Lev Kaytsner
asked on
Unable to access URL on Azure Windows VM from my on-premise subnet
I have a Web Server on Windows Server 2012 r2 on Microsoft Azure. My vendor built a a webpage that I need to access from my on-premise subnet. I created inbound security rule in the Network Security Group allowing my subnet connection to the server via HTTP/HTTPS and I can't connect using DNS name or IP address. When I enabled access to the same page from my vendors IP address, they can easily access it.
Also, I have a VPN tunnel between my Azure environment and my on-premise subnet.
I can easily connect via RDP, but can't over HTTP.
Any advise appreciated.
Thanks.
Also, I have a VPN tunnel between my Azure environment and my on-premise subnet.
I can easily connect via RDP, but can't over HTTP.
Any advise appreciated.
Thanks.
ASKER
Thanks Dan,
My internet traffic is not going thru the VPN tunnel with Azure and I added our external IP address to the network security group. It didn't help. I even added external IP block that belongs to my firewall outside interface.
But, I can access this server via private IP assigned to the server.
So I wonder if my VPN tunnel with Azure is messing this up.
Thanks,
Lev
My internet traffic is not going thru the VPN tunnel with Azure and I added our external IP address to the network security group. It didn't help. I even added external IP block that belongs to my firewall outside interface.
But, I can access this server via private IP assigned to the server.
So I wonder if my VPN tunnel with Azure is messing this up.
Thanks,
Lev
ASKER
When I do a tracert command to the IP I want to access, I can't even go past my internal router.
I am sure its unrelated, I can't tracert any IP from my workstation or any internal device.
I am sure its unrelated, I can't tracert any IP from my workstation or any internal device.
Can you ping anything on the Azure side?
Dan
Dan
ASKER
No. I don't think Azure allows ping commands.
There are other way to verify connectivity.
Link: https://blogs.msdn.microsoft.com/mast/2014/06/22/use-port-pings-instead-of-icmp-to-test-azure-vm-connectivity/
SysInternals: https://technet.microsoft.com/en-us/sysinternals/psping
*** the utility mentioned in the first link.
Dan
Link: https://blogs.msdn.microsoft.com/mast/2014/06/22/use-port-pings-instead-of-icmp-to-test-azure-vm-connectivity/
SysInternals: https://technet.microsoft.com/en-us/sysinternals/psping
*** the utility mentioned in the first link.
Dan
ASKER
Thanks, this is interesting. Let me try this.
Lev
Lev
Any additional info on this question?
Dan
Dan
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you Dan!
ASKER
With Dan McFadden's help I was able to look into the settings closer and find a solution.
Dan