How to access virtual machine (Windows Server 2008) from browser? - azure

I am trying out the Free Trial Microsoft Azure.
Basically I created an VM running Windows Server 2008 SP1.
There, I am running GeoServer, being able to access the geoserver from the local browser (eg: http://localhost:8080/geoserver/web)
Now, how to access this from a public browser? It has a public IP 13.93.154.109
which I can't even ping it, not to say to access it.
What did I miss out?
Note: I tried both classic/non-classic VM, result is the same.
Also, I am aware that there is an OpenGeo Suite out there for Azure. But it costs a lot. What I am trying to do is, to share the VM with the other existing product.
Thanks in advance.
localhost-from-vm
P.S: I am able to ping 13.93.154.109:3389 using PsPing instead of normal Ping.

You need to open the port 8080 to allow traffic on your VM.
Depending on how you have created the VM, it can be done in different ways:
If you have used the Classic workflow, you need to add an endpoint to your cloud service: https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-windows-classic-setup-endpoints/
If you have used the Azure Resource Manager workflow, you need to create an inbound rule in the network security group: https://azure.microsoft.com/en-us/documentation/articles/virtual-networks-create-nsg-arm-pportal/#create-rules-in-an-existing-nsg

Related

Cannot access nodejs server from outside ec2 instance

I am trying to host a web service on aws ec2 windows server 2008 r2 instance, but am unable to access the server using its public ip outside the instance. The port my application is hosted on as 3333. I have added rules for SSH, HTTP and ICMP in my security group but still cannot access it externally.
I can connect to the machine via RDP but cannot even ping the ip from my local machine. Is it something not supported on amazon free 12 month account?
Have been struggling with this for a while, any help appreciated. Below attached is the snapshot for my selected security group for the instance.
Thanks,
Aakash
You can access your server from anywhere even if you have free tier. You just need to add correct inbound rules in the associated security group. In your case, rules seem fine but the windows defender must be blocking all the incoming requests. You can try turning off the windows defender in your windows ec2 instance by searching "Windows Defender Firewall" -> click "Turn windows defender firewall on or off" -> select "Turn off windows defender firewall(not recommended)" for public requests.
I was facing the same issue. Turning it off worked for me.
I has nothing to do with free tier. You need to allow the ports which you want to access from public. Please go to security groups and allow it.
Make sure that you have allow your server to public access.For giving access go to security group in that inbound rule and allow them to public access.

How to access elasticsearch 2 VM from Website in Azure

I followed this tutorial (Elasticsearch 2.X on Microsoft Azure) and now I got the following question: How do I access elasticsearch 2.3.4 running on the VM from my Asp.Net MVC 5 website?
The VM is not reachable from the internet. So the only solution would be to access the Virtual Network from the WebApp?! But I don't know how to configure the Ubuntu VM to allow access to elasticsearch (I used iptables to allow port 9200 and in the elasticsearch.yml I added network.host: 0.0.0.0) and how to access the Virtual Network from my WebApp.
In the guideline (the link above) stood, that the WebApp and the VM have to be in the same Virtual Network - but I can't add my WebApp to the Virtual Network...
Thanks for any help or ideas! Azure is driving me crazy :|
EDIT: Okay, I found another tutorial (secure communications between azure web-apps and virtual machines), but that did not work either. Right now I can access the elasticsearch VM via an url from everywhere in the internet. When I try to access the VM from the Web-App via the private IP of the VM, it does not work :( Maybe because the Azure team changed something? Some screenshots look different to mine.

Additional VIP on Virtual Machine

I have a requirement to run two different websites, each with its own SAN certificate. This requires that we have 2 IP (or VIPs) on the machine. The machine that will run these websites is currently in Azure as a Virtual Machine running Windows Server 2008 R2.
I have contacted Microsoft Azure Billing support and have been granted a total quota of 3 VIPs on my subscription. How do I now add a second VIP to the Virtual Machine. I cannot find an option for it in the Azure management portal, and the powershell commands (get vm, add ip, updatevm) does not seem to work either.
It is not possible to have 2 VIPs on a single VM. If you can upgrade your VM to Windows Server 2012 and IIS 8 then you can use SNI to enable HTTPs on multiple domains on one VM. Otherwise your only option will be to create 2 VMs or use something else like Windows Azure Websites.
While I have not attempted this within Azure, I would imagine it should follow a standard networking model. You could simply place the VIPs on a loopback interface, then explicitly assign those IPs to your desired virtuals within IIS. No virtual should listen on *:443 or *:80. You would then bind your SSL to the desired IP on the virtual, explicitly. This can all be done within IIS. Azure might be different, but that's how I would do it on a standard build sans Azure. Ping me if you have another questions, but I believe this is very do-able within the current technology stack. I don't have extra VIPs to test within my own Azure account, though, so cannot validate my basic assumptions.

