Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,557 questions
1 answer
Exploring Cost-Effective Solutions for Routing Traffic from an Azure Private Endpoint to a VPN Gateway
Greetings, I would appreciate assistance with a design to a solution I would like to implement on Azure. Below I summarized all the information and approaches I tried. Customer has a private endpoint on a "consumer" VNet, from which I…
asked 2024-11-01T16:40:03.28+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 17%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOC%3C/text%3E%3C/svg%3E)
Omer Cohen
0
Reputation points
commented 2024-11-08T21:38:10.8766667+00:00
Omer Cohen
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Private link service multi tenant and best practice
Hi guys, I have a tenant with a storage service that is accessible via private endpoint, an external vendor (who also have a tenant on Azure) needs to be able to access my storage account (just this one) without going through the Internet, so I was…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 73%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
0 answers
How to change networking to connect IoTHub to CosmosDB in private subnet
Hey community! The question: How do I connect my Azure IoTHub to my CosmosDB in private subnet? How I can change the CosmosDB networking/firewall settings to accept traffic coming from a (public) IoTHub service endpoint? Brief description: I have an…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 20%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EQ%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 43%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
1 answer
Unable to bypass network traffic through firewall, if private link is configured for storage account.
I have a firewall configured in subnet x in my vnet. I also have an aks cluster launched in the same vnet, within subnet y. I have configured a private endpoint for a storage account, and am trying to access the same from my aks subnet, which is…
asked 2024-11-04T04:49:13.8666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 93%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
Paritosh Kabra
0
Reputation points
answered 2024-11-05T05:57:07.4166667+00:00
KapilAnanth-MSFT
47,046
Reputation points Microsoft Employee
1 answer
User can't see any resource types in the resource type list when trying to create a private endpoint
I have a user who is trying to setup a private endpoint on a keyvault in Azure. We have setup a development subscription and resource group for him to use. We don't want to give him full access to the subscription, but want him to be able to manage…
asked 2024-10-31T00:50:03.2433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 40%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGH%3C/text%3E%3C/svg%3E)
Greg Hunt
0
Reputation points
answered 2024-11-01T16:39:26.0733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 71%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Ganesh Patapati
1,275
Reputation points Microsoft Vendor
1 answer
How to connect Private-Link resource to a VPN gateway?
Greetings, I would appreciate assistance with a design to a solution I would like to implement on Azure. Below I summarized all the information and approaches I tried. Customer has a private endpoint on a "consumer" VNet, from which I…
asked 2024-10-28T21:00:32+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 69%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOC%3C/text%3E%3C/svg%3E)
Omer Cohen
0
Reputation points
commented 2024-10-30T22:15:32.6333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 17%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
Rohith Vinnakota
1,085
Reputation points Microsoft Vendor
5 answers
Azure Virtual Desktop: Error: "Connection was refused because you tried to access a private endpoint resource without being connected to the private endpoint."
I am setting up Azure Virtual Desktop. Host Pool Type is Pooled, Application Group has only one application - just the "Session Desktop". When I enable "Private Link" and "Disable Public Access" (AVD workspace: Global &…
asked 2024-03-14T16:16:15.8566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 77%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERJ%3C/text%3E%3C/svg%3E)
Rajesh Joseph
5
Reputation points
answered 2024-10-30T20:56:07.9633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 3%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKP%3C/text%3E%3C/svg%3E)
Kruti Patel
0
Reputation points
1 answer
What is the supported way to set up privatelink DNS for Azure Data Factory Studio
Hi! When using the Azure Data Factory Studio to edit an ADF the URL for the studio is adf.azure.com in public DNS this resolves with a CNAME to portal.privatelink.adf.azure.com, which in turn resolves to a CNAME datafactoryv2.trafficmanager.net. So a…
asked 2023-04-25T13:31:05.8266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 46%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMR%3C/text%3E%3C/svg%3E)
Mike Rogers
36
Reputation points
edited a comment 2024-10-30T16:33:50.54+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(140.8, 11%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECA%3C/text%3E%3C/svg%3E)
Chris Ash
0
Reputation points
3 answers
Azure CI/CD Pipeline With ACR Private EndPoint
Hi Everyone, We have created an Azure DevOps pipeline and releases for CI/CD and we're using Azure container registry(ACR) for pulling/pushing the docker images, these pipelines/releases working and are able to pull/push the images without an issue as…
asked 2023-05-12T06:21:29.65+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 55.00000000000001%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELA%3C/text%3E%3C/svg%3E)
Lokesh Anji
5
Reputation points
answered 2024-10-30T15:53:03.18+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 42%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJR%3C/text%3E%3C/svg%3E)
Jason Rodman
26
Reputation points
3 answers
One of the answers was accepted by the question author.
How do I use a private dns zone or custom record or private IP to connect to Azure Key Vault and Azure Storage with https over private endpoint?
