conexión VPN
I have a VM windows 10. I open three ports 5588,5557,5554 por aplication run in this VM, But I can´t connect to my VPN server over SSL. my machine have filtered this port. How i can open the 443 port to conecct whith may VPN server. Important i have open the 443 port in my VM. How to permited the access to may server over 443 port. i run test-netconnection mi_vpn_server -port 443 from any computer any network is True, but I run this command from Azure VM i get false. help me, please!
Azure VPN Gateway
Azure
-
KapilAnanth-MSFT • 48,736 Reputation points • Microsoft Employee
2023-07-05T10:46:26.9666667+00:00 Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I am afraid your requirement is not clear.
- Are you using Azure S2S VPN Connection or P2S P2S VPN Connection Connection to connect to your VM?
- Or are you using your own VPN server? (Third party VPN services)
- Can you please elaborate from where to where you want to establish a connection?
- Your first statement states you have listening Ports as 5588,5557,5554
- But you want to connect to Port 443?
- Do you want to connect your local server to a VM running in Azure using P2S?
- Is that the requirement
- Or I misunderstood the scenario.
-
Carlos Fernandez del Prado • 0 Reputation points
2023-07-05T13:03:52.15+00:00 Hi, Thanks for reply.
My ingles is not good
I want connect my Azure VM to third part VPN (Fortinet) use with FortiClient, the connect is P2S, When i test te remote port (443) this is unabled from Azure VM, but from other VM or phisical computer on premise this socket is enable and ever use to connect internet to access third VPN Server
-
KapilAnanth-MSFT • 48,736 Reputation points • Microsoft Employee
2023-07-05T14:23:37.1566667+00:00 Azure does not block Internet connectivity to any Public IP by default.
This is the reason you are able to browse websites in an Azure VM
- Make sure your NSG is allowing the requests to your "mi_vpn_server"
- Can you share the results/screenshots of a working TestNetConnection from a working server and from Azure VM?
- Please use IP Flow verify to check if there is any NSG or UDR blocking
Cheers,
Kapil
-
KapilAnanth-MSFT • 48,736 Reputation points • Microsoft Employee
2023-07-06T12:57:48.2433333+00:00 May I know if you got a chance to review my previous comment?
Please let me know if you are facing any challenges or if there are any follow-up questions, I shall be glad to address them.
Thanks,
Kapil
-
KapilAnanth-MSFT • 48,736 Reputation points • Microsoft Employee
2023-07-07T12:24:20.44+00:00 Can you please update us if the action plan provided was helpful?
Should there be any follow-up questions or concerns, please let us know and we shall try to address them.
Thanks,
Kapil
-
Carlos Fernandez del Prado • 0 Reputation points
2023-07-10T20:59:33.0133333+00:00 How you can see, from VM no access to VPN_server. But i running command test-netconnection form my computer the access to VPN_Server is ok.
my computer:
PS C:\Users\myUser> Test-NetConnection 178.60.200.37 -Port 443
ComputerName : 178.60.200.37
RemoteAddress : 178.60.200.37
RemotePort : 443
InterfaceAlias : Wi-Fi
SourceAddress : 192.168.0.36
TcpTestSucceeded : True
-
KapilAnanth-MSFT • 48,736 Reputation points • Microsoft Employee
2023-07-11T06:07:45.2166667+00:00 That means this seems to be an issue with your end Point server.
As we can see, Azure does not block any connection to Port 443 from the VM.
The next step is to check the destination endpoint's logs as to why the connection is not establishing
- If your destination endpoint is an Azure service, such as Azure VPN Gateway , we can further check the logs.
- In case it is a third party application, I would suggest you to check their logs or community forums to see what's the issue
Cheers,
Kapil
-
Carlos Fernandez del Prado • 0 Reputation points
2023-07-12T13:26:02.2666667+00:00 -
Carlos Fernandez del Prado • 0 Reputation points
2023-07-12T13:37:37.1266667+00:00 -
KapilAnanth-MSFT • 48,736 Reputation points • Microsoft Employee
2023-07-12T13:44:31.1533333+00:00 The screenshots do not prove that Azure VM has an issue.
It is highly possible that your endPoint destination is blocking the connection.
I did a repo from my VM and even I was not able to connect over Port 443 for the IP you specified.
To verify that Azure is not blocking anything, please use IP Flow verify to check if there is any NSG or UDR blocking
Cheers,
Kapil
-
Carlos Fernandez del Prado • 0 Reputation points
2023-07-12T13:45:54.34+00:00 Detalles de diagnóstico
Prueba ejecutada: ,Conexión saliente
Información de origen de la máquina virtual: ,HTTPS/443/TCP
Destino: ,178.60.200.43
Última prueba: ,12/7/2023 15:43:18
Estado del tráfico: ,Permitido
Resumen,No hay ninguna regla de seguridad de red que bloquee el tráfico a esta máquina virtual.
Grupo de seguridad de red,Regla de seguridad,Acción aplicada
azcad0002vmuser-nsg,AllowAnyCustom443Outbound,Allow
-
KapilAnanth-MSFT • 48,736 Reputation points • Microsoft Employee
2023-07-13T12:30:17.2966667+00:00 From the test,
- The platform allows outbound connectivity.
- It only means that the destination is not responding to your requests.
Cheers,
Kapil
-
KapilAnanth-MSFT • 48,736 Reputation points • Microsoft Employee
2023-07-17T11:04:46.43+00:00 Could you please provide an update on this post?
Kindly let us know if this helps or you need further assistance on this issue.
Thanks,
Kapil
Sign in to comment