Hi
I have configured a Virtual Network + Point-to-site connectivity enable. Then I have established a point-to-site connectivity from few Azure Web Apps to the Virtual Network, I can see that I have 5 clients connected.
Is there a way I can find easily my Web Apps local IP address ?
I am trying to setup 2 tunnels from Azure (1 USEast, 1 USWest) to the same Cisco 2900 series router at site 1. I have been able to get the tunnels up using dynamic routing on Azure and IKEv2 configuration on the router. The problem is that Azure wants the tunnel IP address to be 169.254.0.1 on both tunnels. I have a feeling this is a limitation of Azure and not possible?
The end goal is redundancy. The application running in USWest and USEast is the same.
We have been running an Azure to on-premise firewall VPN for about 1.5 years without issue, but the last few days our on-premise network and specifically the AD controllers can not talk to our Azure VM which is also an AD controller, and somethings are not working the way back either
I can ping the Azure VM even with a large packet size, but can not RDP, map a drive, or Http/s to the VM.
In the other direction I can ping from the Azure VM to the on premise servers, and I can map a drive and RDP ok.
As some light things like ping and NSlookup connection but not queries work from the on-premise servers to the Azure VM, so I thought it must have been the MTU, I have tried setting the TCP-MSS to 1350 and MTU to 1350 on both the Azure VM and the on-premise server and the firewall, and its still not working
When I have sniffed the VPN traffic leaving our on-premise network it is getting encapsulated and sent but never received by the Azure VM, I suspected something is blocking it but its not out firewall or the Windows firewall.
As we haven't changed anything on our firewall I suspect something in the Azure virtual networking has changed, or is blocking the traffic.
I havn't recreated the Azure virtual network but that maybe my next option, unless anyone can suggest anything else?
Thanks
We would like to do a risk assessment for using Azure to host our VM and DBMS as part of our regulatory. Do you know what the security layer Azure may have?
Our initial research indicate the following which telling us Azure only has virtual (software) firewall. Do you know if Azure have hardware-based firewall as well?
I created a new Virtual Machine in Azure but typo'ed the DNS name for the machine. Can this be changed or do I have to delete and recreate the machine.
Thanks,
Rob
Is there any way to delete a VPN Gateway within an Azure vNet then get the same Gateway IP address back again when I re-provision it for the same vNet. Any way of doing it with powershell...etc?
A client would like to avoid ongoing costs when not using certain test environments.
Hi, kindly ask if we could reserve a static IP for the gateway of Azure network? or is there a range of IP which would be used for point to site VPN gateway? this would be a difficulty to setup firewall if not a static IP or range of IP available.
Hi all,
I'm trying to establish s2s VPN with Azure and VMWare vCloud Director.
VCloud Director is provided by another Cloud service, so we don't have a direct access to the server or to the console management.
I created network on Azure, received the gateway IP address (Static, becouse is the only supported by vCloud Director) and configured both Azure and vCloud side.
From vCloud, i can see that the connection is established, as you can see below
But on Azure it remain Always in connecting, as you can see below:
Below my VirtualNetworkConfiguration:
<NetworkConfiguration xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/ServiceHosting/2011/07/NetworkConfiguration"><VirtualNetworkConfiguration><Dns><DnsServers><DnsServer name="DC1" IPAddress="192.168.203.10" /><DnsServer name="Internet-DNS" IPAddress="xxx.xxx.xxx.xxx" /></DnsServers></Dns><LocalNetworkSites><LocalNetworkSite name="VSW-Clouditalia"><AddressSpace><AddressPrefix>192.168.202.0/24</AddressPrefix></AddressSpace><VPNGatewayAddress>212.110.xxx.xxx</VPNGatewayAddress></LocalNetworkSite></LocalNetworkSites><VirtualNetworkSites><VirtualNetworkSite name="Rete VSW 203" Location="West Europe"><AddressSpace><AddressPrefix>192.168.203.0/24</AddressPrefix></AddressSpace><Subnets><Subnet name="Subnet-1"><AddressPrefix>192.168.203.0/25</AddressPrefix></Subnet><Subnet name="GatewaySubnet"><AddressPrefix>192.168.203.254/29</AddressPrefix></Subnet></Subnets><DnsServersRef><DnsServerRef name="DC1" /><DnsServerRef name="Internet-DNS" /></DnsServersRef><Gateway><ConnectionsToLocalNetwork><LocalNetworkSiteRef name="VSW-Clouditalia"><Connection type="IPsec" /></LocalNetworkSiteRef></ConnectionsToLocalNetwork></Gateway></VirtualNetworkSite></VirtualNetworkSites></VirtualNetworkConfiguration></NetworkConfiguration>
What could I check?
