Failed SQL logins to MI coming from same subnet as SQLManagedInstance

Ryan Pighin 61 Reputation points

We have started monitoring failed login attempts to our managed instance and see some failed connections that we can't seem to figure out what the attempt may be.

Error message: A disconnect event was raised when server is waiting for Federated Authentication token. This could be due to client close or server timeout expired.

After searching up the IP address in the additional information (removed from screenshot) we can see it is coming from the same subnet that is delegated to Microsoft.Sql/managedInstances.

Is there some sort of connectivity happening with other operations related to the managed instance that are trying to connect? Internal jobs? Any VM we have created use a separate subnet, same as storage. We are seeing this on two separate Managed instances.


Azure SQL Database
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Ryan Pighin 61 Reputation points

    We have figured it out. Looks like when users are connected from their devices using SQL Mgmt Studio, PoweBi, and/or LogicApp, the login connection is also using an IP from that SQL MI subnet which I find very weird. But we have confirmed by pulling any login attempt.