Hi all,
I've some connectivity issues between an SQL server running on an VM (on Azure) and an Azure Web App connected to the same VNET.
Setup details;
- VM Name: vmtest1
- SQL Server running on 1433 (and I can connect to this SQL Server via "vmtest1" Public IP address)
- Virtual Network: "vnet1"
- Subnet1: 10.0.0.0/24 (for VM NIC)
- Subnet 2: 10.0.1.0/24 (for App Services)
** This VM has a "primaryNic1" associated with Virtual Network "vnet1"
- Network Security Group: nsg1 (for "primaryNic1" only)
- An Azure Web App (.NET Framework 4.8 + Windows OS): "website1"
- both "Azure Web App" and the "VM" is in the same "Resource Group" & "subscription"
- "App Service" is connected to "vnet1" via "VNET Integration". And I can see that it is assign WEBSITE_PRIVATE_IP from 10.0.1.0/24 subnet with 10.0.1.254 IP address.
Now with this setup;
* I'm able to connect to SQL Server running on VM locally (SQL Server is running & accepting connections)
* I'm able to connect to SQL Server locally within VM via sqlcmd;
C:\Users\testadmin1>sqlcmd -S tcp:10.0.0.4\MSSQL2014 -U sqltestuser1 -P correctPassword
1> select db_name()
2> go
my_db_name
(1 rows affected)
1> exit
- I can "tcpping" from "App Service" the VM private IP Address & port 1433;
C:\home\site\wwwroot>tcpping 10.0.0.4:1433
Connected to 10.0.0.4:1433, time taken: 78ms Connected to 10.0.0.4:1433, time taken: <1ms Connected to 10.0.0.4:1433, time taken: <1ms Connected to 10.0.0.4:1433, time taken: <1ms Complete: 4/4 successful attempts (100%). Average success time: 19.5ms
C:\home\site\wwwroot>
- I'm able to see that with a wrong SQL server password, I'm getting rejected by SQL Server (from App Service Kudu console)
C:\home\site\wwwroot>sqlcmd -S tcp:10.0.0.4\MSSQL2014 -U sqltestuser1 -P wrongPassword
Sqlcmd: Error: Microsoft SQL Server Native Client 11.0 : Login failed for user 'sqltestuser1'..
C:\home\site\wwwroot>
- But with the correct password I'm not able to connect to SQL server (and get the prompt successfully). Similary I'm not able to connect from my "website1" app.
I guess there is some sort of "routing problem" from VM side to App Service side. But couldn't figure it out so far.
Any advice is highly appreciated..
thanks