I tried to create a shared folder on azure VM via azure AD. I created a local machine and joined the domain and connected to vpn. I can ping machines with private IPs but I can not connect to the shared folder in any way.
Azure VM ipconfig and arp
local VM ipconfig and arp
Azure VM shared folder
local VM shared folder
Azure VM ping local machine
local machine ping Azure VM
Azure Virtual network (newADD2-vnet):
Address space 10.3.0.0/16
Subnets: DomainService 10.3.0.0/24, GatewaySubnet 10.3.1.0/24
Virtual network gateway(VNet1GW):
Point-to-site configuration: 10.50.0.0/24
Configured Root certificates
What could have gone wrong? What else can I check what may not work?
Thanks for your help
DKU
Ensure port 445 is open: The SMB protocol requires TCP port 445 to be open; connections will fail if port 445 is blocked. You will need to ensure it's open on the VM firewall and open in the Network Security Group for the VM in Azure.
Add to the existing answer, except for firewall in Azure VM and NSG, you could check if the outbound rule for port 445 is blocking on the local machine. Also, avoid some typo when you input the UNC path.
You need to enable ports 139,445 (TCP) 138 and 137(UDP). Also, add an exclusion for the Windows defender.
Related
I have created a Windows WCF Service and I want to host it inside Azure VM.
The service is locally running fine inside the VM, but when attempting to access the service outside of the VM, I cannot connect to the service at the specified port.
While requesting the service, I'm getting the following error:
SocketException (0x274d): No connection could be made because the target machine actively refused it...
Also, while pinging the VM through the command prompt with public ip, I'm getting Request timed out.
I have enabled the port for TCP in Azure inbound rules as well as in VM firewall inbound rules. The VM is Windows Server.
How can I access the service running in the VM from another system?
Any help is appreciated.
check application is running on the port you exposed
check windows level firewall allows traffic on that port from your destination
check NIC level NSG allows traffic on that port from your destination
check subnet level NSG allows traffic on that port from your destination
you might also have Azure Firewall\UDR\NVA in the networking setup, check those as well (this is highly unlikely if you are not running an enterprise grade setup).
I created an application security group, assigned it to two VMs and there is a lot more in that resource group but my question is when I RDP into one of the VMs, I cannot ping the other VM and or reach a website hosted on the other VM. Plus because of an NSG, I am able to reach that website from my local machine.
I thought using ASGs mean, I don't have to do anything else for connected VMs to talk to each other? Also of note, if I open up the ASG to everything in the NSG, I am able to ping and reach the site from the other VM. What am I missing?
Both VMs are in the same vnet and subnet. Screenshot of NIC of one of the VMs below:
when I RDP into one of the VMs, I cannot ping the other VM and or
reach a website hosted on the other VM. Plus because of an NSG, I am
able to reach that website from my local machine.
You're able to connect to the other VM from the VM because VMs in the same virtual network can communicate with each other over any port, by default. This means you can access the other VM using its private IP address from one VM. Note, by default, Firewall inside the VM may disable the ICMP packages, you may use netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow to enable the ICMP inbound traffic if you work on Windows Azure VM or temporarily turn windows firewall off to test this when you ping each other.
In this case, you may check the above first. If you still do not ping VMs or reach a website hosted on the other VM2 from the VM1 inside the private network. I may think that something is blocking on the NSG side. It is not a good way to use PING test the VMs connectivity. You could use telnet to verify if the specific port is blocking.
I thought using ASGs mean, I don't have to do anything else for
connected VMs to talk to each other?
Yes, you don't have to do anything else for connected VMs to talk to each other as they already in the same subnet where they can communicate with each other.
You may refer to more details about Application security groups.
I have a Windows Server 2012 virtual machine provisioned on Azure. I installed Neo4j server on this virtual machine and I'm accessing the Neo4j browser on localhost:7474.
However I cannot access the browser outside using my virtual machine's public IP e.g <machineIP:7474>
Here's what I have done so far:
In the Azure portal, I added inbound rules for the NSG to allow http and https ports 80 and 443 (I have done the same on a Linux virtual machine also hosted in Azure and I can access the browser just fine)
I also added an inbound rule in Windows Firewall to allow Port 80 and 443 as well
What possibly blocks me from accessing the virtual machine's IP from the outside?
You have to add TCP port 7474 to the firewall in the Azure portal:
change your neo4j-server.properties
set
org.neo4j.server.webserver.address=0.0.0.0
To remotely access Neo4j installed on a Windows VM in Azure, these are the changes you'll need to make:
In the Azure portal, add TCP port 7474 to the Endpoints of your Windows VM
On your Windows VM, in the Windows Firewall Advances Security, add a new Inbound Rule for port 7474
Change the conf/neo4j.conf and uncomment this line:
org.neo4j.server.webserver.address=0.0.0.0
Note: In case you also want full access to Neo4j's browse interface including Bolt, then also add port 7687 both in the Azure Endpoints and the Windows Firewall.
I'm using Windows Azure virtual machines. What I did was I have added some new TCP port to inbound and outbound rules in the firewall. After that I can't get the Remote Desktop connection from my PC. But I got Remote Desktop connection from another virtual machine by using the local IP address.
My DNS is :xxxx.cloudapp.net:3389.
This is the issue I'm facing. What I actually want is to give provision to new ports inbound and outbound rules in windows Azure virtual machines. Any help would be grateful.
Not exactly a programming question but anyway:
Nmap scan report for mjsindia.cloudapp.net (13.66.56.229)
PORT STATE SERVICE
3389/tcp filtered ms-wbt-server
Make sure you have 3389/TCP open inbound on both the Network Security Group or ACL in the Azure Portal and Windows Firewall (on the VM, for all Firewall profiles - Private/Public/Domain).
I have created an Azure virtual network with point-to-site connectivity enabled.
The point-to-site address space is 10.0.0.0/24 (10.0.0.1 - 10.0.0.25).
The virtual network address space is 10.0.1.0/24 (10.0.1.4 - 10.0.1.254).
I added an Azure VM, and it is assigned an IP of 10.0.1.4.
I created the client VPN package and installed it on a machine. It creates a PPP adapter with an IP address 10.0.0.1.
As a result I can't ping / connect to from the client 10.0.0.1 to the VM 10.0.1.4.
How should this work? Do I need some other routing or should I have somehow ended up with the client and VM in the same subnet?
Should I have set up DNS?
It is simple - Windows VMs have default Firewall enabled (as do all default WIndows Server Installations). And this Windows Firewall blocks ICMP packets (which are the PING) packets.
You can easily test the connectivity to the VM by simply trying remote desktop to the targeted VM. Or disable the Windows Firewall.