How to access to on premise SQL server from an Azure VM

tmsagora 26 Reputation points
2023-03-22T13:42:24.3166667+00:00

I have set up a virtual machine (VM) on Microsoft Azure and I need to access an SQL Server instance that is located on my private network. Currently, access to this SQL Server instance is restricted to connections originating from within the local network or through a VPN connection. However, I do not want to set up a new VPN on my private network in order to access the SQL Server instance from the Azure VM.

I have already attempted to set up an hybrid connection manager on a server that is on the same network as my SQL server. This hybrid connection manager uses an Azure Relay Service, but I have been unable to get my Azure VM to communicate with the Azure Relay Service.

My end goal is to be able to access the SQL Server instance from the Azure VM without having to install a VPN. What are my options to achieve this? Can I configure some kind of secure connection between the Azure VM and the SQL Server instance using the Azure Relay Service? If so, what steps do I need to follow to set this up?

Thank you!

Thomas

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,122 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. vipullag-MSFT 24,106 Reputation points Microsoft Employee
    2023-03-29T10:18:08.21+00:00

    Hello tmsagora

    Welcome to Microsoft Q&A Platform, thanks for posting your query here.

    If you have already attempted to set up the Azure Hybrid Connections feature and have encountered issues with the Hybrid Connection Manager on the Azure VM communicating with the Azure Relay Service, try below troubleshooting steps and see if these help:

    -Verify that the Hybrid Connection Manager on the Azure VM is installed and configured correctly. Try to check Hybrid Connection Manager logs on the Azure VM and ensuring that it is able to successfully connect to the Azure Relay Service.

    -Check your firewall rules to ensure that traffic is allowed to pass through the required ports for the Hybrid Connection Manager and Azure Relay Service. You may need to open specific ports on your on-premises firewall to allow traffic from the Azure Relay Service.

    -Ensure that the Azure Relay Service namespace is configured correctly and that the Hybrid Connection is associated with the correct namespace.

    -Verify that the connection string in your application is correctly configured to point to the Hybrid Connection endpoint address.

    -Check that the on-premises SQL Server instance is configured to allow connections from the Hybrid Connection Manager.

    You can use Azure Private Link to securely access your on-premises SQL Server instance from your Azure VM. Azure Private Link provides secure access to Azure services over a private endpoint in your virtual network. You can create a private endpoint for your SQL Server instance and connect it to your virtual network. Once the private endpoint is created, you can access the SQL Server instance from your Azure VM using the private IP address of the private endpoint.

    Here are the high-level steps to set up Azure Private Link for your SQL Server instance:

    -Create a private endpoint for your SQL Server instance

    -Connect the private endpoint to your virtual network.

    -Configure your SQL Server instance to allow connections from the private IP address of the private endpoint.

    -Access the SQL Server instance from your Azure VM using the private IP address of the private endpoint.

    Ref: https://learn.microsoft.com/en-us/azure/virtual-network/vnet-integration-for-azure-services

    https://learn.microsoft.com/en-us/azure/data-factory/tutorial-managed-virtual-network-on-premise-sql-server

    I hope this helps!

    0 comments