Azure App Service Private Endpoint Returning 404

Francesco Sbrighi 5 Reputation points
2024-11-28T11:54:42.98+00:00

I have an Azure App Service that I'll call "mywebapp." The public URL works correctly, and when I run:

curl -I http://mywebapp.azurewebsites.net

I get the expected response:

HTTP/1.1 302 Found
Content-Length: 145
Content-Type: text/html; charset=utf-8
Date: Thu, DD Nov YYYY HH:MM:SS GMT
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, OPTIONS
Cache-Control: private
Location: /Account/Logon?ReturnUrl=%2f
Set-Cookie: omissis;Path=/;HttpOnly;Domain=mywebapp.azurewebsites.net
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: omissis

The public endpoint works perfectly.

Now, I created a virtual network and a private endpoint. The private DNS zone is privatelink.azurewebsites.net. When I check the recordset, I deduce that the hostname to use is mywebapp.privatelink.azurewebsites.net.

From the Azure virtual network, I perform some tests:

I run:

nslookup mywebapp.privatelink.azurewebsites.net

And I get:

Server:         127.0.0.11
Address:        127.0.0.11#53
Non-authoritative answer:
Name:   mywebapp.privatelink.azurewebsites.net
Address: 10.0.0.5

So far, everything seems fine. The DNS name resolves correctly, and the private IP is correct.

Next, I run:

curl -I http://mywebapp.privatelink.azurewebsites.net

But I get:

HTTP/1.1 404 Site Not Found
Content-Length: 2667
Connection: close
Content-Type: text/html
Date: Thu, DD Nov YYYY HH:MM:SS GMT

This is not what I expect. I've tried many different configurations to get a proper result, but I always end up with this 404 Site Not Found error.

Could someone help me troubleshoot this issue?

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,035 questions
{count} votes

1 answer

Sort by: Most helpful
  1. TP 100.2K Reputation points
    2024-12-01T21:01:52.2166667+00:00

    Hi Francesco,

    When you are connecting via private endpoint you should use same FQDN, e.g. mywebapp.azurewebsites.net

    On your VNet it will resolve to private IP address of your private endpoint and when you are on public network it will resolve to the public IP address of your webapp.

    Please click Accept Answer and upvote if the above was helpful.

    Thanks.

    -TP


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.