Thanks in advance.
Riccardo.
I have 2 A1 standard vm in Azure. I am getting up/down speeds on average of 200/100 mbps. Is this the standard speed for all standard virtual machines??
Hi,
Does any one know if I purchase the load balanced IP address. Will I get double my download/upload speed or does it just split my current speed between both IPs??
Hi all,
I'm stuck on a problem and I can't really find a good answer on technet or watching simple YouTube videos (if there are any technet instructional videos for my questions I'd appreciate a link... when I can get to a good fast connection with lots of data allowance I'll go there and download)...
I've spun up an Azure VM and selected something reasonable for my purposes, which is Windows Server 2012 R2.
I've promoted it to domain controller and I'm not really sure what I'm doing here. So I'll move on to the DNS for the moment, unless I need AD DS configured properly first. I have only one admin account and not creating any others for the moment, and use RDP to login and muck around. It doesn't matter that much right now, since this is just a test/learn environment where I can make a few mistakes, but I hope not big ones :)
First with AD DS, I just set the name of the server in the VM to myapp.local, when making it a new domain forest. I had no idea why or whether I should have set up a new forest.
I've read that Azure VMs usually have DNS managed themselves, and have Virtual IP addresses which may change. It seems like my VM instance VIP has changed.
Now that I want to move on to DNS, this is where it's getting interesting. How can I verify my VIP changes or make sure it sticks? Or do I need to get a static IP for it? I think I can use some kind of publish wizard to make the virtual IP stick and stay permanent, like a static IP, but not sure if that's what I want.
I have a domain name I want to use, like myapp.com. And I want to use my domain registrar's control panel to have that resolve to the IP (or redirect silently) to myapp.cloudapp.net. I'm given a list of nameservers the registrar has, and I'm kind of stuck. What IPs to put in? So I'm thinking I'll make a stub zone, which I think makes sure that I'm using nameservers elsewhere, and that stuff gets copied into the stub zone and updates when it needs to.
So far it looks like I'll have just a NS RR, which will be ns1.myregistrar.net, or something like that.
What I'm really having trouble with is:
I hope this question makes sense... essentially, is my virtual IP going to stay the same somehow (it seems to change), how to configure the host in AD DS and whether it should be a new forest, how to configure the DNS and what zones should I add and configure, and what should I do at my registrar end to make myapp.cloudapp.net the same thing as myapp.com?
After that I need to configure IIS, but I'll leave that for now until I get my head around ADDS and DNS.
Thanks very much for any pointers/tips or advice.
Hi there
We are facing problems with an existing VNET to VNET connection between North EU and East US Azure data centers. The connection has been running fine for many months, but suddenly disconnected earlier this morning. Our existing VNET to VNET connections from North EU to other regions are running fine.
We have tried to remove the connection and recreate them, and force a connection via PowerShell. No luck. Are there currently any know problems in this regard?
Currently the VNET connection in Powershell reports:
ConnectivityState : NotConnected
EgressBytesTransferred : 0
IngressBytesTransferred : 0
LastConnectionEstablished : 01-01-1601 01:00:00
LastEventID : 21601
LastEventMessage : Unable to establish the cross-premise tunnel for site 'LN-NAC-VNET-NORTHEU'. Previous state: Initializing. Current state: Not Connected.
