While trying Azure VM migration from ASM to ARM, I realized that "Configure point-to-site connectivity" is checked (so we can say VPN gateway is configured) to the network settings even though I does not have any connection to the VPN gateway.
The network is in use description is displayed in old portal and it still remains after deallocating the VM. Unchecking then save action gives failure as expected by using PowerShell command and Portal.
How to disable this setting? Do I have to recreate VM?
Have you created the VPN gateway on the VNET? If yes, you need to delete the gateway first.
You are able to delete the gateway via portal or powershell.
To get the GatewayId, please run the command Get-AzureVirtualNetworkGateway.
Then we are able to delete the gateway with command Remove-AzureVirtualNetworkGateway -GatewayId your_gateway_id
Related
I have a Linux Virtual Machine (Debian 9) deployed in Azure with Service Endpoints for Sql enabled and properly added -if I navigate the portal towards the VNet and enter the Service Endpoints tab, I can clearly see the Sql Service Endpoint listed. Just FYI, the reason for the Service Endpoint is that the VM has a dynamic IP, so I can't just whitelist it in the DB resource's configuration.
On the other hand, I have an 'Azure Database for MySQL server' deployed in the same resource group, same location and whatnot, but I can't seem to connect to it.
The steps I take when I try to connect are as follow:
I connect to the VM through SSH.
In my VM I have mysql-server installed
I write mysql --host <fully qualified server name> --user <server admin login name>#<server name> -p
I get the following error: "ERROR 9002 (28000): Server is not ready for incoming connections."
I've been reading the documentation and searching in forums for a reason why this might be happening, but I simply cannot seem to make it work. I have tried changing the status of the "Allow access to Azure services" option in the Connection security tab of the DB resource, but it doesn't seem to matter.
Could anyone have any idea of how I might go about solving this??
You said you enabled the SQL endpoint on the virtual network, but did you add a VNET rule to the instance (Attach an existing VNET)? You can find this in Azure Database for MySQL server -> Connection Security -> VNET Rules -> Attach existing VNET.
If you can't see your VNET listed then there is a mismatch between the regions of your SQL server and your VNET: They must be deployed to the same one. Additionally check that you have a General Purpose or Memory Optimized server, this feature is not available in Basic tier.
If all of this is in place, try enabling Diagnostics on the SQL Server, try logging in again a few times, then view the log file and post anything strange.
I am trying to setup a custom build agent on a Windows VM in Azure. I installed the build agent from Azure Pipelines. The VM shows in the agent pool, but is offline. For this VM I used the default settings, so it automatically created a virtual network, public IP, and network security group. The network security group is modified to allow RDP traffic from my IP address only, and to allow HTTPS traffic. I am assuming something with this setup is preventing Azure Pipelines from sending data to the VM.
My first question is how do I get this setup to work. What am I missing?
My second question is how do I get this to work in a more secure way by removing the default link between the public IP and the VM, and ultimately blocking direct access to the VM with a firewall?
VM only needs outbound HTTPS access to Azure Devops
You dont need public ip for the agent vm
https://learn.microsoft.com/en-us/azure/devops/pipelines/agents/v2-windows?view=azure-devops#im-running-a-firewall-and-my-code-is-in-azure-repos-what-urls-does-the-agent-need-to-communicate-with
Following on from the latest Azure maintenance, we cannot remote desktop to one of our VMs and fix potential issue on the IIS server of this machine. Everything was working fine for over 1 year.
The Agent status is now set to "Not Ready" when looking at the properties of the VM in the Azure portal.
We obviously tried to restart the machine but no effect. We cannot redeploy the machine to another node as the VM agent seems to be down.
The outbound NSG rules do not block outbound connection to internet (so that the machine should be able to write to its azure storage).
This user seems to have a similar issue on a VM scale set: Azure VM scale sets not accessible and cannot restart
Any idea on how to resolve this issue ?
I have created a vnet in classic mode. I have created a classic vm and added to the vnet. I am not able to connect to the VM through SSH. No ports are accessible through telnet. Getting a connection timed out error.
I do not have any NSG or ACL. Currently there is only one VM in this vnet.
How can I enable connectivity to this VM? I do not have load balancer either.
I am trying to add my VMs to a vnet to be able to enable server-to-server communication, not for load balancing.
I have just created ARM VMs with the same setup, and it works without any issue. Decided to stop using classic.
I am using AZURE and have created several webapps and one Virtual Machine. I need all of them to be part of a virtual network so that cookies/and other packets transferred between them work properly. I created the VM and the network at the same time. But when I try to add networking to the webapps it shows the network but says that it does not have a gateway.
I don't know how to add a gateway to that VPN or how to make it work. Can anyone please help me?
You have to configure point to site in your virtual network before you can connect a web application to your vnet. Basically, you need to create a gateway and then configure point to site.
Since you already have a virtual network, follow steps 4 and 5 only:
Create a VNet with a Site-to-Site VPN connection using the Azure Portal
Later, configure P2S:
Configure a Point-to-Site connection to a virtual network using PowerShell
If everything goes right, you will be able to select the VNET in your app settings instead of a greyed item.
I wrote about this process a while ago and you can find my notes here.