Community Center | Not monitored
Tag not monitored by Microsoft.
AVD + NSG connecting to SQL Managed Instance
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 28.999999999999996%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZ%3C/text%3E%3C/svg%3E)
Zuuber
185
Reputation points
We have an AVD environment and have an NSG attached to the subnet, all outgoing traffic has been blocked and we have set explicit outbound rules for things like HTTP\HTTPS, Entra Domain Services etc and this all works fine.
But we are having an issue allowing SQL traffic from AVD to connect to our SQL Managed Instance instance which is hosted within a seperate VNET.
We know the SQL Managed Instance works fine as we use it for other services fine.
Also SQL connects fine if we remove the NSG, so we know its the the rule that isnt quite right.
What should the destinantion service tag be set to for the SQL rule?
We have tried 'Sql' and 'Sql.UKSouth' but neither works.
The only rule that works is if we set the destinantion service tag to 'VirtualNetwork'.
Is it not possible to get a more accurate service tag to target the Managed Instance?
Community Center | Not monitored
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 69%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESR%3C/text%3E%3C/svg%3E)
Sai Raghunadh M 4,575 Reputation points Microsoft External Staff Moderator2024-10-14T16:58:44.8633333+00:00
Sign in to comment
Sign in to answer