Not able to access Azure cloud service URL from public internet

0
votes

I have deployed my ASP.NET WebForms application (Azure Web Role) on Azure virtual network. I have been told by the IAAS team that the subnet which I have used needs Proxy XX.XX.XX.XX:8080 for accessing the application from the internet. If it's a virtual machine I can add proxy xlass, but I am not able to add the proxy class in service configuration file and added it in application web.config, but still it's opening from public internet and not able to connect to RDP.

Please help me with this.

Thanks

2
asp.netazureazure-web-rolesazure-cloud-servicesazure-virtual-network
are you trying to RDP into the system or specifically having an issue with the web app? - Adam Tuliper - MSFT
I tried RDP and also tried opening application with xxxxx.cloudapp.net, I have been told by IAAS team that i need to use proxy xx.xx.xx.xx:8080 to make the cloud service accessible to public network - Ashok Padarthi

2 Answers

0
votes

RDP wouldn't require a proxy that I'm aware. I imagine you match the same config as mentioned here to set your ACLs (too many images and not enough text to copy here)

http://blogs.msdn.com/b/walterm/archive/2014/04/22/windows-azure-paas-acls-are-here.aspx

If you really are trying access for RDP check out the following. If just web access, the above should work.

http://www.cloudcomputingadmin.com/articles-tutorials/windows-azure/azure-virtual-networks-and-cloud-services-part3.html

As per https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-rdp-detailed-troubleshoot/

Source 3: Cloud service endpoint and ACL

To eliminate the cloud service endpoint and ACL as being the source of issues or misconfiguration for virtual machines created using the Service Management API, verify that another Azure virtual machine that is in the same cloud service or virtual network can make Remote Desktop connections to your Azure virtual machine.

enter image description here

If you do not have another virtual machine in the same cloud service or virtual network, you can easily create a new one. For more information, see Create a virtual machine running Windows in Azure. Delete the extra virtual machine when you are done with your testing.

If you can create a Remote Desktop connection with a virtual machine in the same cloud service or virtual network, check for these:

The endpoint configuration for Remote Desktop traffic on the target virtual machine. The private TCP port of the endpoint must match the TCP port on which the Remote Desktop Services service on the virtual machine is listening, which by default is 3389. The ACL for the Remote Desktop traffic endpoint on the target virtual machine. ACLs allow you to specify allowed or denied incoming traffic from the Internet based on its source IP address. Misconfigured ACLs can prevent incoming Remote Desktop traffic to the endpoint. Examine your ACLs to ensure that incoming traffic from your public IP addresses of your proxy or other edge server is allowed. For more information, see What is a Network Access Control List (ACL)?.

0
votes

To have public internet connectivity into your worker role you need one of the following:

  1. A public IP address (https://azure.microsoft.com/en-us/documentation/articles/virtual-networks-instance-level-public-ip/) associated to the worker role instance (or)
  2. A public endpoint configured to expose a specific port (https://azure.microsoft.com/en-us/documentation/articles/load-balancer-overview/)

If you use Network Security Group, please ensure that you have appropriate ACLs opened up to allow connection from Internet.

Thanks