Share via

Azure PostgresSql Connection timeout for specific users, firewall allows for full network access

Justin H 0 Reputation points
2023-05-06T21:37:19.9533333+00:00

We have a weird scenario that I can't figure out. We have a postgresql server flexible azure server. Firewall has been completely opened.

I can connect, and a colleague can connect from his home network.

My colleagues at the office can't connect to the resource. We have can't find anything being blocked on the client side(network/firewall)

Does anyone know how to access the logs for failed connections? I can't access it through portal. It says: Error

The name 'PGSQLServerLogs' does not refer to any known table, tabular variable or function.

I am writing the logs to a storage account that I can access, but I think those are the postgresql logs, and I don't think the connection attempt is reaching that far because there aren't any failed connections in the log files.

Azure Database for PostgreSQL

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. GeethaThatipatri-MSFT 29,592 Reputation points Microsoft Employee Moderator
    2023-05-07T17:46:08.5366667+00:00

    @Justin H Welcome to the Microsoft Q&A forum, Thanks for posting your question.

    Have you added client IP to allow the connection and you are still facing the issue? please check the troubleshooting document for more information.

    https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-firewall-rules

    Please share some error screenshots and steps on how you are connecting.

    Regards

    Geetha

    0 comments
  2. RahulRandive 10,501 Reputation points Volunteer Moderator
    2023-05-07T18:02:16.82+00:00

    @Justin H

     Thanks for your question.

    When you mention that you and your colleague are able to connect from your home network, it indicates that there may be a problem or obstruction in the connectivity from the office network.

    For such issues, it is advisable to investigate potential problems with the office network or VPN. Additionally, please refer to the following points to examine any client-side issues.

    You can also try connecting from Azure VM (virtual machines) from the same region as Flexible server. 

    • You can simply test the connection from Azure CLI in the portal and see if you can connect. This test can help narrow down if the database is having availability issue or your client network issue.  
    • Ping the FQDN and see if it resolves to our Gateway IP correctly when using PostgreSQL server deployment mode. If you are using the private endpoint, it should resolve to your private IP for the private endpoint.  
    • Confirm that your network allows outbound connections on port 5432. You can try to telnet to your server. When using PostgreSQL server deployment mode, confirm your network/firewall does not block connection to the regional Azure Database for PostgreSQL Gateway IP.
    • If you are connecting within Azure VM (virtual machines), check NSG (network security groups) rules to see if it blocks the connection. Also check the route table and see if there is any VPN device which may need to be configured. If you are using VNET rules, ensure that the service endpoints are correctly configured. 
    • If you are using basic tier and see the error 'Server is not configured to allow IPv6 connections', note that the Basic tier does not support VNet service endpoints.
    • If you see  ‘An existing connection was forcibly closed by the remote host,’ that indicates your client closed the connection to the Postgres server. Check your client timeout and idle connection settings. Learn more about this error. 

    Let us know if this helps or need additional information.

    Thank you!

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.