Share via

Fix IMDS connectivity Issue

Daya Ram 0 Reputation points
2025-09-08T07:06:44.9033333+00:00

Hi All,

We are facing a peculiar issue where all the Windows servers don't send heartbeat to Log Analytics Workspace whereas all Linux servers send the data fine . AMA agent is installed properly on the servers, no issues with agent extension and even uninstalled and reinstalled the agent multiple times on the server. AgentTroubleshooter also doesn't run on the server and fails with error "Failed to detect Azure Monitor Agent running on the system. Please make sure Azure Monitor Agent is running". This is expected since I don't see any MonAgent processes running on the server, it's only AMAExtHealthMonitor process running.

I see error logs for IMDS connectivity in the Extension Health and it could be the root cause of the issue.

“[QueryIMDSEndpoint] ErrorCode:1601 ERROR: IMDS appears to not be present on this machine. Error: 12029; Message: A connection with the server could not be established”.

Testing connectivity to IMDS also returns the Computer not reachable error.

Could anyone help me fix this IMDS issue on the servers? If this had been a connectivity issue then it should be for the Linux Servers as well which are in the same subnet as windows servers.

Azure Monitor
Azure Monitor

An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.

0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Daya Ram 0 Reputation points
    2025-09-09T07:45:25.36+00:00

    The issue was due to the missing routes for IMDS. Adding route for IMDS 169.254.169.254 issue was resolved.

    Was this answer helpful?

    0 comments
  2. Anonymous
    2025-09-08T08:42:30.74+00:00

    Hi Daya Ram,

    Thanks for sharing your question in Microsoft Q&A

    To test the connectivity, refer below documents

    https://learn.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-troubleshoot-windows-vm

    https://learn.microsoft.com/en-us/troubleshoot/azure/azure-monitor/azure-monitor-agent/ama-windows-installation-issues-advanced-troubleshooting-steps?source=recommendations

    If testing connectivity to IMDS also returns the computer not reachable error while Linux servers on the same subnet do not face this issue could be related to network or configuration differences specific to the Windows machines.

    Find troubleshooting insights and steps:

    • IMDS endpoint (169.254.169.254) is only accessible via IPv4. If your Windows servers are on a dual-stack network (IPv4 and IPv6), ensure the network interface prioritizes or allows IPv4 traffic for accessing IMDS, as IPv6 routing can cause connectivity problems. This may explain why Linux servers are unaffected if they have different network interface settings regarding IPv6.
    • Verify that no firewall or network security group (NSG) rules are blocking outbound HTTP traffic to 169.254.169.254 on the Windows servers. The error could be caused by local firewall settings or NSG rules restricting access to IMDS. and also verify that the NSGs associated with your subnet allow outbound traffic on port 80, as IMDS operates over HTTP.
    • Check routing and network interface configurations with DHCP enabled on the affected Windows servers. Confirm that the route to 169.254.169.254 points to the primary NIC's IPv4 address and that the NIC's MTU is properly set (typically 1500). If missing or incorrect, adding a manual route might help.
    • Confirm no proxy settings are interfering, as IMDS IP is non-routable and should bypass proxies.
    • Test direct connectivity from Windows servers to IMDS using PowerShell commands or curl with the appropriate metadata header:
    text
curl -H Metadata:true --noproxy "*" "http://169.254.169.254/metadata/instance?api-version=2021-01-01"

    Ensure the VM can access IMDS directly at 169.254.169.254 without being blocked by a proxy. Successful response means connectivity is fine, otherwise investigate network or firewall issues.

    • If IPv6 is not needed, consider disabling it on the Windows VMs to avoid conflicts.
    • If all else fails, advanced network tracing (e.g. with Wireshark) on Windows VMs can help identify exact failure points in connecting to IMDS

    Refer document: Advanced troubleshooting for AMA installation issues on Windows VMs - Azure | Microsoft Learn

    Addressing these points should help resolve the IMDS connectivity issue on Windows servers while Linux servers remain unaffected despite being on the same subnet.

    To get more details refer document: https://learn.microsoft.com/en-us/azure/virtual-machines/instance-metadata-service?tabs=windows

    I hope the provided answer is helpful, do let me know if you have any further questions on this Please accept as Yes and upvote if the answer is helpful so that it can help others in the community.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.