Allow SQL Database to join Virtual Network (VPN)
I have Cloud Service with web/worker roles connected to SQL Database (web edition).
I also have Virtual Network with point-to-site client (P2S) connection, but I cannot connect to my SQL Database (web edition) via VPN (eg using SSDM). Instead I have to use internet connection.
IP address assigned by my ISP has short lifetime and is reset daily. This means that almost every time I want to perform Admin tasks, I have to log onto Windows Azure portal to change my IP address in the SQL database firewall (defining a range of addresses is not an option).
VPN would mean I just need to set firewall address list once, and I also like the additional layer of security offered by VPN. P2S requires certificate installed on each client computer, so if passwords / desktop apps did fall into wrong hands, no one would be able to use them to connect from another computer.
Thanks for all the feedback folks. Unfortunately this is taking longer than we’d like.
We will reach back out when we are closer to a preview.
Johan Bennink commented
@Dhruv If I understand the text on your link it states it cannot be used to connect from on-premise machines through a site-tos-ite gateway to an azure sql database. It talks about connecting from Azure resources inside the vnet to the Azure sql database on it's external endpoint and then [ï'm paraphrasing in dummy speak] the network recognizes you are trying to connect to an azure resource and simple redirects to the internal machine.
But this does not expose an internal address to azure sql such as is the case with VM's so still does not allow you to have no external IP on the azure sql firewall setting and still allow access to the database from an on-premise machine using the site-to-site vpn.
For a feature that is being worked on or suggested since 2014 it's a bit silly to not actually solve the problem suggested. Or did I get it completely wrong here?
The feature is now in public preview in selected regions, thank you for all your enthusiasm and comments. More details can be found here:
Please send an email directly to: email@example.com or comment with any questions or feedback.
with ignite starting Monday and all these indications in portal of VNETs, I gotta believe this is going to be announced at Ignite.
They even renamed it to "Firewall / Virtual Networks" on production portal but there is no news or comments about public preview. Also, yesterday on preview portal I saw 'add VNET rule' under firewall settings but today it is gone.
wondering why not any comments from admin
Adam Ellis commented
Can you provide an estimation of when we are likely to see VNet support enter public preview?
Paul Reynolds commented
Hi folks, we'd like to set up a VPN to securely query our production SQL Databases from within our corporate network. Any news on when this will be generally available?
David Drager commented
Will this request be implemented in SQL Database or is the plan require the use of SQL Managed instances to attach to a VNet.
Hi guys, any news on this?
Hi. I noticed the 'add VNET rule' inside Azure SQL DB firewall settings - but greyed out (as pointed out in previous comments). Is there any further info on this/when this will be available in preview?
Matteo Iacopini commented
hi guys any chance we have a date for this feature?
Any news on this?
Davor Geci commented
Is there any progress on this?
There is an 'add VNET rule' option in the Azure SQL firewall settings, but it is greyed out currently.
this is now in preview right?
Roberto Bonini commented
Any updates on this?
Ken Channon commented
3.5 years since initial post, 1.5 years since last MSFT update, still listed as "started". Looks like MSFT isn't using feedback system anymore.
Matthew Heine commented
Very frustrating--I felt like a schmuck even suggesting going the Azure SQL route with this glaring design flaw.
Bert Wolters commented
Any update on this topic?
What's the latest on this request ?