Hi @constantin dorin ,
Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I understand that you would like to access Azure Function in a VNet via Private EndPoint.
From our discussion, it appears that the issue is related with FQDN resolution failing with P2S clients.
With Private EndPoint, there should be private DNS Zones created and linked to the VNet.
Refer : Azure Private Endpoint DNS configuration
I believe this has been done.
If not, request you to create the Zones and link it to the VNet.
Now, the idea here is to make the local computers (connected via P2S) to leverage these private DNS Zones.
- You would require a custom DNS server hosted in Azure to achieve this.
- You should configure the VPN client file, to forward the DNS requests for "xxx.azurewebsites.net" to go to this DNS server (Azure)
- The DNS server should forward all the requests for "xxx.azurewebsites.net" to Azure Wireserver IP 168.63.129.16
- This scenario is described under, On-premises workloads using a DNS forwarder
Now, to make your remote server use the custom DNS server for the domain,
- Refer: Configure Azure VPN Client
- Follow "Add DNS suffixes" and "Add custom DNS servers" to modify the client configuration file.
NOTE: You should not directly add the wire server IP in the custom DNS servers, as only VMs in Azure can reach and communicate with the WireServer IP.
Please feel free to let me know if you have follow-up queries on this.
Cheers,
Kapil
----------------------------------------------------------------------------------------------------------------
Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.