This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 64%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
We have started monitoring failed login attempts to our managed instance and see some failed connections that we can't seem to figure out what the attempt may be.
Error message: A disconnect event was raised when server is waiting for Federated Authentication token. This could be due to client close or server timeout expired.
After searching up the IP address in the additional information (removed from screenshot) we can see it is coming from the same subnet that is delegated to Microsoft.Sql/managedInstances.
Is there some sort of connectivity happening with other operations related to the managed instance that are trying to connect? Internal jobs? Any VM we have created use a separate subnet, same as storage. We are seeing this on two separate Managed instances.
We have figured it out. Looks like when users are connected from their devices using SQL Mgmt Studio, PoweBi, and/or LogicApp, the login connection is also using an IP from that SQL MI subnet which I find very weird. But we have confirmed by pulling any login attempt.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 4%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi Ryan Pighin,
Thanks for sharing that you have figured out reason.
Appreciate your effort in sharing the same with the Community.