Share via

Cant map azure file share on target server using private endpoint

Klenti Toska 0 Reputation points
2024-08-05T21:12:48.1833333+00:00

I have set up s2s vpn. i have create a private endpoint and assigned it the file share. when i try to map or access it from other machines on the same network (192.168.59.0/24) it get mapped. but when i try to do it from DC server on network i get the error windows cannot access \10.10.1.4\q-drive.
see picture
firewall is disabled on the server and SMBv2 and v3 is enabled.
windows is 2012 R2 version. I checked the GPOs but there is nothing to block it.
any idea what may block it?

thank you User's image

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,424 questions
Azure Storage
Azure Storage
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,539 questions
Windows for business | Windows Server | User experience | Other

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Konstantinos Passadis 19,591 Reputation points MVP
    2024-08-05T22:00:53.06+00:00

    Hello @Klenti Toska !

    Welcome to Microsoft QnA!

    I must ask ,

    have you added on the routing on the S2S the IP Address of the Private Endpoints ?

    When using private endpoints it is best to utilize the Private DNS Zone , Link the zone with the VNET of the VPN Gateway, and forward DNS queries for the Private DNS Zone to Azure DNS

    Try ping or Test-NetConnection to see whether connectivity is there

    I suspect no connectivity since the Prvate Endpint is a special NIC assigned as a standalone IP Address

    Please try this and let us know !

    --

    I hope this helps!

    Kindly mark the answer as Accepted and Upvote in case it helped!

    Regards

  2. Konstantinos Passadis 19,591 Reputation points MVP
    2024-08-05T22:15:12.2366667+00:00

    Hello @Klenti Toska !

    Thank you for your input

    Alright got it

    have you tried ;

    Get-SmbServerConfiguration | Select EnableSMB1Protocol

    Also i would add a Fwall rule to allow incoming 10.x.x.x just in case !

    I hope this helps!

    Kindly mark the answer as Accepted and Upvote in case it helped!

    Regards

    0 comments
  3. Nehruji R 8,181 Reputation points Microsoft External Staff Moderator
    2024-08-06T13:17:16.1633333+00:00

    Hello Klenti Toska,

    Greetings! Welcome to Microsoft Q&A Platform.

    I understand that you had set up a Site-to-Site (S2S) VPN and created a private endpoint for your file share and you are facing the issue while accessing the file share from a domain controller (DC) server on the same network. Azure Private Endpoint is a network interface that connects you privately and securely to a private link service.  https://learn.microsoft.com/en-us/azure/private-link/troubleshoot-private-endpoint-connectivity.

     

    • The issue is with the DC server’s configuration or network access Once verify the following steps: Check the DC server is correctly configured to route traffic through the VPN and the network settings are properly configured with the VPN configuration.
    • Check there would be no specific network policies or routes on the DC server.
    • Ensure that the DC server’s DNS settings are properly configured to provide the private endpoint's address. Sometimes DNS configurations on a DC can be different from other machines.
    • Verify that the DC server is not on a different VLAN or subnet. Check that the DC server has the necessary permissions to access the file share.

     

    Similar post: https://learn.microsoft.com/en-us/answers/questions/741817/connect-on-prem-to-azure-files.

     

    reference: https://learn.microsoft.com/en-us/azure/storage/files/storage-files-networking-endpoints?tabs=azure-portal

     

     

    Hope this answer helps! please let us know if you have any further queries. I’m happy to assist you further.

    Please "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.