LastEventTimeStamp : 12-06-2015 15:03:30
LocalNetworkSiteName : LN-NAC-VNET-NORTHEU
OperationDescription :
OperationId :
OperationStatus :
The VNET Gateway key has been aligned between the gateways, and the Set-AzureVNetGateway -Connect command has no effect.
Any suggestions to get this up and running again?
Thanks and best regards
Jacob Laue Petersen
I have the following set up
From the Azure portal it says connected but I am still not able to ping IP address across the VPN
Please let me know if we have to add any routes
I have attached the configuration screenshot below
We have been running a virtual machine for past year on Azure, and lately, and only on Win8.1 client - we are getting DNS issues to the internet when connected via Point-to-Site. When connected, and we ping www.google.com, it will randomly timeout and fail - so we cannot browse local, randomly. If I disconnect VPN - it works fine. Our Win7 clients work fine.
What is odd, when connected to the VPN, we cannot ping the virtual IP of the DNS server in Azure (ok, ping may be blocked) - but we also attempted to query the DNS and it did nothing, could not telnet in either.
So - is there a way to find out - is Azure DNS broken or confirm it is working? In the Virtual network setup, DNS is blank so we were only using Azure provided DNS. If something changed, do I need to edit the virtual network, and add some DNS like Google in there to let the WIn8.1 work again?
If we manually add DNS to the VPN network thru netsh commands - it works, but when we re-connect the VPN, the config resets it to just azure DNS IP's. (in our case they are 10.10.1.34, 10.10.1.35 - auto assigned by azure).
I know there is a list of VPN appliances that will work with the Azure VPN, but for the SOHO user most of those are overkill.
I've read this article where a user has used an old Netgear VPN app to tunnel though a router and NAT.
http://www.bhargavs.com/index.php/2013/05/16/azure-vpn-behind-nat-on-the-cheap/
Is there any reason why this wouldn't work with all in one with a Billion BiPAC 7800DX
Virtual Private Network (VPN)
‧16 IPSec VPN tunnels
‧IKE key management
‧DES, 3DES and AES encryption for IPSec
‧PAP/CHAP/MS-CHAPv2 authentication for PPTP
‧IPSec pass-through
‧GRE (Generic Routing Encapsulation) tunnel
From my little knowledge of VPN's I can't see a problem, but if anyone can, that would save a $250 mistake
I ideally want one router, one IP where the office can connect to assets in the Virtual Network in Azure seamlessly.
Thanks in advance
Hi, I have a client that is still on Affinity group network.
Can Azure Support migrate the vm's to Regional Network?
There are so many vm's that I don't think I can do the manual work of moving them my self without huge interruption to their business.
I need the ability to use internal loadbalancing an other features that Regional networking offers.
Ingi O
Hi folks,
What is the minimum WAN speed link to use the Azure Express Route ?
Thanks,
Suliman
Suliman Abu Kharroub
I have a Virtual Network configured in Azure with Site-2-Site VPN, it works fine and connects to our on premise VPN network.
I have a web role that I would like to deploy into this VN. I have two cloud configurations, DEV and TEST, both are deployed to their own designated cloud service instance.
Previously, only the DEV configuration was published to the VN, and it worked properly without any problems. However, today I also wanted to publish the TEST environment into the VN, but I get the error message "The deployment cannot use the VirtualNetwork MyProjectVN that belongs to a region.".
What can be the reason for this? I didn't choose any regions when setting up the VN, and both cloud service instances are in the North Europe location.
Hi ,
It is a while now from that announcement regarding the automatically migration, my question it is if exist any time line for that Migration process for region Europe North for example ?
http://azure.microsoft.com/blog/2014/11/26/migrating-existing-services-to-regional-scope/
It is anDevelopersupport plan sufficient to trigger that Migration process before theautomatically migration ?
regards,
Johannes
cosmin dumitru