This question applies to both Azure Key vault and Azure Storage, but I'll be demonstrating with just the key vault to give a tangible example. I have a node app running on a VM and another in a Container Apps environment. I want to grant them the ability…
asked 2023-11-03T17:36:32.8633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 19%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
awf09j
35
Reputation points
answered 2024-10-25T17:48:46.4633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 27%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Schroeder, Michael (CTR)
31
Reputation points
6 answers
Azure Private Link with ARM or Bicep - Private Dns Zone Group does not create A records
Hi, I seem to run into an issue when deploying a private endpoint for Azure Event Hubs or Azure Redis Cache (on the same tenant and subscription). I'm automating the deployment with bicep templates (see below), and I deploy a "Private Dns…
asked 2021-12-16T09:33:20.767+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 28.999999999999996%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
Rémi Sormain
16
Reputation points
commented 2024-10-24T10:40:37.82+00:00
Hein Taljaard
0
Reputation points
2 answers
Is it true that data transfer is more expensive when using private endpoint?
Hi all, We have a storage account and a AKS cluster in same datacenter. We are transferring more than 10 TB data each month and its increasing every month. Originally we connected the AKS cluster to the storage account using the public endpoint and where…
asked 2023-07-05T13:33:27.1366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 25%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EME%3C/text%3E%3C/svg%3E)
Mikkel Eskildsen
0
Reputation points
answered 2024-10-22T12:37:08.4166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 7.000000000000001%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDS%3C/text%3E%3C/svg%3E)
Dirk Slabbert
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Network Connectivity required between Azure PaaS services (like Storage Account) and Azure Log Analytics workspace for sending diagnostics logs
Hi, I want to send diagnostic logs from Azure PaaS service like storage account to a Log Analytics Workspace. I want to keep the network connection private. Is it possible to have a control over the network this traffic uses? Documentation shows that a…
asked 2024-10-17T12:00:48.48+00:00
Rajiv Bansal
206
Reputation points
edited the question 2024-10-17T13:05:57.23+00:00
Ganesh Patapati
1,275
Reputation points Microsoft Vendor
1 answer
Single Subnet vs Separate Subnets for Private Endpoints
Hi We're building various services in Azure (Logic App, Function App, Storage Account, Event Grid, Event Bus, Service Bus, and APIM). These services will be enabled with a Private Endpoint (PE) and all the public endpoint connectivity will be disabled.…
asked 2024-10-14T23:32:36.1966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 5%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETM%3C/text%3E%3C/svg%3E)
Taranjeet Malik
546
Reputation points
commented 2024-10-16T05:03:10.5033333+00:00
KapilAnanth-MSFT
47,046
Reputation points Microsoft Employee
1 answer
If we enable the private endpoints for storage account, can't we able to access storage account by using VNETs
I have a storage account (stgA) with its networking set to "Enabled from selected virtual networks and IP addresses." I've successfully added VNETA to access stgA, and I can access the storage from the VNET. However, after creating a private…
asked 2023-12-22T09:22:17.1233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 47%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKA%3C/text%3E%3C/svg%3E)
Kumar, Addala (623)
0
Reputation points
commented 2024-10-16T03:47:35.11+00:00
KapilAnanth-MSFT
47,046
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Connection issues with multiple private endpoints for a single resource
The architecture explanation is complex so read carefully I have a SQL server in East US region that I want other services to connect to privately, other services includes: AKS App services (both web and function apps) AKS is in West US 2 so I…
asked 2024-10-14T11:35:42.9966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 25%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENU%3C/text%3E%3C/svg%3E)
Najam ul Saqib
340
Reputation points
commented 2024-10-16T03:42:20.5233333+00:00
KapilAnanth-MSFT
47,046
Reputation points Microsoft Employee
1 answer
Azure private endpoint conflict
Hey, I have a private storage account I want to access through private endpoint. I have 2 different vnets and each of them in different resource groups, each resource group has its own dns zone which is the default privatelink.blob.core.windows.net . is…
asked 2024-10-10T19:23:51.0633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 65%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Shriram
0
Reputation points
answered 2024-10-11T06:08:22.65+00:00
KapilAnanth-MSFT
47,046
Reputation points Microsoft Employee
1 answer
Resolving DNS names for Azure private endpoint of another company, when using private endpoint ourselves
Hello, It was hard to find an explicit title for that issue... We got a DNS server hosted in Azure which serves as a relay/conditional forwarder for the private DNS zones we have in our Azure tenant. Following the Microsoft documentation for…
asked 2022-09-19T15:16:29.903+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 33%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
Arnaud Rigole
141
Reputation points
commented 2024-10-10T11:53:45.2666667+00:00
KapilAnanth-MSFT
47,046
Reputation points Microsoft Employee
1 answer
Azure CLI - Cannot create private endpoint for Application Gateway, although private link exists
I'm trying to create a Private Endpoint for an Azure Application Gateway in my environment, but I keep getting the following error, although the private link exists and is in "Succeeded" state: ERROR:…
asked 2024-10-08T12:53:34.37+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 12%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EG1%3C/text%3E%3C/svg%3E)
GiorgosSofroniou-1673
0
Reputation points
answered 2024-10-08T23:23:51.4833333+00:00
Rohith Vinnakota
1,085
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Secure approval of Front Door Private Link connections
I am using Front Door Premium with Private Link connectivity to App Services, per this document: https://learn.microsoft.com/en-us/azure/frontdoor/private-link I am deploying this using code, and would like to securely automate the approval of the…
asked 2024-10-04T16:39:10.0366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 19%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPC%3C/text%3E%3C/svg%3E)
Peter Cresswell
26
Reputation points
accepted 2024-10-08T09:42:20.22+00:00
Peter Cresswell
26
Reputation points