My webapplication hosted on windows azure, needs to communicate with TFS Server. When any one login to my web app using live id, I want the logged in user to use my Team foundation server(TFS) credentials -username,password and domain to programatically authenticate and connect to our TFS server and create some work items.
I configured my azure connect for the communication to happen between azure WebRole and TFS server (our TFS is non-azure ).I added both the WebRole and the TFS Server into single Connection Group
In my azureportal ,I can see mywebrole and my TFSServer as connected the machine endpoint is active, and that it refreshes since the last connected updates
.But when I try to run my web application from azure and when it tries to communicate with our TFS server ,its throwing error message saying Error message : Team Foundation services are not available from server eg.,http://xyz-abcxyx-01:8080/tfs/eas/. Technical information (for administrator): The remote name could not be resolved: 'xyz-abcxyx-01'
Any suggestions to resolve this issue ?
You should enable remote desktop on your WebRole and connect to one of your instances. Then, try to ping the IP of your TFS server (not the hostname xyz-abcxyx-01). Maybe this is simply a DNS issue (even though using hostnames works with Windows Azure Connect).
If pinging the IP works, but pinging the hostname doesn't work you have a few options left:
Use the IP instead of the hostname. This won't work if you configured your TFS to use host headers.
Create an elevated startup task to modify the hosts file and map the IP to the hostname. In your code you can keep working with the hostname.
Try to modify the DNS server configured in your WebRole to use the default DNS server + your internal DNS server. But to me this doesn't look like a clean solution.
Anyways, in each solution you'll want to store the IP/hostname in the ServiceConfiguration and make sure your code supports changes to the ServiceConfiguration. This will allow you to change the IP/hostname without having to redeploy.
You should check if TFS server is listening on all network interfaces, include the one created by Azure Connect (start with 2a01). Next try to connect to TFS from a machine on the local LAN, just to make sure it is configured correctly. You don't need to use IP for referring to TFS, DNS name is definitely supported out of box.
Related
My app is running locally without any issue but when I try to run it from Azure console I have the following error :
An error occurred while starting the application.
SqlException: Cannot open server 'Server-name' requested by the login. Client with IP address 'w.x.y.z' is not allowed to access the server. To enable access, use the Windows Azure Management Portal or run sp_set_firewall_rule on the master database to create a firewall rule for this IP address or address range. It may take up to five minutes for this change to take effect.
Microsoft.Data.ProviderBase.DbConnectionPool.CheckPoolBlockingPeriod(Exception e)
SqlException: Cannot open server 'server-name' requested by the login. Client with IP address 'ip' is not allowed to access the server. To enable access, use the Windows Azure Management Portal or run sp_set_firewall_rule
I have added IP in firewall setting on azure portal still the issue is happening
This error was caused because your IP was not added in the SQL server tab(azure portal). So you must add the IP address of your SQL Server on Azure portal
You have to update the settings of the "Firewalls and virtual networks" of your SQL Server.
Browse to your SQL Server, add the IP address and allow other azure services and resources to access the server. Refresh and wait at least 5 minutes before trying again.
I also had my ubuntu server firewall blocking my request once, so be sure your webserver is not responsible.
Have you tried enabling this setting?
I started coding an ASP.NET webapp (with Visual Studio 2015). I'm having problems with the connection to my Azure SQL database. I can connect to the database via MSSM Studio.
When I publish my app on the Azure webservice the app works fine. When I run my code locally I keep getting the following error:
SqlException: Cannot open server 'database' requested by the login. Client with IP address 'XX.XX.XX.XX' is not allowed to access the server. To enable access, use the Windows Azure Management Portal or run sp_set_firewall_rule on the master database to create a firewall rule for this IP address or address range. It may take up to five minutes for this change to take effect.
Altough the firewall of the database service is set (I've even tried with range 0.0.0.0 too 255.255.255.255). On my computer port 1433 is allowed.
Any help is deeply appreciated.
The problem was solved by editing the username of the database connectionstring.
my_username#my_app.database.windows.net -> only worked published on Azure (not via localhost)
my_username#database.windows.com -> works published on Azure and with my localhost
My webapplication hosted on windows azure needs to communicate with TFS Server.
my webroles connect to TFS using a uri similar to (http://ed12-ektfsp-01:8080/tfs/eeol/ )
While on azure I found that my webrole failed to communicate with tfs server.
