0

enter image description here

Im trying to Add existing virtual network on the screenshot above in Azure, but when I select the Subscription, the virtual network I want to connect to does not show up. I had a google but couldn't find much to help, can anyone help me understand why my azure vnet cannot be attached at the moment and what needs to be changed on it to allow me to add it?

Jeffrey
  • 2,095
  • 3
  • 20
  • 36

1 Answers1

4

Virtual Network Rule has some limitations, you need to make your environment does not contain any of the following:

  • You can only add virtual network which has the same geographic region with your Azure logical SQL server. For example, if my logical SQL server is in Southeast Asia but my virtual network in East US then I will not be able to see it listed when adding a rule.

enter image description here

  • Rule can only be applied with Azure Resource Manager.
  • Rules cannot be applied with S2S VPN or ExpressRoute.

Moreover, to fully utilize virtual network rule, you need to also enable Microsoft.SQL service endpoint on your subnet. Click Service endpoints > Add. Choose service and subnet you want to enable service endpoint. Currently (as of this answer) only Storage and Azure SQL are available. Note that this is not actually required to do here, when adding existing virtual network (from logical server) you are given an option to enable service endpoint.

enter image description here

EagleDev
  • 1,754
  • 2
  • 11
  • 31
  • Great response! My problem is that the SQL Sever and SQL Database are in North Europe, whilst my vNET is in West Europe. Is there a way for me to move the SQL Server and SQL Database to West Europe region? – Jeffrey Mar 02 '18 at 16:55
  • Changing location is not supported in traditional manner. You have to backup or write configuration to the new resource. This thread gives you some hints https://stackoverflow.com/questions/8049980/how-can-i-change-sql-azure-server-location – EagleDev Mar 02 '18 at 17:04
  • I have re-created my database in the same region as my vNET, and can not add the existing vNET in 'Firewalls and virtual networks'. But I am now having a problem, where a user that connects to a VPN onto the vNET cannot access the DB, do you know why this may be? – Jeffrey Mar 08 '18 at 13:49
  • Are you saying you cannot still add an existing virtual network even all resources are in the same region? Being not able to access to the DB from the allowed virtual network sounds strange. But any screen and message please share. – EagleDev Mar 08 '18 at 19:20