Share via

azure bot to web app private communication

Yazn Zamel (MiddleEast) 0 Reputation points
2024-06-10T20:04:37.5233333+00:00

Hi There , i have a setup of resources where i have an azure bot service that is communicating with azure web app as a messaging endpoint , the azure bot and azure web app have private endpoints and are in the same subnet , once the web app is publicly accessible the azure bot is working fine but as soon as i disable the public access on the web app , the communication is no longer working even though there is a private endpoint for both of them and i there is no NSG blocking any traffic.

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,896 questions
Azure AI Bot Service
Azure AI Bot Service
An Azure service that provides an integrated environment for bot development.
774 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,249 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sina Salam 6,341 Reputation points
    2024-06-10T21:06:21.8766667+00:00

    Hello Yazn Zamel (MiddleEast),

    Welcome to the Microsoft Q&A and thank you for posting your questions here.

    I understand that you would like to troubleshoot the issue with the Azure Bot Service and Azure Web App communication over private endpoints.

    Solution

    The first thing that could come to my mind even though you mentioned no NSG blocking traffic, double-check all NSG rules associated with the subnet and private endpoints. Sometimes default rules might interfere. So, ensure there are no Azure Firewall or other network security appliances blocking the communication.

    Secondly, Azure Web Apps can be configured to restrict access to only certain IP ranges or service endpoints. Make sure the Azure Bot Service’s IP range is allowed if any such restrictions are configured. Therefore, verify that the Azure Bot Service can reach other resources in the subnet to ensure there are no underlying network issues.

    Thirdly, navigate to the Azure portal, go to your VNet and check the subnets, private endpoints, and integration settings to verify VNet and Subnet Configuration.

    Finally, make sure the Private DNS Zone such as privatelink.azurewebsites.net is correctly linked to the VNet and has the correct A records to review your Private DNS Zone Configuration.

    References

    Use the resources below for more details and step by steps configuration:

    )

    Accept Answer

    I hope this is helpful! Do not hesitate to let me know if you have any other questions.

    ** Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful ** so that others in the community facing similar issues can easily find the solution.

    Best Regards,

    Sina Salam