Share via

function not working after migration to production environment

Matt Elman 0 Reputation points
2025-12-09T21:50:37.01+00:00

We created an Azure Function App and we want to use VNet integration so it can connect to our SQL servers inside its virtual network. 

We successfully created a UAT version of this (using dev resource group, vnet...) and everything works fine. However, when we created a production version of the Function App it would not connect.

  1. Once we enable VNet Integration, the Function App becomes unreachable externally

    The public endpoint immediately returns “Service Unavailable”. 

    Even simple HTTP triggers (e.g., StartRun) fail to respond.

  1. Disabling VNet Integration, the Function App works, but

    We have to open the SQL port 

    Whitelisting PossibleOutboundIPAddress did not work

  1. UAT version works — Production version does not

    The UAT Function App, running in a different VNet (Tech_Development), works both externally and with SQL.

    When we replicate the same setup in Production, it fails once VNet Integration is enabled

Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2025-12-09T21:50:48.5633333+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    When migrating your Azure Function App to a production environment with VNet integration, there are several factors to consider that may cause the issues you're experiencing:

    1. Service Unavailable Error: When VNet integration is enabled, the Function App may become unreachable externally due to network security group (NSG) rules or firewall settings that are blocking inbound traffic. Ensure that the NSG associated with the subnet where your Function App is integrated allows inbound traffic from the public IP addresses that need to access the Function App.
    2. Configuration Differences: Since your UAT version works while the production version does not, check for any configuration differences between the two environments. This includes verifying the settings for VNet integration, NSG rules, and any firewall settings that might be present in the production environment but not in UAT.
    3. Point-to-Site Address Range: If you're using point-to-site VPN connections, ensure that the address range is within the RFC 1918 ranges. If your production environment has a different setup, this could lead to connectivity issues.
    4. DNS Configuration: Ensure that the DNS settings for your VNet are correctly configured. If the DNS servers are not accessible, it could lead to timeouts and connectivity issues.
    5. Network Security Groups: Double-check the NSG rules to ensure that they are not blocking the necessary outbound traffic to your SQL servers. You may need to explicitly allow outbound traffic to the SQL port.
    6. Integration Subnet Delegation: Ensure that the subnet used for integration is properly delegated to Microsoft.Web/serverFarms. If the delegation is not set, the Function App may not function correctly.

    If you continue to face issues, consider using the Network troubleshooter in the Azure portal to diagnose and resolve connection issues. This tool can help check the status of the VNet integration and identify common problems with connectivity.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.