Troubleshoot Azure Private Link connectivity problems and firewalls for virtual machines

  • 4 minutes

Connectivity between your private network and an Azure Platform as a Service (PaaS) could be blocked by a misconfigured private link or misconfigured firewall.

Azure Private Link provides a link from your virtual network to the Azure PaaS services over the Microsoft backbone network rather than over the public Internet.

Deployment troubleshooting

To choose the source IP address for the Private Link service, you must first disable private link service network policies.

When creating a Private Link service using the Azure portal the privateLinkServiceNetworkPolicies setting is automatically disabled. If this is manually enabled, you should disable it using Azure PowerShell or Azure CLI before selecting the source IP address.

az network vnet subnet update \

  --name default \

  --resource-group demoResourceGroup \

  --vnet-name demoVirtualNetwork \

  --disable-private-link-service-network-policies true

Connectivity troubleshooting

In your browser navigate to the Private Link Center in the Azure portal.

Screenshot of Private endpoints.

  • Verify that the Alias and Resource ID for the private link service are correct.

  • Verify that the Visibility of the private link service is correct.

  • Verify that the Load balancer for the private link service is correct, select the load balance, and verify the Frontend IP configuration, the Backend pools, and the Load balancing rules are correct.

  • In the private link service, select Metrics and verify that data is moving when you attempt to connect to the private link service.

For more information on troubleshooting Azure Private Link connectivity problems, see Troubleshoot Azure Private Link connectivity problems.

Troubleshoot firewalls for Platform as a Service (PaaS)

Azure firewall is intended to filter network traffic to protect your resources. A misconfigured firewall can lead to legitimate traffic also being blocked.

When troubleshooting firewall issues ensure that you include the following steps:

  • Review the Azure firewall FAQ and ensure that firewalls are correctly configured.

  • For Azure storage firewalls review any error messages and also download and review the storage diagnostics logs and resolve any issues.