webapp cannot hit private endpoint of another webapp on the same VNet

Question

I've got a .net 7 web app and a Python 3.10 web app. both are on the same VNet, different subnets. My .net app needs to be able to send https POST to the Python web app. I have setup a private endpoint for the Python app. This solution works when the Python app's endpoint is public. I am a software developer, not a networking guy so I am stumbling through this with Google and chatGPT. Any guidance is appreciated!

Answer 1

Hello @John Alexander ,

Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

I understand that you have 2 web apps on the same Vnet but different subnets and you setup a private endpoint for webapp1 but webapp2 couldn't access the private endpoint of webapp1 despite being on the same Vnet.

You found out that the 'Express' option when creating a new private endpoint was putting the endpoint under a different resource group and in a different availability zone than where your application was in. You deleted that private endpoint and created a new one using the 'Advanced' option and put it in the same resource group and zone as your application and it works now.

webapp2 is now able to access the private endpoint of webapp1.

Do let us know if you need further assistance on this issue.

---

Please don’t forget to close the thread by clicking "Accept the answer", as this can be beneficial to other community members.

Answer 2

I finally figured this one out, through much trial and error. the 'express' option when creating a new private endpoint was putting the endpoint under a different resource group and in a different availability zone than my application was in (Central US / East US). I deleted that private endpoint and created a new one using the 'advanced' option and put it in the same resource group and zone as my application, and bam. works. hopefully this helps someone else.