Azure storage account cannot map drive locally with DNS - azure

I have created a storage account and a fileshare on Azure, but my ISP blocks port 445, bummer!
So I went ahead and created a virtual network, then a virtual gateway, then a VPN, then a private endpoint where there is an entry like this:
NAME mystorageacc (not the real one)
VALUE 10.0.0.4
I can map the network drive using the 10.0.0.4 IP address while connected to the VPN, but I don't want to use that, I would like to use the new DNS, but when I ping mystorageacc.file.core.windows.net I still get the public IP address 52.239.193.168 instead of the private from my virtual network 10.0.0.4.
How do I achieve this? using mystorageacc.privatelink.file.core.windows.net still points to the public IP address, so what resolves to 10.0.0.4?

In this case, the easy way for test is to edit hosts file in the directory C:\Windows\System32\drivers\etc on the local VPN client machine.
Add the following record in the HOSTS file.
10.0.0.4 mystorageacc.file.core.windows.net
Another solution is to use a DNS forwarder. You can add Azure DNS (168.63.129.16) as a forwarder on your custom DNS. Read this document On-premises workloads using a DNS forwarder for more details. For more steps, you could refer to step 5 in this blog.

Related

FQDN for Azure VNG dynamic IP

I'm aware that Azure does not support static IP address on their VNG. Is it possible in anyway to configure FQDN for the VNG in such a way that when the IP address changes due to a restart, connection would still me maintained as long as DNS record is mapped to the new IP. I will appreciate 3rd party suggestion from Azure marketplace
Of course, yes. You can create an alias record set for the public IP with the type Azure resource in the DNS Zone. Then the DNS Zone will route your requests to that public IP, no matter if the IP address changes.
By the way, when you use the VPN, you install the client and connect the Azure VNet from your local network, in this step, you do not care about the public IP of the VPN. So I don't think you need to configure the FQDN for the public IP of the VPN. Of course, maybe you have a special reason. This just is advice.

Azure Permanently whitelisting IP

Hope you are all safe!!!
I have a live project running on Azure Environment.
As part of data checking when i tried to access the Database using the SSMS in my machine, Everytime I need to white list my IP.
Since it is an intranet domain IP changes everyday.
Is there any solution to permanently enable my IP using mac address or something. So that i can jump over this IP Whitelisting.
IP whitelisting (as the name already suggests), does not work on MAC address basis. What you could do as an alternative is to use a Point-to-Site VPN from your machine into an VNET in Azure. Then you should be able to leverage Private Endpoints (aka Private Link) to allow connections to your database from that VNET. https://samcogan.com/service-endpoints-and-private-link-whats-the-difference/

Assign multiple IP addresses to existing virtual machines access web server

We have Azure Virtual Machine (VM) has one network interface (NIC) attached to it one NIC and have one or more static public IP associated it.
Reasons for Attaching Multiple static Public IPS
Hosting multiple websites or services with different IP addresses on a single server
Hosting the Wildcard Entry domains on a single server
Problem with the second IP we cont access the IIS server in Azure Virtual Machine (VM)
How to attach the second IP to access the IIS in VM?
To connect and sign in to a VM you created with multiple private IP addresses. You must manually add all the private IP addresses (including the primary) that you added to the VM. You can get the detailed steps here.
Main steps:
Type ncpa.cpl in the CMD to pen the Network connections window and add the following values manually.
Add all the private IP addresses to that VM Advanced TCP/IP settings.
Save it then restart your Azure VM, reestablish a RDP connection, then you can see the valid private IP addresses in the ipconfig/all.
Then, you should access your websites via the secondary public IP address.

Azure Reserved IP Address Inconsistency

I had a need to add additional public IP addresses to an Azure VM and found a working solution here:
Azure VM: More than one Public IP
Essentially this creates a reserved IP in Azure and then adds the reserved IP to a cloud service. Once it's bound to a cloud service it can be mapped to a VM endpoint.
This all works great but there is one bit I don't understand - The IP address of the reserved IP and the resultant VM endpoint don't match. I have to set up DNS to point to the IP address of the endpoint to make this work. Is there something I am not doing right, or is this just the way reserved VMs work?
It looks like this unanswered question is the same issue:
azure reserved IP for VM is diffrent than the given
Thanks!
The "Azure Cloud Service" is a container that provides internet connectivity to "Azure VMs". Thus, you assign the Internet facing Public IP to the Cloud Service. This article is relatively good at explaining the relationship: Azure Cloud Services
From above link:
Here’s a definition of an Azure IaaS cloud service that will make it easy for you to understand what it is in the context of Azure Infrastructure Services:
A cloud service is a network container where you can place virtual machines.
All virtual machines in that container can communicate with each other directly through Azure (and therefore don’t have to go out to the Internet to communicate with each other).
This container is also assigned a DNS name that is reachable from the Internet.
A rudimentary DNS server is created and can provide name resolution for all virtual machines within the same cloud service container (note that name resolution provided by the DNS server is only available to the virtual machines that are located within the cloud service).
One or more Virtual IP Addresses (VIPs) are assigned to the container and these IP addresses can be used to allow inbound connections from the Internet to the virtual machines.
Certain services (like FTP) may require your vm have a public IP: Azure VM Public IP
(IaaS v1) An Azure cloud service comes with a permanent DNS name - something.cloudapp.net - and has a single VIP allocated whenever there are VMs deployed in it OR whenever a reserved IP address is associated with it. Traffic is either load balanced or NATted (port forwarded) to the VM from the Azure Load Balancer sitting on the VIP. You can also associate a public instance-level IP address (PIP) with a VM, which gives it an additional IP address. The VIP always has a DNS name (something.cloudapp.net) while the PIP has one only if you specifically add it, I did a post which goes into these differences.
(IaaS v2) VMs are not deployed into cloud services and only have a public IP address if one is specifically added - either by configuring a PIP on the NIC of the VM (and optionally giving it a cloudapp.azure.com DNS name) or by configuring a load balancer and either load balancing or NATting traffic to it. This load balancer is configured with a public IP address and can optionally have a cloudapp.azure.com DNS name associated with it. (Ignoring internal load balancers in this discussion.)

Azure Virtual Network Custom DNS Server

I created a virtual network and put 2 VMs in one subnet. But they were not able to ping each other using their hostnames. I need a DNS Server implemented so that hostnames in the subnet can be resolved to IP addresses. How do I do that? Any help will be appreciated. :)
the simplest scenario is to add your hostnames and ips to your localhost file if you are on Windows or you /etc/resolv.conf if you are on Linux. Deploy your VMs with fixed private IPs to avoid changes if they are rebooted or shutdown.
However, if the scenario is more complex with more than two machines, the best way is to deploy a DNS Server inside your VNET. The steps are the following ones:
First you need to add to your virtual network a DNS. You can do it through the management portal in the section NETWORKS > {Your Network Name} > CONFIGURE > dns servers. Fill it with a name and an IP.
Deploy a new VM inside the Virtual Network and set it's IP to the same IP you have defined inside the portal. You can do it through PowerShell (https://azure.microsoft.com/en-us/documentation/articles/virtual-networks-reserved-private-ip/#how-to-add-a-static-internal-ip-to-an-existing-vm)
Configure your DNS server with the records for the VMs and set the forwarders if you want to be able to resolve names outside the virtual network.
You can reboot your virtual machines to get the new configuration through DHCP.
An example: http://www.ytechie.com/2013/06/setting-up-a-dns-server-in-azure-iaasvms/

Resources