Virtual Machine DNS issue : This site can't be reached

Sudarshan Bhamare 55 Reputation points
2024-06-20T16:00:12.9133333+00:00

I have a virtual machine and after RDP to that machine I'm trying to login my Azure account from the virtual machine. I'm able to open portal.azure.com but when it redirects to my sso.xxxxxxxx.com it throwing DNS_PROBE_FINISHED_NXDOMAIN error. I'm using firewall and I have added the application rule to allow the fqdn sso.xxxxxxxx.com on port 80 and 443. But I'm still unable to connect to site. It is saying local DNS error. I'm using the default Azure DNS.

User's image

Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
631 questions
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,564 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,289 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Luis Arias 5,981 Reputation points
    2024-06-21T09:42:39.7133333+00:00

    Hello Sudarshan Bhamare ,

    The login process include additional calls to Azure endpoint besides *.portal.azure.com so I suggest to add a rule on your firewall to whitelist below FQDN:

    login.microsoftonline.com
    *.aadcdn.msftauth.net
    *.aadcdn.msftauthimages.net
    *.aadcdn.msauthimages.net
    *.logincdn.msftauth.net
    login.live.com
    *.msauth.net
    *.aadcdn.microsoftonline-p.com
    *.microsoftonline-p.com
    
    

    https://learn.microsoft.com/en-us/azure/azure-portal/azure-portal-safelist-urls?tabs=public-cloud

    If the information helped address your question, please Accept the answer.

    Luis


  2. GitaraniSharma-MSFT 49,391 Reputation points Microsoft Employee
    2024-06-26T09:47:50.3033333+00:00

    Hello @Sudarshan Bhamare ,

    I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others", I'll repost your solution in case you'd like to "Accept" the answer.

    Issue: After you RDP into your Azure VM, you attempted to log into your Azure account from that VM and were able to open portal.azure.com. However, when it redirected to sso.xxxxxxxx.com, you encountered the error "DNS_PROBE_FINISHED_NXDOMAIN." You are using a firewall and have added an application rule to allow the FQDN sso.xxxxxxxx.com on ports 80 and 443. Despite this, you are still unable to connect to the site and receive a local DNS error.

    Solution: You created a Private DNS Zone with that particular domain and hence it was causing the error. You deleted the Private DNS Zone and now the issue is resolved. You are able to login to your Azure account from the VM.

    If you have any other questions or are still running into more issues, please let me know.

    Thank you again for your time and patience throughout this issue.


    Please remember to "Accept Answer", so that others in the community facing similar issues can easily find the solution.

    0 comments No comments