possible to either: Establish two IPSec tunnels to one Azure Virtual Network? or, assign two virtual networks to a VM?
I basically have an Azure VM which needs an IPSec tunnel to two different locations. Each remote location has a unique local subnet (one is 192.168.1.0/24 and the second is 172.16.0.4/24). I've created a second virtual network in Azure, and added a gateway, but i see no option to add this to the existing VM (in addition to the one it already has).
What are my options?
Hi
I created a previous post on this but can no longer update it
We are experiencing around 25-35% packet loss over our VPN to Azure. The strange thing is the packet loss goes in chunks, so we could have 50 successful packets and then drop the next 20.
During the packet loss the VPN remains up. We suspected it may be down to the SA lifetime expiring however I have checked and this is not the case
Our firewall is a Juniper SRX650 with JUNOS 11.6.6 installed. I have used the VPN script from the Azure site which was for 11.4R4
Has anyone else experienced connectivity problems to Azure over a JUNOS firewall? I have created the VPN multiple times, both policy and route based and get the same issue each time
Cheers
James
I am looking for advice / help is determining how to fix my VPN connection between our on premise SRX100H and Azure. I can establish a vpn, but it does not appear to be consistently allowing all traffic. i.e. sometime RDP sessions through VPN time out or error and other times, RDP is established without issue.
I have looked at both the Script provided on my vnet portal and the Juniper SRX templates provided onhttps://msdn.microsoft.com/en-us/library/azure/dn133794.aspx
But I don't see what I am doing wrong.
Can someone who has a working Juniper SRX to AZURE vpn setup give me any clues as to what could be causing the inconsistent traffic across the VPN?
Fred Zilz
Hi,
We're using the Traffic Manager CTP on our current project and have a couple of issues. Not sure how to raise these formally (if we even can?) so thought I'd raise them here for now!
The first and main issue is to do with the Monitoring Endpoint configuration. We only expose our public service endpoints over SSL on port 443, however this is causing issues with the monitoring capabilities in Traffic Manager. I've configured the the protocol (HTTPS) and port (443) and relative path, and I can browse to this path fine, however Traffic Manager always reports the service as 'Offline'. It works fine with services exposed over HTTP.
One thought on a cause may be that the call is failing due to an invalid SSL certificate? Our services have SSL certs for their relevant external domain, however when accessed at myservice.cloudapp.net the SSL cert is obviously invalid.
So - is this a known issue? Is so, does anyone know if a fix is planned? And are there any work-arounds (other than exposing the services to port 80 just to get the monitoring to work!)?
The second point is a minor one to do with terminology, if you have a policy with a single hosted service, and that service shows as 'Offline', the policy status only shows as 'Degraded', however perhaps that should also show 'Offline' if all services are in that state?
Thanks in advance for any feedback!
Ben
We implemented our MS SQL Database to leverage the native Azure Virtual Machine feature and access the MS SQL Database from the Azure-hosted website via a private static IP address (not DNS) of the Azure VM. We configured this static IP address setting in Azure VNet, a feature that Microsoft has indicated is pending GA.
However, in two subsequent issues in the Azure hosting environment (first incident: related to an Azure patch from Microsoft; the second incident: related to a hardware failure).
In either of these instances, the system failed to gracefully re-connect to the MS SQL Database from Azure-hosted application website.
We have configured Endpoint monitoring and an Azure Notification alert in the Azure-hosted website to check the status of the MS SQL Database access from Azure website every 5 minutes. This Azure notification alerts when our Azure-hosted application website can’t connect to the Azure Virtual Machine. Outtage issues in the Azure environment have resolved automatically on both production and Test environment in last few weeks.
Has anyone else experienced similar issues with the Vnet configuration, or implemented similar monitoring to ensure stability?
Hi,
We are planning to write a multi tier web application in Azure. The public facing Web Role instances are desired to have SSL enabled endpoints. We are planning to have the Web Role instances in a load balanced set so that we can use Azure Load Balancer to balance the load.
My question is can Azure Load Balancer perform SSL off loading (where the load balancer endpoint will be SSL protected, but the channel between the load balancer and front ending Web Roles will happen over plain HTTP)?
If not, what is the preferred method to load balance the front ending Web Roles having HTTPS endpoints?
Regards,
Saurabh
Hi, we haveat least one disconnection of IPSEC VPN site to site to azure.
That is a real nuisance when a process like jenkins is working. It turns build to error.I can show this disconection to azure because i have alert mail from my fortigate. For exemple, on 29/04/2015, many disconnections happened at 9h02. Its not usefull to
log diagnostic from azure because we don't know when the disconnection will Happen. Can someone help me? (for security, i've replaced may device name to toto4, office wan and azure gateway ip.
I have created several VMs as part of a virtual network. Any new machines I create, however, are unable to attach to the virtual network - either using PowerShell or UI (on creation).
Looking at the new VM properties in PowerShell, the 'VirtualNetworkName' is blank and I receive the following error when I try to move the VM to my virtual network using PowerShell:
"Update-AzureVM : BadRequest: The virtual network ID cannot be null or empty."
The only thing I can think is that the original VMs and virtual network were created under another subscription and moved to the current subscription.
Any help appreciated.
Kind regards,
Lewis
I cannot reach my VM (xiqvm2013.cloudapp.net) since yesterday night. The VM seems to be running but all request from Asia and USA don’t arrive there. According to this tool only from Europe is possible access it: http://www.monitis.com/traceroute/index.jsp?url=www.xiquinho.net&testId=770938 It seems to me this is some problem on MS network and I don’ know what to do. Thanks in advance for any help in this issue.
How can I attach a Web App to a virtual network via PowerShell? This can be done in a browser via the new portal, but I am looking for a scripting method of doing this.
Thanks.
I successfully registered the new Azure DNS Feature using the following command :
Register-AzureProviderFeature -ProviderNamespace Microsoft.Network -FeatureName azurednspreview
i do get an output saying the service has been enabled :
FeatureName ProviderName RegistrationState
----------- ------------ -----------------
azurednspreview Microsoft.Network Registered
But when i try to create a new zone i get the following error :
New-AzureDnsZone -Name mydns.com -ResourceGroupName DnsCorporatifs
New-AzureDnsZone : MissingRegistrationForType: The subscription is not registered for the resource type 'dnszones'. Please re-register for this provider in order to have access to this
resource type.
At line:1 char:2
+ New-AzureDnsZone -Name mydns.com -ResourceGroupName DnsCorporatifs
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [New-AzureDnsZone], CloudException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Dns.NewAzureDnsZone
Anyone has been able to use the new service ?
regards,
GGB
Hi, there are at least 3 adressing mode for attributing ip adress to a wan in a fortigate : manual (fixed), DHCP, pppoe.
it seems that only "manual mode" works with azure gateway. has someone an experience with that?
Thanks
As the title said, I've encountered sereve network connection issue when I'm using KDDI Japan's network (via Linode). I've confirmed there's nothing related to Linode (other regions' network connection is OK). But I almost cannot connect to my services in East Asia(High latency and low speed). And Traffic Manager would respond queries with East Asia's IP address instead of Japan West's IP address, though I've added a Japan West endpoint.
I believe there is something wrong with Azure East Asia Datacenter's network connection.