This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 71%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi,
We have connected the on-premises network to azure network via Express Route using Hub-and-spoke network topology.
How to connect from Azure Web apps to on-premises SQL Server ? One option is using Hybrid networking , which i dont want to use.
if i perform VNet integration for my azure web apps , as mentioned below article, can i access on-premises SQL Server directly ?
https://learn.microsoft.com/en-us/azure/app-service/web-sites-integrate-with-vnet
Please help.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 59%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
If you are using ExpressRoute, it would be possible to access the OnPremise SQL Database from the App Service by using regional VNet Integration as this enables your app to access resources across Azure ExpressRoute connections.
You may also refer to this blog might be helpful.
Thanks for asking question! You can use the Azure App Service Virtual Network Integration to deploy your application inside a VNet and this enables access from your application to other services, VMs, or databases that are deployed inside the same Vnet.
If you want to establish the connection the virtual network must have a VPN gateway that is dynamic, VpnGw1 or a higher size, and configure for point-to-site connectivity.
Once an app service is connected to a virtual network, you can:
• Enable the app service to talk with Azure virtual machines on that virtual network.
• Hop to on-premises via site-to-site VPN connections also make by that gateway.
Please note that The gateway-required VNet Integration feature doesn't integrate an app with a VNet that has an ExpressRoute gateway. If you need to access resources through an ExpressRoute connection, use the regional VNet Integration feature and there is no additional configuration is required for the regional VNet Integration feature to reach through your VNet to on-premises resources. You simply need to connect your VNet to on-premises resources by using ExpressRoute or a site-to-site VPN.
Also, If you use gateway-required VNet Integration, update your on-premises VPN gateway routes with your point-to-site address blocks. When the site-to-site VPN is first set up, the scripts used to configure it should set up routes properly. If you add the point-to-site addresses after you create your site-to-site VPN, you need to update the routes manually.
The App Service Environment is other solution where you deploy single-tenant Isolated tier app services plans in an environment that is connected to a virtual network. This means that every instance in the app service plan is already in the virtual network, and can communicate directly with Azure virtual machines in the same network without needing any VPN or hybrid connections.
You may also refer to below doc link for different use case feature and scenario might be helpful:
https://learn.microsoft.com/en-us/azure/app-service/networking-features
More details: https://github.com/uglide/azure-content/blob/master/articles/app-service-web/web-sites-integrate-with-vnet.md
From the above answer , i understand that if we use Regional VNet Integration feature for Azure App Service , then we can connect to on-premises SQL Server.
Please let me know if my understanding is correct .