Share via

Unable to connect to my storage account from a Virtual Machine Via private end point

Jahnavi 20 Reputation points
2024-11-27T05:02:34.1233333+00:00

I have a storage account with a SMB file share in it, the public access to the storage account is blocked, a private end point is linked to it, we have an existing private DNS zone, and a A record is created in that zone. The VNet where the PE is located has 2 subnets, one of which holds the PE, on the other subnet a test VM is created. Since both of them are in same VNET the Virtual machine should be able to communicate to the storage account, unfortunately the domain name doesnt get resolved and the name resolution fails.

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,329 questions
Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
708 questions
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
8,172 questions
Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,292 questions
Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
526 questions
0 comments
Accepted answer
  1. TP 100.9K Reputation points
    2024-11-27T05:20:09.5033333+00:00

    Hi,

    Please confirm that when creating the private endpoint you had it create an Azure private DNS zone privatelink.file.core.windows.net and this zone has virtual network link to the VNet that contains your VM. When creating the private endpoint you should've select file for target sub-resource and then on DNS tab selected Yes to Integrate with private DNS zone.

    If you do have privatelink.file.core.windows.net private DNS zone please check DNS Management -- Virtual network links blade and verify that it is linked to the VNet for your test VM.

    Please click Accept Answer and upvote if the above was helpful. Add a comment below if something is unclear and/or you need further assistance on some aspect.

    Thanks.

    -TP

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Nehruji R 8,161 Reputation points Microsoft Vendor
    2024-11-27T07:09:06.7166667+00:00

    Hello Jahnavi,

    Greetings! Welcome to Microsoft Q&A Platform.

    There might be multiple reasons why this issue can occur, you can try the troubleshooting steps mentioned below to see if that helps in resolving the issue.

    Firstly, let's check if there are any network connectivity issues here.

    • If you have already followed this tutorial here to deploy this set-up, can you please perform a NS-lookup for your storage account and check if it is resolving to the private endpoint's IP address nslookup <storage-account-name>.blob.core.windows.net the result of this command should be as shown in the step 7 here. If storage account is not resolving to the private endpoint IP address, you can follow this troubleshooting guide to resolve this issue.
    • If step mentioned above is successful, to further solidify there are no network connectivity issues here you can do PSping connectivity test for your storage account here to determine if there are no NSG/firewall rules blocking this connectivity. Sample Command psping -n 300 broderwus.blob.core.windows.net:443 if you are using SSL. If the PSping is unsuccessful you can go through the 3rd troubleshooting step here to help resolve the issue. You can also check the storage firewall configuration as mentioned here.

    Hope this information helps! please let us know if you have any further queries. I’m happy to assist you further.

    Please "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.