I have an Azure Website and it is required to consume an elastic search service that's running on a VM.
Although I need to be able to lock the access to elastic search down so only the Azure Website can access it, I can't seem to work out how to do this using the endpoint configuration on the VM.
Am I looking in the wrong place?
Thanks
Carl
You will need to setup a Hybrid Connection between your Web Site and the VM:
Hybrid Connections create a safe tunnel between your Web Site and a VM for example. The screenshot shows the integration between a Web Site and the corporate network, but this also works for VMs running in Azure.
The only requirement is that you install the Hybrid Connection Manager on your VM. More information:
http://azure.microsoft.com/en-us/documentation/articles/integration-hybrid-connection-overview/
Related
I have a webforms application that is hosted on an Azure VM that is deployed within a virtual network on Azure. The virtual network is subsequently connected to our on-premise servers via VPN connection and we are able to access the form application from 10.101.1.5/forms
How can I create a URL redirect/alias so that when users type /webforms they will be redirected to the application at 10.101.1.5/forms. Would this need to be put in place on the server of the on-premise device or on the Azure VM
The alias should be on premise. The rest is just redirecting the request to 10.101.1.5 and this should directly work as both machines are on the same subnet.
Hope this helps!
I'm new to Azure and have set up an Asure web site which will connect to a SOLR instance on an Azure VM. The web site cannot communicate with SOLR (port 8080) unless I create an endpoint. In order to create an endpoint I need to provide an internal and external port, however I do not want to allow external/remote access to SOLR, other than from the web site itself. Can anyone tell me how I should allow the web site to communicate with my VM, without making the VM publicly accessible?
Thank you,
JP
As #hhaggan stated, you cannot create a virtual network connection, or secure an endpoint, from Web Sites to a Virtual Machine. One option to consider is the use of SSL+certificate to secure the endpoint.
If you instead deploy your web application to a web role (in a cloud service) or a virtual machine, you can then take advantage of a brand new feature called Endpoint ACL. In essence, you can whitelist / blacklist a set of IP address ranges that may access your SOLR external endpoint. You can read about ACL'd endpoints, and how to configure them, here.
Now: You might be asking yourself why this doesn't work with Web Sites. That's because Web Sites runs on a server farm, and sites don't get unique IP addresses (unlike Cloud Services).
if you are talking about Windows Azure Websites, I am not sure if this can be done but if you are talking about Web roles in Windows Azure Cloud service, here is something that I hope it can be beneficial.
Connect ASP.NET application to SQL Server in Windows Azure via Virtual Network http://msdn.microsoft.com/en-us/library/windowsazure/jj823135.aspx
you might also would like to have a look on this http://www.windowsazure.com/en-us/services/virtual-network/ I don't think you will need it but I am just sharing it with you, it is for WIndows Azure Virtual Network.
let me know if this solved your problems or if you need anything else.
I am new to the Azure platform so hopefully this is an easy question:
I am currently setting up a Sharepoint web farm through Azure. My current architecture looks like this:
A WIN2008 VM serving as my Domain Controller. I have the domain setup and AD running
A WIN2008 VM SQL2012 serving as my db server
A WIN2008 VM serving as my sharepoint web server.
All of the VMs belong to the domain.
I have sharepoint up and running on the sharepoint web server and I can access the sharepoint sites using //localhost. However, I cannot access the sites from an external computer (port 80). I cannot ping it with the IP Address or the *.cloudapp.net address. I have already ensured the firewall ports for 80 are open for all profiles. I have also setup an endpoint for port 80 on the sharepoint VM.
Any thoughts? I appreciate your help in advance.
To elaborate on the endpoint reference above:
There is a configuration page in the Azure portal that you need to check out to ensure that the proper ports are open AS WELL AS the ones on the Endpoints page for your windows VM. I assume the same would apply for other hosted OS VMs like Linux, etc.
When I came across the Endpoints tab for the VM in question on the Azure portal I noticed that there were RDP and PowerShell ports listed but no HTTP. After adding that I found that I could hit my IIS server on the VM. In a nutshell its like there are two firewalls, the one on your server and one on the Azure portal.
I believe that Azure will block ping requests
http://social.msdn.microsoft.com/Forums/en-US/windowsazuredevelopment/thread/7ce4e4c5-c714-492f-8cd6-424c01552195
Looks like you have an answer, but of note is that you have to set up endpoints for anything that you want to hit.
Recentely, I deploy a worker role that it will connect to internet and attemp to access some websites (For example: http://somewebsite.redmond.corp.microsoft.com/en-us/library/).
It successfully access the websites on my development machine running on emulator. But on the Azure virual machine that I deploy my worker role to, it is not able to access the websites. I try to open the websites on VM browering in IE, it is also not able to.
Have u emcounter similar issues? How do u deal with it?
This has nothing to do with accessing the Internet. The URL you provided isn't publicly visible (at least I can't access it from my machine). This means you're attempting to visit a URL behind a firewall, possibly requiring a VPN to access.
Windows Azure VM's, whether worker roles, web roles, or Virtual Machines, are in a public cloud and not behind any firewall. If you wanted to access it from a Windows Azure VM, you'd need to set up a Virtual Network, introduced in the Spring 2012 update. More information here.
Try using Elevated premissions for this. Once,I tried to access internet through RDP of a Role, It was working at that time hence it should be possible for you to access internet. But if are trying to download exes and execute, I Think that isn't possible.Please post you Results here.
Regards,
Vijay.
Can I host an application in Windows Azure and have the database stored on different server? For example I want to keep my data on a server where I dont have to worry about privicy issues. And if this is possible does it remove the value of having an application hosted in the cloud?
thanks
You mean hosting your application on Windows Azure and then hosting the database on your own servers? This is totally possible, but you'd have to publicly expose your database. You could host your database on SQL Azure and that would be a 'separate server' from your Windows Azure host. With SQL Azure, you can set up a firewall rule to allow only your application to access your database.
If you were to host your database on your own servers, I don't think that it would completely diminish the value of hosting your application on the cloud as your app tier at least would still be hosted "in the cloud". Though, you could also run into performance issues in this scenario as SQL is a little slow to access over the internet using TCP.
You can host on premise and use a secure VPN as part of Azure now. This can be done using Azure network in the latest release.
Can setup an Azure site to site VPN and get access to your private data centre that way.