I have .NET Core APIS. these APIS accessing some end points of other website and it can be access using VPN connection only, so when I test it in my local machine It works because I have active VPN connection. Now When I am publishing this API as a service on azure, It's returning me error that No host is know. How can I allow azure to access that third party website with VPN connection
Related
I have an API that runs in Azure App Service.
I have created a Subnet in Azure for my App Service, to be able to see the on premise server. However, when I try to use an FTP path to the on premise server from within my app running in Azure App Service, it does not work.
Trying to navigate to the \\172.28.2.10\\somefoler\\anotherfolder, it gets mapped to the following drive on the machine my API in Azure is running on: D:\\172.28.2.10\\somefoler\\anotherfolder. It gets mapped to the D drive on the machine my API is hosted on.
How do I successfully FTP to a folder on a server that is not hosted in my Azure enviornment?
You need either:
A hybrid connection from your App Service blade panel:
https://devblogs.microsoft.com/premier-developer/using-azure-app-services-with-hybrid-connections/#:~:text=Hybrid%20Connections%20is%20both%20a%20service%20in%20Azure,enable%20an%20alternate%20capability%20to%20access%20your%20application.
VPN gateway site to site or point to point to your on-premise resource.
https://learn.microsoft.com/es-es/azure/vpn-gateway/tutorial-site-to-site-portal
Expressroute
https://learn.microsoft.com/en-us/azure/architecture/reference-architectures/hybrid-networking/expressroute-vpn-failover
Hi I was able to host an API application an Azure but unable to access the network of my database which is located in a different server under my network
I was wondering what things should I set up to make this happen
Generally, you could enable the networking of app service to allow web app in the app service to access in a private network then connect the azure VNet and on-premise network via a site to site VPN gateway. You could get more details from this article.
However, in this case if you just want to access the database in another network, it's recommended to use Azure Hybrid Connections, it's a simple way without VPN gateway.
Azure Hybrid Connections enables you to connect your Azure App Services (including Azure Functions) to existing on-prem services/APIs. See How to Add and Create Hybrid Connections in your app and more reference.
I'm having this issue with my custom integration to Salesforce from an Azure function right now. For some reason when I test locally and use the local endpoint with Postman I can authenticate with Salesforce just fine but when I publish my Azure function to the cloud and I swap out the endpoint my authentication fails for Salesforce. The exact error message being authentication failure.
At first I thought there must be something wrong with my IP settings for the connected app in Salesforce but I've tested setting Relax IP Settings as well as not defining a Trusted IP Range for OAuth Web server flow and still no success. Here are a couple of screenshots of my settings.
Any ideas why I can authenticate locally but not once I publish to my cloud service in Azure? (I'm using SalesForceSharp to authenticate if that makes any difference)
Finally figured out what the disconnect between my cloud environment (Azure) and Salesforce was when I dug into my login history in Salesforce and found attempts to login from an insecure location.
Apparently different SSL/TLS defaults are setup for local versus cloud environments.
https://github.com/Azure/Azure-Functions/issues/482
Once I input this line at the top of my function and published everything got back to working again.
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
I have a bot I want to host on premise and I've hosted the bot on a domain with a valid SSL cert via letsencrypt. The cert bound to the domain the bot is hosted on is by IdenTrust (DST Root CA X3) which is a participant of the Microsoft root certification program.
The DB the bot is connected to is the local database in the server. However, the domain the bot is hosted on is accessible via web call. The db can also be accessed via another application hosted under the same site the bot is hosted on.
However, I can't access the bot and I keep getting the error below:
[There was an error sending this message to your bot: HTTP status code InternalServerError]
Please help! Thanks!
Webchat client talks to Azure MS bot through Directline API which is hosted in Azure-cloud. You need to find a way to talk to local MS bot through DirectLine API.
Sadly, I don't think if there is any local(on premise) version of DirectLine API.
I'm using
WCF service (Windows authenticated and impersonation)
SQL Server (Windows authentication)
Console application (client)
All are in the same domain.
I'm consuming a Windows authenticated WCF service from a console application as the client. However, when I try to access SQL Server from the console application using the WCF service, I get an error:
Exception In Account Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
My scenario is: my WCF service and SQL Server are on one system (System A) and my console application (my client) is on another system (System B).
When my client from System B sends a request, it hits my service successfully, but when the service tries to access SQL Server
WCF service(Windows Authenticated and Impersonation)
Sql server(Windows Authentication)
Console Application(Client)
This scenario requires Kerberos constrained delegation. You cannot do this, you must enlist the help of a domain administrator to set it up for you. Read and follow How to Implement Kerberos Constrained Delegation with SQL Server.
Note that impersonation and delegation will flow the credentials of the original client (the console app) to the back end database, which means that you will need to grant SQL access to the actual users of your service, not to the WCF service account.
I think your connection to WCF service has no problem but the SQL Server own security system perceives the client as a user beyond security barrier(like firewall) because the client is really from outside, not the administrator of the machine.
Why don't you apply the common idea that SQL authentification mode and asymmetric Encryption of Web.Config of WCF?
If you have to face situations that clients connect to Server from outside, Encryption(Security) is strongly recommended.
I have desktop application(WPF) on clients side and WCF service on Cloud service connecting to Cloud SQL Server.