I'm attempting to automate the provisioning of an App Service Web App that can connect to private resources in a virtual network via a Virtual Network Gateway. I've been using the script provided at https://azure.microsoft.com/en-us/documentation/articles/app-service-vnet-integration-powershell/ but it does not seem to completely work.
Steps to show the issue (unfortunately, I don't have a shorter way to demonstrate it since there's a lot of moving parts):
1. Create a Resource Group. All other resources will be added to this Resource Group.
2. Create a Virtual Network with an address space of 10.0.0.0/16 and one subnet in 10.0.0.0/24. Ensure that the Network Security Group for the subnet allows HTTP inbound on all interfaces.
3. Create an Ubuntu Server VM in the subnet created above (as well as with a public IP). The script at https://bbjameswillmiscstorage.blob.core.windows.net/scripts/setup_linux_demo.sh will configure this VM to respond to HTTP GET requests with the VM's hostname and the IP address of the requester.
4. Create an App Service Plan sized as S1.
5. Create an Web App App Service in the plan created above. Configure it to deploy from a local repository hosted at https://github.com/blackbaud-james-williams/appsvc-demo.git -- this is a simple ASP.Net web app that will make GET requests to servers configured in the app settings for the App Service.
6. In the app settings for the App Service, add a key pingaddress_public with a value of the public IP address of the Ubuntu Server VM. Add another key for pingaddress_private with a value of the private IP address of the Ubuntu Server VM.
7. Access the App Service's URL and verify that it can make a request to the public IP of the VM. Ensure that it cannot make a request to the private IP of the VM.
8. Use the script provided at https://azure.microsoft.com/en-us/documentation/articles/app-service-vnet-integration-powershell/ to connect the App Service to the Virtual Network. The script will create a Virtual Network Gateway.
9. Access the App Service's URL and attempt to make a request to the private IP of the VM.This is the part that does not work even though it should.
10. In the Portal, access in the Networking configuration section for the App Service. Note that it appears to be connected correctly and the certificates are in sync.
11. In the Portal, disconnect the VNET from the App Service.
12. In the Portal, connect the VNET to the App Service.
13. Repeat step 9 and note that the request to the private IP now works.
The PowerShell script appears to be missing one or more steps for making this connection; but because there's no error in the Portal, it's not clear what those steps would be.
Any help would be appreciated.