Connection to Azure SQL Database using Public IP and not my Azure VPN Client-assigned IP

Shawn de Wet

12/19/23, 7:16 PM

I have configured a VNet in Azure with default 10.0.0.0/16 ip range.

I configured my Azure SQL Database to allow connections from the VNet.

I now want to connect my local dev pc to the VNet, so I added a Gateway to the VNet, with the default subnet 10.0.1.0/24, and then configured a Point-to-Site connection on the gateway with address pool 10.2.0.0/16.

(The above settings may be very wrong(?) - I don't know a LOT about networking, so just went with defaults where available, so am open to guidelines about how to do the above better)

I downloaded the VPN Client settings, and configured my Azure VPN Client, which connects to the Gateway and gets an IP address of 10.2.0.2.

I then tried to connect to the Azure SQL Database (using Microsoft SQL Server Mngt Studio) , and I get the popup that says my IP Address is not allowed to connect. However, the IP Address that it is showing is my Router's static IP address with which my router is connected to the internet.

How do I get this connection in SSMS to connect using the 10.2.0.2 address that my Azure VPN client is connected with?

520

1 + 0

azure-networking

Score:0

Server

Appleoddity

12/20/23, 3:48 AM

You are probably trying to connect to the instance using a DNS name which resolves to the public IP address of the server.

You need to setup PrivateLink for your SQL server, including configuring the DNS portion so that the DNS name you use resolves to the server’s private IP address.

https://learn.microsoft.com/en-us/azure/azure-sql/database/private-endpoint-overview?view=azuresql#connecting-from-an-on-premises-environment-over-vpn

Connecting from an on-premises environment over VPN

To establish connectivity from an on-premises environment to the database in SQL Database, choose and implement one of the options:

Point-to-Site connection

Site-to-Site VPN connection

ExpressRoute Circuit

Consider DNS configuration scenarios as well, as the FQDN of the service can resolve to the public IP address.

Or, connect using the server’s private IP address in your vNet, instead of using the DNS name.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Connection to Azure SQL Database using Public IP and not my Azure VPN Client-assigned IP

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.