1

I am new in Azure and have one problem which I can not solve. I tried asking on StackOverflow, but - quoting - "You will have better luck asking on ServerFault". I want several Virtual Machines to ping/telnet each other to check if they communicate but it is no use.

To complete the task I created Virtual Network, Cloud Service, an Affinity Group and Storage. Because every server in my network will have different roles, so I did not see the reason for creating Availability Sets.

So far I created two Virtual Machines within this Virtual Network. First one (VN1) has Active Directory and DNS roles (also IIS and Application Server roles) deployed on it. The other one (VN2) has only IIS role deployed. Both are within the same VN, Cloud Service etc. and have default (PowerShell and Remote Desktop) endpoints defined.

Now comes the funny part. When I try to ping VN1 from VN2 there is no problem (However I cannot telnet it) but if I try opposite - VN1 does not see VN2.

Like I said before I am new in this topic so problem may as well lay in some roles I didn't add or wrong configuration of existing ones.

I tried solutions presented e.g. here and here but they did not solve it.

Could you give me a hand in this? It is third day when I am working on this and am kind of irritated :/

Rex
  • 7,895
  • 3
  • 29
  • 45
Mike
  • 11
  • 1
  • 2
  • could you please add a schema indicating the (virtual) architecture? if you put any (virtual) middlebox, you must take care of their configuration. – Manu H Sep 11 '14 at 11:42
  • 2
    check firewall configuration. – gtirloni Sep 11 '14 at 16:19
  • 1
    Almost certain to be local firewall config as @gtirloni says. If they're part of the same VNet then this is the only thing that could be blocking the traffic. – Chris McKeown Sep 14 '14 at 21:13
  • Don't place multiple VMs in the same Cloud Service unless they are actually providing the same service. This is unrelated to your networking issue (which I, too, think depends on the local firewalls of the VMs); but it still is best practice. – Massimo Jan 10 '16 at 22:29

2 Answers2

1

I would suggest trying a few things:

  1. Identify the IP address of the DNS Server (VN1). Then, in the Azure Portal, open the details of your virtual network, go to the Configure page, and add this IP address in the DNS Servers section.
  2. Since it sounds like you have a custom domain, set your system properties on VM2 so it is a member of this domain. Restart the VM.
  3. Create an inbound rule in the Windows Firewall settings on both the VMs to allow all ICMP protocol traffic. (This may only be required on one of the VMs, so I would try on both, then experiment turning one of them off, if desired.)
  4. Some people say this last step isn't proper in Azure, but I can't seem to find a way around it, and I've seen it specified in some MSDN documentation*: Go to your network adapter settings on VM2, go to the properties of the TCP/IPv4 connection, and set the preferred DNS to the IP address from Step 1. (Also note that you may need to repeat this step every time you restart your computer. I'm still not sure how to get around this annoyance.)

*To view the MSDN documentation that explains an Azure scenario where you need to set a preferred DNS server on a virtual machine, go here and view Steps 3-8.

Community
  • 1
EJ Mak
  • 111
  • 3
  • Number one should not be done in Azure - DNS settings are applied by the VNet configuration and should not be edited manually on the VMs. (Also replied to your linked StackOverflow question.) – Chris McKeown Sep 14 '14 at 21:02
  • Thanks, Chris. Your totally right about the need to configure the VN with the DNS info. I edited my post and made that Step 1. I left the item that you are disputing, however, but made it Step 4. I also added a caveat and clarification about why I'm still including it in my advice. – EJ Mak Sep 15 '14 at 02:57
  • That article covers a rather specific use case and also one of the comments mentions the incorrect DNS configuration information. Trust me, setting the DNS servers via VNet config works. Running several hundred VMs in Azure would be a nightmare if it didn't! :-) – Chris McKeown Sep 15 '14 at 07:40
-1

I had similar problem. First you need to configure ENDPOINTS in Azure Portal for those VM's which you are trying to telnet.

For example: if you are trying to telnet myApp.cloudapp.net:5000 you need to open Public and Private EndPoint with value 5000.

Then you should confid your firewall in VM's. Create new rule for Inbound and Outbound connection with needed port. After that try to restart your VM`s and it should work.

Daniil T.
  • 149
  • 6
  • Endpoints are for *external* access; they play no role at all in how VMs talk between themselves *inside* Azure. – Massimo Jan 10 '16 at 22:27