Azure VM - site isn't reachable externally - azure

I am new to Azure and got confused with my setting.
I've created a VM, and I can see I have the below:
Both are pointing to the same app with the same IP.
I have connected to the machine using RDP, set the IIS correctly and deployed my WebAPI. When tested locally all seems to be fine.
However, the site isn't reachable externally, neither with the CloudApp domain (nmsw10services.cloudapp.net) nor my own domain which is pointing to the same IP.
Can someone please point what I'm doing wrong in here?
Any help is much appreciated.
Thanks

You need add endpoints for your web app.
By default, when you create a classic VM, it will create an endpoint for RDP (port 3389). You also need add your endpoints according to your app.
More information about endpoints please refer to this article.

Related

Application Insights wrong ip address

I am using Application Insights to track my user location, but I run into this error:
running my code locally works fine, but as soon as I deploy my application on Azure, my user location is always the same as the server location.
I look around for a solution, but can't find any clear solution.
Anyone any idea?
Thanks a lot!
There are two different things here:
If your service / application is instrumented with AI and hosted on Azure then and if you see the incoming request on that service you should see the IP address of the client when you look into the details on analytics portal.
If your service sends telemetry data using some track() API then that would ofcourse get the ip of the location where the service is deployed.
So it depends on what you are looking at.
Most likely your server sits behind a reverse proxy and needs forwarded headers.
Try this in your startup:
app.UseForwardedHeaders(new ForwardedHeadersOptions{ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto});

Service Fabric Not able to open the website once the service and frontend is deployed

I deployed a sample "WordCount" Azure sample to service fabric cluster. I see that both the service: fabric://wordcount/WordCountService and fabric://WordCount/WordCountWebService are running OK, however, when I try to access the app from browser with below URL, the app does not come up.
http://tenantname.southcentralus.cloudapp.azure.com:19080/wordcount
NOTE: On local SF cluster, it comes up perfectly fine: http://localhost:8081/wordCount
Does anyone ran into same issue and able to resolve. Any help will be appreciated.
Thanks.
Nick
19080 is used by SF Explorer (the management web UI), so when you access the app, use it's own port, like you did locally with 8081.
Update to answer follow-up question from comments:
For the Word Count sample, the default port is 8081, see here:
https://github.com/Azure-Samples/service-fabric-dotnet-getting-started/blob/master/Services/WordCount/WordCount.WebService/PackageRoot/ServiceManifest.xml#L25
You can check the port in Service Fabric explorer, like so:
I found the solution of this issue: I needed to setup the load balancer rule so that external request is mapped to the Azure SF's internal TCP port. Appreciate much Itaysk for looking into it.

Can't browse to Azure Cloud Service site URL

I've deployed an Azure cloud service (not a web site) and I'm trying to access it via a browser. When I attempt to browse to the 'site url', it times out. Nor can I ping the Public VIP listed in the Azure dashboard for the service. Hrm.
Now, if I log on to one of the instance VMs, fire up IIS Manager and find the IP address it has listed for the web site, I can browse to that one. Weird.
I'm sure I'm just thick and am missing something simple here. Can anyone point me in a good direction to make my service's site url browsable?
The service definition I'm using is https://github.com/NuGet/NuGetGallery/blob/master/src/NuGetGallery.Cloud/ServiceDefinition.csdef, if that helps.
You can check the "endpoints" tab under the cloud service section of the Azure portal.
There should be an endpoint listed for HTTP that redirects to your VM. You can forward different public ports on the cloud service to individual ports on specific VMs within the cloud service.

Windows Azure - Communicate between web site and VM without enabling external/remote access

I'm new to Azure and have set up an Asure web site which will connect to a SOLR instance on an Azure VM. The web site cannot communicate with SOLR (port 8080) unless I create an endpoint. In order to create an endpoint I need to provide an internal and external port, however I do not want to allow external/remote access to SOLR, other than from the web site itself. Can anyone tell me how I should allow the web site to communicate with my VM, without making the VM publicly accessible?
Thank you,
JP
As #hhaggan stated, you cannot create a virtual network connection, or secure an endpoint, from Web Sites to a Virtual Machine. One option to consider is the use of SSL+certificate to secure the endpoint.
If you instead deploy your web application to a web role (in a cloud service) or a virtual machine, you can then take advantage of a brand new feature called Endpoint ACL. In essence, you can whitelist / blacklist a set of IP address ranges that may access your SOLR external endpoint. You can read about ACL'd endpoints, and how to configure them, here.
Now: You might be asking yourself why this doesn't work with Web Sites. That's because Web Sites runs on a server farm, and sites don't get unique IP addresses (unlike Cloud Services).
if you are talking about Windows Azure Websites, I am not sure if this can be done but if you are talking about Web roles in Windows Azure Cloud service, here is something that I hope it can be beneficial.
Connect ASP.NET application to SQL Server in Windows Azure via Virtual Network http://msdn.microsoft.com/en-us/library/windowsazure/jj823135.aspx
you might also would like to have a look on this http://www.windowsazure.com/en-us/services/virtual-network/ I don't think you will need it but I am just sharing it with you, it is for WIndows Azure Virtual Network.
let me know if this solved your problems or if you need anything else.

Azure VM: Can't access/ping port 80

I am new to the Azure platform so hopefully this is an easy question:
I am currently setting up a Sharepoint web farm through Azure. My current architecture looks like this:
A WIN2008 VM serving as my Domain Controller. I have the domain setup and AD running
A WIN2008 VM SQL2012 serving as my db server
A WIN2008 VM serving as my sharepoint web server.
All of the VMs belong to the domain.
I have sharepoint up and running on the sharepoint web server and I can access the sharepoint sites using //localhost. However, I cannot access the sites from an external computer (port 80). I cannot ping it with the IP Address or the *.cloudapp.net address. I have already ensured the firewall ports for 80 are open for all profiles. I have also setup an endpoint for port 80 on the sharepoint VM.
Any thoughts? I appreciate your help in advance.
To elaborate on the endpoint reference above:
There is a configuration page in the Azure portal that you need to check out to ensure that the proper ports are open AS WELL AS the ones on the Endpoints page for your windows VM. I assume the same would apply for other hosted OS VMs like Linux, etc.
When I came across the Endpoints tab for the VM in question on the Azure portal I noticed that there were RDP and PowerShell ports listed but no HTTP. After adding that I found that I could hit my IIS server on the VM. In a nutshell its like there are two firewalls, the one on your server and one on the Azure portal.
I believe that Azure will block ping requests
http://social.msdn.microsoft.com/Forums/en-US/windowsazuredevelopment/thread/7ce4e4c5-c714-492f-8cd6-424c01552195
Looks like you have an answer, but of note is that you have to set up endpoints for anything that you want to hit.

Resources