I created a VM on Windows Azure. My actions
1) "File and Printer Sharing (Echo Request - ICMPv4-In)" set On
2) Windows Wirewall set Off
It still does not ping.
UPD: The network is working properly.
What do you mean by not pinged?
ICMP as protocol is disabled/blocked at Azure LoadBalancer level. So no matter what you do in your VM, you will never get ICMP traffic from the Internet inside the VM. The only way to get ISMP traffic into a VM is via Azure Virtual Network, and Azure Connect and from a valid joined computer.
Your actions (1) and (2) will help you get ICMP traffic from either:
Another Virtual Machine in the same Cloud Service
Another Virtual Machine in the same Virtual Network
Your computer, if it is part of the same Virtual Network
Your Computer if it and the target VM are in the same Group from Windows Azure Connect
** UPDATE **
After clarifying the question, you still will never be able to successfully execute ping whatever.cloudapp.net. In order to "make visible iis site", you need to add an Endpoint to your VM from the portal or the Management API for the port you need. In your case - port 80.
Related
I created a Server 2019 VM in Azure and want to use nested virtualization. On the 2019 VM, I created a Windows 10 VM in Hyper-V. The problem is that the Windows 10 VM does not have internet connection. Even though a virtual switch was created on the 2019 VM, the nested Windows 10 VM is not able to reach the Azure gateway.
Here's the Server 2019 Network settings
This is the Hyper-V Switch
And finally this is the Windows 10 VM network settings. It never gets an IP address from the host and even when assigned a static IP it cannot route to the gateway. What am I missing?
The overall problem I'm trying to solve is to have Apache Guacamole able to connect to nested VMs, which isn't possible with NATing.
You cannot reach the internet because your default gateway is blank.
You are getting auto configured IP addresses without default gateway (169....) (probably) because you do not have a DHCP server.
You can configure the DHCP server on the Hyper-V host running in Azure
or on a nested Hyper-V VM if needed.
see: https://www.nakivo.com/blog/hyper-v-nested-virtualization-on-azure-complete-guide/
I have created a Windows WCF Service and I want to host it inside Azure VM.
The service is locally running fine inside the VM, but when attempting to access the service outside of the VM, I cannot connect to the service at the specified port.
While requesting the service, I'm getting the following error:
SocketException (0x274d): No connection could be made because the target machine actively refused it...
Also, while pinging the VM through the command prompt with public ip, I'm getting Request timed out.
I have enabled the port for TCP in Azure inbound rules as well as in VM firewall inbound rules. The VM is Windows Server.
How can I access the service running in the VM from another system?
Any help is appreciated.
check application is running on the port you exposed
check windows level firewall allows traffic on that port from your destination
check NIC level NSG allows traffic on that port from your destination
check subnet level NSG allows traffic on that port from your destination
you might also have Azure Firewall\UDR\NVA in the networking setup, check those as well (this is highly unlikely if you are not running an enterprise grade setup).
I'm using Windows Azure virtual machines. What I did was I have added some new TCP port to inbound and outbound rules in the firewall. After that I can't get the Remote Desktop connection from my PC. But I got Remote Desktop connection from another virtual machine by using the local IP address.
My DNS is :xxxx.cloudapp.net:3389.
This is the issue I'm facing. What I actually want is to give provision to new ports inbound and outbound rules in windows Azure virtual machines. Any help would be grateful.
Not exactly a programming question but anyway:
Nmap scan report for mjsindia.cloudapp.net (13.66.56.229)
PORT STATE SERVICE
3389/tcp filtered ms-wbt-server
Make sure you have 3389/TCP open inbound on both the Network Security Group or ACL in the Azure Portal and Windows Firewall (on the VM, for all Firewall profiles - Private/Public/Domain).
I have created an ssrs report inside an Azure Virtual Machine (SQL Server 2012 SP1 on Windows Server 2012). When I try to view the report from the Virtual machine it opens up in the browser with a proper url like
http://mysamplevm/ReportServer/Pages/ReportViewer.aspx?%2fMySampleReport&rs:Command=Render
When I try to open the same url from my local machine, it says webpage is not available. I have completed the following settings too.
Created Inbound & Outbound rules in Virtual Machine Firewall for port numbers 80 and 443.
Created end points for the same port numbers in azure management portal.
You shall access the report server via the public DNS Name - this is sort of http://mysamplevm.cloudapp.net/ReportServer/Page, and not http://mysamplevm/. You can get this when you navigate to the dashboard of your VM in the management portal - right hand links are named Quick glance, the second is DNS Name.
Because your computer has no idea how to find mysamplevm.
While astaykov is correct regarding the URL, there are two more steps you need to go through to make your report server accessible from outside your VM:
Open HTTP/HTTPS endpoint for your VM in Azure management portal
Open a firewall port:
Open Windows PowerShell on your Virtual Machine
Run the following (for port 80):
New-NetFirewallRule -DisplayName “Report Server (TCP on port 443)” -Direction Inbound –Protocol TCP –LocalPort 80
Now you can access your report server from remote computers through:
http://yourservername.cloudapp.net/reportserver
You have to log into the VM and open windows firewall advanced settings. In Inbound settings, allow port 80 to accept connections.
In addition to what DivineOps has mentioned. In Azure portal (new version), you have to go into NSG to configure firewall rules.
For me, I had to configure inbound rules, both on VM (via RDP) and via Azure portal for it to be accessible.
I'm new to Azure (strike 1) and totally suck at networking (strike 2).
Nevertheless, I've got two VMs up and running in the same virtual network; one will act as a web server and the other will act as a SQL database server.
While I can see that their internal IP addresses are both in the same network I'm unable to verify that the machines can communicate with each other and am sort of confused regarding the appropriate place to address this.
Microsoft's own documentation says
All virtual machines that you create in Windows Azure can
automatically communicate using a private network channel with other
virtual machines in the same cloud service or virtual network.
However, you need to add an endpoint to a machine for other resources
on the Internet or other virtual networks to communicate with it. You
can associate specific ports and a protocol to endpoints. Resources
can connect to an endpoint by using a protocol of TCP or UDP. The TCP
protocol includes HTTP and HTTPS communication.
So why can't the machines at least ping each other via internal IPs? Is it Windows Firewall getting in the way? I'm starting to wonder if I've chose the wrong approach for a simple web server/database server setup. Please forgive my ignorance. Any help would be greatly appreciated.
If both the machines are in the same Virtual Network, then just turn off Windows Firewall and they will be able to ping each other. Other way is to just allow all incoming ICMP traffic in Windows Firewall with Advanced Settings.
However there is a trick. Both the machines will see each other by IP Addresses, but there will be no name resolution in so defined Virtual Network. Meaning that you won't be able to ping by name, but only by direct IP address. So, if want your Website (on VM1) to connect to SQL Server (on VM2), you have to address it by full IP Address, not machine name.
The only way to make name resolution within a Virtual Network is to use a dedicated DNS server, which you maintain and configure on-premises.
This article describes in details name resolution scenarios in Windows Azure. Your particular case is this:
Name resolution between virtual machines and role instances located in
the same virtual network, but different cloud services
You could potentially achieve name resolution, if you put your VMs is same cloud service. Thus you will not even require dedicated virtual network.
If your VMs are inside a Virtual Network in Azure, then you have to make sure two things.
Required Port is enabled.
Firewall is disabled on the server.
I was trying to connect to one VM where SQL Server DB was installed, from another VM. I Had to enable 1433 port in the VM where SQL was installed. For this you need to add an MSSQL endpoint to the VM on the azure management portal. After that i disabled windows firewall. Then i was able to connect to the VM from another.