Windows Azure Cloud Service Access

I have created Virtual Machine Windows 2012 Server on Azure and installed Neo4j on that VM. One of the clod service is created for that by Azure as DNS Name.cloudapp.net I want to know how to access that from my laptop so that I can access Neo4j database from my laptop which is in Azure.
So... you spun up a VM, and are just trying to access it remotely? You need to create public endpoints. For neo4j specifically, you'll want to open ports 7474 and 1337. Here's how I have one of my neo4j servers set up:
The endpoint names are arbitrary - just for your reference.
Now: You'll need to think about securing these endpoints, once you open them up. Notice the Manage ACL item on the bottom of the endpoint list. With that, you can specify allowed/denied IP address ranges. With this, you can filter to only allow traffic from your local office/home's public IP address.

Can't get Azure Virtual Machine to serve websites

I've just set up a windows azure VM and installed IIS on it.
When I remote desktop onto the box I can see the default IIS website fine but I can't get this to serve on the web from the IP address of the box.
I've opened up port 80 on windows firewall and also added an endpoint for port 80.
I've tried to access it with the firewall completely turned off also but to no avail...
I cant work out if there is anything else I need to do to get this working?
Add endpoints for port 80 (http) and port 443 (https) to the VM in the Azure portal (tip: this can be automated with powershell or the Azure cli).
Remote desktop to the machine. Open the Windows firewall control panel and allow traffic to port 80 (http) and port 443 (https) or just turn it off ... the firewall is ON by default (tip: can also be scripted through the VM agent / powershell).
Go to the Azure portal and find the cloudapp.net subdomain for your VM (actually the cloud service) your VM is running under. Try accessing the site with that domain. If that doesn't work, try browsing to http://localhost on the server (remote desktop) to make sure IIS works and troubleshoot from there.
Modify the DNS records of your custom domain to use a CNAME to the .cloudapp.net domain. If you need A records make sure to use the public IP of the cloud service (just ping the .cloudapp.net domain to find it or look in the Azure portal).
You might want to look into Azure Websites or Azure Cloud Services (web roles). Those are a lot easier to manage and a lot cheaper. They still offer most of the functionality.
What fixed the issue for me was to go into the Azure Portal, browse to 'Network Security Groups', select the VM and then create an inbound rule to allow traffic to port 80.
Note: Also ensure that the inbound rule to port 80 is added and enabled on the actual VM.
Well, I deleted the existing VM and Cloud service and started again - all worked fine out of the box this time.
How annoying! The only thing I did notice was that before my cloud service had the same name as my VM - this time they had different names so that might have been what was causing the issue.
Cheers
For the newer VMs and pre-configured setups (2015+), it's possible your setup is using an azure asset called "Public IP". If so, you can set a custom DNS name label in it, inside "Configuration". Note that this name will consider any type of region used when creating the VM (e.g. my-site.brazilsouth.cloudapp.azure.com).
It's good to remember that for testing purposes, it still suffices to use the value of the public IP that is randomly designated to you.
The VMs are actually accessed via a Cloud Service (well they are for me). Azure created a Cloud Service automatically to be the scaling engine/load balancer on the front of the VM. I have to connect to the web site via that cloud service, not the VM directly.
Its possible you were using the internal IP rather than the external IP.
The sites have to use the internal IP address in the bindings section of IIS. However, in your dns you will need to use the external IP. This is presumably since the 'internal IP' is just a virtual one that Azure uses to map traffic from the external network to the VM's inside azure.
You should find both the internal and external IP's are visible on the VM's desktop.
Switch off TLS 1.3 in the Registry Editor.
This is what worked for me as of writing this in Mar 2021.

Resources