Azure DNS Conditional Forwarding is not working

Richard Duane Wolford Jr 206 Reputation points
2023-04-13T08:42:30.0333333+00:00

We have an Azure Storage account and have configured a file share. We've set up Active Directory integration. Under security, we are allowing public access (per client request) but have also set up a private endpoint. We have a VPN gateway from Azure to on-prem using an Azure Gateway. We have set up a DNS resolver. We've set up a conditional forwarder to forward core.windows.net to the inbound IP of the resolver. However, although VMs in Azure obtain the proper IP address, the conditional forwarder is unable to resolve the Azure Private IP, it says it can't find the storage account. Additionally, attempts to use AD credentials from the VMs in Azure always fail. We've followed all of the instructions to the letter, so I was hoping someone might be able to help here.

Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
605 questions
Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,763 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,996 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Richard Duane Wolford Jr 206 Reputation points
    2023-04-24T21:15:11.64+00:00

    I was using the private DNS resolver. However, it turns out that the network engineer didn't know that he had to allow traffic both ways, which is what caused the problem. It's actually been fixed now that he understands, and unfortunately the networking piece there was not in my control. I used WireShark to show that DNS traffic was never making it across. But thanks everyone for the assistance, I hope this will help others.

    1 person found this answer helpful.