1

enter image description hereI have created an Azure Storage account with a private link and disabled public access. I was able to connect to the storage account from a VM (on Azure) that didn't have public address.

I tried to setup the Virtual Network Gateway and configure P2S vpn. Did the VPN installation on my system and connected the VPN. Then I tried connecting to the blob storage after connecting to VPN (thinking that I am in the same VNET as the storage private link) but I couldn't. I was greeted with the above screen.

Am I missing something? Is it possible to connect to private storage blob from local bench via VPN?

Improve this question
2
  • If you run nslookup stplazdoceastus.blob.core.windows.net in command prompt what does it return? In order for this to work, it needs to return the private endpoint's IP address. I'm suspecting it'll return the public address for you currently. Commented Jul 22, 2024 at 15:38
  • nslookup is currently returning the public IP. Let me try adding private Ip to the host file. I messed up something with the VPN gateway, fixing that first. Will post an update after adding private IP in the host file. Commented Jul 23, 2024 at 7:35

1 Answer 1

Reset to default
2

Access a storage account with private link (public access disabled) on local machine with P2S VPN setup

If you are unable to access the storage account via VPN there might be issue with DNS.

To resolve the issue, you can add a host entry on your local machine with the Private Endpoint IP and the Storage Endpoint.

10.0.0.5    venkatstoragetest1.blob.core.windows.net

To connect to a storage account via VPN while disabling public access, follow these steps to configure the VPN gateway.

I have configured storage account with Private endpoint.

enter image description here

Storage account Private Endpoint.

enter image description here

Private Endpoint Configuration

enter image description here

Private DNS Configuration

enter image description here

Private DNS Record Set

enter image description here

Vnet DNS Server Configuration

enter image description here

Storage account test result

enter image description here

After adding the host entry in the hosts file, it is resolving the Private Endpoint IP.

enter image description here

Test result

enter image description here

After configuring all the settings, I am able to access the storage account via VPN from local device.

enter image description here

Reference: Configure server settings for P2S VPN Gateway certificate authentication

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.