How to access private cognitive search service from an app service having public IP app gateway

Satyam Chauhan 547 Reputation points
2023-07-18T10:26:13.7833333+00:00

Hi,

I have an application gateway with public IP having backend as an app service on which UI code is deployed. The app service have private access with private endpoint and public access is disabled. The app service calls the cognitive search service, and the cognitive search service also have public access disabled and private access is enabled through private endpoint.

  1. When I am using the app gateway public IP to access the UI, it gives error while calling the search service - net::ERR_CONNECTION_TIMED_OUT
  2. When I use the app service URL inside a private VM to access the UI, then it is able to call the search service without any issue.

Please help how can I use the private search service form a public IP app gateway.

Azure AI Search
Azure AI Search
An Azure search service with built-in artificial intelligence capabilities that enrich information to help identify and explore relevant content at scale.
991 questions
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,063 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,746 questions
{count} votes

1 answer

Sort by: Most helpful
  1. SnehaAgrawal-MSFT 21,506 Reputation points
    2023-07-19T06:23:13.9033333+00:00

    @Satyam Chauhan Thanks for reaching here!

    The error message "net::ERR_CONNECTION_TIMED_OUT" indicates that the connection to the search service is timing out. This could be due to a firewall blocking the connection or a misconfiguration of the private endpoint. see- Create a Private Endpoint for a secure connection to Azure Cognitive Search

    You can check if the private endpoint is configured correctly by following the steps in the documentation. You can also check if the firewall rules are configured correctly to allow traffic from the app gateway public IP to the private endpoint.

    If the issue persists, you can try creating a shared private link to connect to the search service through a virtual network IP address instead of a port that's open to the internet. You can also check if the resource owner has approved the connection request you created.

    see- Make outbound connections through a shared private link

    Let us know.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.