Azure SQL Database
An Azure relational database service.
5,121 questions
How to setup Vnet integration between ASP.NET 4.8 Azure Service V3 app and SQL Managed Instance?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 49%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJJ%3C/text%3E%3C/svg%3E)
Jan J. Vopalensky
0
Reputation points
I just created a simple ASP.NET Web Forms app to Azure Service - Premium V3 plan. This app runs fine as long it does not access our database in SQL Managed Instance (MI). When trying to access the database (a simple SQL SELECT statement in the global.asax.ca page) I get the error below.
I read:
- How regional virtual network integration works - Azure App Service | Microsoft Learn
- [https://stackoverflow.com/questions/54534924/arm-template-for-to-configure-app-services-with-new-vnet-integration-feature/59857601#59857601
But it is not clear to me if I should created a new Vnet for this new web app, or (if using the same VNet as our SQL MI) how to configure the app to the SQL MI subnet.
Any suggestions would be appreciated. Thanks, Jan
P.S. When using apps in the older App Service Plans, we could setup VNet integration using the Gateway Subnet option. This does not work in V3 app service plan. Plus it looks like it is being deprecated. This is the warning message I see:
The selected virtual network is located in the same region as your app and can therefore use regional integration which does not require a gateway. Portal support for configuring point-to-site integration within a region will be removed by the end of 2022.
P.P.S. Details for the SQL MI access error:
An attempt was made to access a socket in a way forbidden by its access permissions Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.ComponentModel.Win32Exception: An attempt was made to access a socket in a way forbidden by its access permissions Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. Stack Trace: |[Win32Exception (0x80004005): An attempt was made to access a socket in a way forbidden by its access permissions] [SqlException (0x80131904): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - An attempt was made to access a socket in a way forbidden by its access permissions.)] System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, DbConnectionPool pool, String accessToken, Boolean applyTransientFaultHandling, SqlAuthenticationProviderManager sqlAuthProviderManager) +947 System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions) +342 System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnectionPool pool, DbConnection owningObject, DbConnectionOptions options, DbConnectionPoolKey poolKey, DbConnectionOptions userOptions) +38 System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection) +514 System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection) +91 System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection) +438 System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, TaskCompletionSource1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection) +79 System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection) +201 System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource1 retry, DbConnectionOptions userOptions) +156 System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource1 retry, DbConnectionOptions userOptions) +22 System.Data.SqlClient.SqlConnection.TryOpenInner(TaskCompletionSource1 retry) +92 System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource1 retry) +219 System.Data.SqlClient.SqlConnection.Open() +101 WebFormsApp.Global.GetNumLmsClients() in D:\Projects\WebFormsTestApp\WebFormsApp\Global.asax.cs:33 WebFormsApp.Global.Application_Start(Object sender, EventArgs e) in D:\Projects\WebFormsTestApp\WebFormsApp\Global.asax.cs:21 [HttpException (0x80004005): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - An attempt was made to access a socket in a way forbidden by its access permissions.)] System.Web.HttpApplicationFactory.EnsureAppStartCalledForIntegratedMode(HttpContext context, HttpApplication app) +10107679 System.Web.HttpApplication.RegisterEventSubscriptionsWithIIS(IntPtr appContext, HttpContext context, MethodInfo[] handlers) +123 System.Web.HttpApplication.InitSpecial(HttpApplicationState state, MethodInfo[] handlers, IntPtr appContext, HttpContext context) +181 System.Web.HttpApplicationFactory.GetSpecialApplicationInstance(IntPtr appContext, HttpContext context) +228 System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext) +314 [HttpException (0x80004005): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - An attempt was made to access a socket in a way forbidden by its access permissions.)] System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +10087920 System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +99 System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +263|
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 59%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
SnehaAgrawal-MSFT 18,286 Reputation points2023-01-19T17:25:52.4433333+00:00 Thanks for reaching here! You can connect an application that's hosted by Azure App Service. In order to access it from Azure App Service via virtual network, you first need to make a connection between the application and the SQL Managed Instance virtual network. Reference doc: Integrate your app with an Azure virtual network.
Further could you confirm for data access to your managed instance from outside a virtual network please confirm if all steps followed from below doc link: Configure public endpoint in Azure SQL Managed Instance.
For troubleshooting Azure App Service access via virtual network, refer Troubleshooting virtual networks and applications.
Please let us know to help you better here.
-
Jan J. Vopalensky 0 Reputation points
2023-01-19T21:13:52.1533333+00:00 Thanks for replying. It seems the underlying issue we had was that our test web app was in a new app service plan V3 created in a new Azure resource group. The app and the service plan were in 'group-2', and our SQL Managed Instance and shared VNet were in older 'group-1'. Once I moved the web app to 'group-1', I could connect to one of the Vnet sub-nets there.
But I find it strange that:
- the app service plan V3 could NOT be created using the older 'group-1', and
- I needed to (and could) move our test web app to 'group-1' even though this app was using an app service plan associated with 'group-2'.
-
SnehaAgrawal-MSFT 18,286 Reputation points
2023-01-27T10:57:27.78+00:00 Could you please confirm if you're on an older deployment?, As there are some limitation with using virtual network integration, and for older deployment you can only use the feature from a Premium v2 App Service plan.
-
Jan J. Vopalensky 0 Reputation points
2023-01-30T09:17:18.79+00:00 I am not sure what you mean by "older deployment".
I used VS2022 IDE to publish this web forms app (dependent on the old ASP.NET Framework 4.8) from my Windows 10 desktop. As I sad before, once I moved this Azure App service app from the new resource group (created for the V3 service plan) to the same resource group used by our VNet, I had no issue integrating with that VNet. The deployment was same - VS2022 IDE Publish command where WebPublishMethod = MSDeploy.
Sign in to comment