Why Isn’t My Azure SQL Server Connecting via Basic VPN Gateway with Private Link?

By
William Rossbach
-
0
10
Asked By TechWizard123 On

I'm attempting to connect to my Azure SQL Server over a VPN Gateway (Point-to-Site) using Private Link, but I'm running into some issues. Here's the setup:

- I have my SQL Server configured with both public and private access.
- I'm using a Basic VPN Gateway with a P2S connection that tests successfully.
- I've added a DNS entry to point the SQL Server's private VNet IP to the Private Link.

The problem arises when I connect to the VPN—the traffic is still routing over the internet instead of through the VPN. Even with the DNS mapping done, the host can't be resolved, preventing the traffic from reaching SQL Server, so I can't access it privately. I noticed that if I whitelist my home WAN IP, the connection works right away.

Here are my specific questions:
1. Does the Basic SKU VPN Gateway support accessing Azure SQL Server over Private Link?
2. If it doesn't, what would be the best setup for getting this to work with a home network?
3. Could the fact that the Basic SKU is being deprecated affect this issue, even though I can successfully connect to the VPN?

I'm looking to see if this is a limitation of the Basic SKU or if I've made a misconfiguration somewhere.

3 Answers

Answered By DataDudeX On

What do you get when you run test-netconnection $svr -port 1433 from the machine connected to the VPN? If it's going through the VPN and the connection fails, but you can access the SQL Server just fine through your regular internet connection, then we might need to dig deeper into your setup.

Answered By SkyNetGuardian On

You might want to test port 1433 using the private endpoint IP first (like using Test-NetConnection 10.0.0.4 -port 1433). If that's failing, then it’s likely a routing issue rather than a DNS one. Also, check if your private endpoint is in the same VNet as the VPN gateway, or if it’s in a peered VNet. Ensure gateway route propagation is enabled for that VNet. Don't forget to check for any NSGs or route tables that may affect the private endpoint's subnet configuration.

Answered By HackerBuster On

I’ve had the same issue. When I connect to the VPN, I can’t access the SQL Server either. I spent a good amount of time trying to figure it out and eventually gave up. From what I gathered, the problem seems to be that SQL Server is not hosted on your Virtual Network like a typical VM, so the VPN rules don’t really apply.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.