How to VPN to Azure SQL database

EsthThala 20 Reputation points
2023-11-01T09:19:36.51+00:00

I have created a SQL server and database in Azure and i have established and configured a Private Gateway and configured Azure VPN client on my on prem computer.
I get a succesfull connection in the VPN client vut i still can not reach the dtabase in SMSS despite the VPN being connected.
Any solutions?

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,537 questions
Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
1,043 questions
{count} votes

Accepted answer
  1. KapilAnanth-MSFT 45,451 Reputation points Microsoft Employee
    2023-11-03T06:09:34.3366667+00:00

    @EsthThala

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    I understand that you would like to connect to your SQL server using Azure VPN P2S.

    Please note that:

    • Azure VPN P2S Connection is used to provide connectivity from remote clients to a resources located in a Virtual Network.
    • This means, your SQL server should
    1. either be created as a VM connected to this Virtual Network
    2. or use a Private Endpoint in this Virtual Network (if the SQL server is a PaaS service)

    You informed you were using a Private EndPoint.

    From your ping results, we can see that,

    • <yourSqlServerName>.database.windows.net is resolving to the Public IP of the SQL server
    • This is not ideal, we need it to resolve to the Private EndPoint's IP of the SQL server

    If you are trying to access a PaaS service from OnPrem via S2S or from a remote client via P2S, it is mandatory that you configure the DNS resolution at your end to resolve to the Private IP of the Private EndPoint

    • Modifying the Windows Host file is one of the ways to do the above.
    • For scale and production, you can consider using one of the below

    #1 If you have a custom DNS server at the P2S Remote Client

    • Make sure you create a DNS Zone with "database.windows.net"
    • And add the entry "<yourSqlServerName>" and make it resolve to the Private IP of the Private EndPoint

    #2 If you have a custom DNS server in Azure,

    Please let us know if we can be of any further assistance here.

    Thanks,

    Kapil


    Please Accept an answer if correct.

    Original posters help the community find answers faster by identifying the correct answer.

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.