Do I need to enable "azure connect" for for my azure webrole to
communicate with tfs ?
Do I need to remote into my tfs server and
install azure connect into my TFS server for the azure connect to
get enabled ?
Why azure cannot communicate using
"http://ed12-ektfsp-01:8080/tfs/eeol/ " ?
Your web application does not know the server ed12-ektfsp-01 (I'm assuming this is a server in your datacenter/in your internal network). But there are a few options to allow your web application to connect to this server even if it isn't hosted in Windows Azure:
Configure your firewall to allow traffic from the internet to reach the server ed12-ektfsp-01. This is probably something you do not want to do, unless the server is already available (maybe for developers working at home). Then instead of using the machine name, use the public domain instead (like tfs.mycompany.com) if it's available.
Like you already mentioned, use Windows Azure Connect. This allows you to create a secure tunnel between your roles and your datacenter/internal network. You'll be able to connect to ed12-ektfsp-01 even if it's not exposed to the internet through your firewall. In order for this to work you'll need to install the agent on each server you want to connect to your role, this includes your TFS server.
You can connect your role to a Virtual Network. Then you can use a VPN device on-premises to create a site-to-site VPN connection to this Virtual Network. See the tutorial here: Create a Virtual Network for Cross-Premises Connectivity
You can use Service Bus Relay. This allows you to create a WCF service that calls TFS and host that service within your datacenter/network, but publish it to the cloud. Your web application will be able to consume the WCF service as if it were hosted in Windows Azure.
Please take a look at my answer to this question.
As for your specific questions:
Do I need to enable "azure connect" for for my azure webrole to
communicate with tfs ?
YES.
Do I need to remote into my tfs server and install azure connect into
my TFS server for the azure connect to get enabled ?
YES. And add both the WebRole and the TFS Server into single Connection Group.
Why azure cannot communicate using
"http://ed12-ektfsp-01:8080/tfs/eeol/ " ?
Because the address given is known only within your corporate network, and only resolved by the Company's DNS server. Noone outside can access this address.
I am trying to remotely access a web application hosted on the office LAN.
I have setup LogMeIN Hamachi and I can connect to an office machine and see shared resources (folders and printers) on that machine.
I selected a Hub-and-spoke network and made the machine with the web app the hub.
While in the office I type http://192.168.1.6:8080/mituz_oc in my browser to get access to the web app.
However, when I try to do the same remotely I get the message "Firefox can't establish a connection to the server at 192.168.1.6:8080."
So I see that the IP address to the computer I have VPN-ed to is 5.14.212.196 and so I try to gain access to the web app by replacing the office LAN's IP with the Hamachi IP (I can only post one hyperlink hence the verbose alternative )
I get the same error message as before, only this time with the HAMACHI IP address.
I can access all the shared resources but can not access the web app.
Is it possible to do what am attempting - remotely access a web application on office server?
If so what am I doing wrong / not doing ?
TIA.
Clemens
1) Check if your Windows Personal Firewall setting blocks connections from Hamachi's 5.x.x.x IP address ranges.
2) Check if your Web Server listens on 5.x.x.x. You can find it out by this command:
netstat -na
Look for local address of "0.0.0.0:8080" which is in the state of "LISTENING".
3) Replace Hamachi with different VPN provider, like www.remobo.com
(Disclosure: I work for the Remobo team)
I have a weird case here at work.
The customer(telecommunication firm) has a server which we publish asp.net web service codes which we designed for them. We use that server and web service to get data from the customers own web service and give out for client(telephone) to use it.
The customer does not allow us to code on the remote server, so we have to work on local computer.
The customer has 2 IPs for its own web services. One of them can be reached only from the remote server, this is an internal IP. Second IP is public which I can reach from my local computer. They address the same methods. For security reasons, they divided IPs.
Everything is fine while developing on local. But when I need to publish web service to the server, I need to change web service URLs to remote servers internal IP. But the local Visual Studio web reference doesn't change web service URLs because it can't reach to service as it is only permitted to reach from the server. So I cannot get a build and publish my code.
Somehow I need to change my visual studio reference URLs to internal IP(so far nobody can reach from local), in order
Hope I am clear.
Thanks
It can be changed from the web.config of your local project.