has this been resolved? i have the same issue. but mine is when i use a connection string in visual studio i get this error but when i use SSMS to connect to the database everything is fine. i am confused now.
Error whilst attempting to connect to a SQL server database using a point to site vpn and DNS A record
Hi
I have got a point to site VPN configured, the SQL server database is a PaaS offering, public access has been disabled and a private link configured. The private link has a uri of
my_sql_server.privatelink.database.windows.net
When the P2S VPN is connected, I can connect to the SQL server using SQL login and Azure AD + MFA.
The issue I have here is that I have created a private DNS zone, configured a DNS forwarder and the private DNS zone is called
systems.internal.
I then created an A record for the database server my_sql_server.systems.internal, this points to the local IP address in my spoke vnet.
I get the error below when trying to connect remotely using a P2S VPN, if I untick the encrypt connection and trust server certificate.
TITLE: Connect to Server
------------------------------
Cannot connect to my_sql_server.systems.internal
------------------------------
ADDITIONAL INFORMATION:
A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The target principal name is incorrect.) (Microsoft SQL Server, Error: -2146893022)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft%20SQL%20Server&EvtSrc=MSSQLServer&EvtID=-2146893022&LinkId=20476
------------------------------
The target principal name is incorrect
BUTTONS:
OK
If trust server certificate is ticked, I get the error.
TITLE: Connect to Server
Cannot connect to my_sql_server.systems.internal.
------------------------------
ADDITIONAL INFORMATION:
Cannot open server "my_sql_server.systems.internal" requested by the login. The login failed. (Microsoft SQL Server, Error: 40532)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft%20SQL%20Server&EvtSrc=MSSQLServer&EvtID=40532&LinkId=20476
BUTTONS:
OK
If I connect using a SQL server login, the only way it works for is to use the username in the format
sql_login@my_sql_server.database.windows.net
untick the encrypt connection and trust server certificate.