Share via

How do I setup Azure SQL Server so that it only be accessible through VPN

Hao Hu 20 Reputation points Microsoft External Staff
2023-12-11T14:01:22.7733333+00:00

We have an Azure SQL server, we want this SQL server to be available for internal users on corpnet machines, we are working with a corpnet laptop it is connected to the MSFT VPN, we don't want to add every developer's IP into the firewall rule, if developers use VPN, they can login DB, if don't use VPN, they can't login DB.

Any recommendations?

Thanks, Guy

Azure SQL Database
0 comments

Answer accepted by question author

GeethaThatipatri-MSFT 29,597 Reputation points Microsoft Employee Moderator
2023-12-12T15:48:44.9933333+00:00

Hi, @Hao Hu Welcome to Microsoft Q&A thanks for posting your question.

It's hard to be very precise without more details, but in general, if you've got a point-to-site connection and VPN gateway in place, then you already have a client IP address pool set up. So your SQL's network or firewall can be configured to only allow inbound access from the client IP address pool. This way you don't have to create specific rules per each developer's IP address (which may also change depending on how VPN doles you out).

If more precise IP address allocation/filtering is needed, there's Configure user groups and IP address pools for point-to-site User VPNs

I hope this information helps.

Regards

Geetha

Was this answer helpful?

0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.