Ping a Specific Port

Question

Eric Falsken

Asked: 2011-04-29 10:33:56 +0800 CST2011-04-29 10:33:56 +0800 CST 2011-04-29 10:33:56 +0800 CST

Please clarify about Azure Connect for AD-integration?

772

Windows Azure now offers Virtual Machine hosting similar to IaaS solutions. One of the associated services is something called Azure Connect so that your VM can access on-premise resources (in your own office). What is unclear to me is that AC does not appear to be a complete VPN connection, but you can install the AC connector onto each local resource you wish your hosted VM to have access to. That doesn't sound so fun because to access our SQL server it seems like I'd need to install it on my SQL server AND on my AD-controller. There's no way our admin guys will like that.

Is setting up a more traditional IPSEC VPN a better option for full network integration?

2 Answers

Voted

David Makogon · Answer 1 · 2012-03-02T06:56:30+08:00

Today, Azure Connect is the solution, and it's as you describe: Install the agent on each machine to be added to your virtual network. Keep this in mind, as you discuss this with your admins:

It's a secure VPN connection between on-prem machine and your Azure instances
You can limit your connect group to a specific Role or Roles. So, let's say you have Web Role instances handling web traffic, and Worker Role instances handling business logic and database access. You can set up a Connect Group with your SQL Server box plus just the Worker Role. In that case, your Web Role instances would have zero visibility to the SQL Server box (this is a good detail to have, when discussing this with your IT admins).
You manage the Connect Group. In other words, even if you took the agent and posted it on a public ftp download for the world to install, none of those computers would be able to attach to your Connect Group - you must manage the group, adding/removing machines explicitly. For that, you must have access to your subscription as admin / co-admin.

One more thing to keep in mind: Azure Connect, while connecting over IPv4, creates an IPv6 tunnel. SQL Server and AD should both work fine with IPv6 (I've had no issues with connecting with an on-premises SQL Server box).

Paul Allen · Answer 2 · 2012-12-12T12:52:07+08:00

Paul Allen

2012-12-12T12:52:07+08:002012-12-12T12:52:07+08:00

Azure now supports site to site IPSEC tunnels to your on premises hosts if you are using a supported Cisco or Juniper firewall/vpn device.

http://www.windowsazure.com/en-us/manage/services/networking/cross-premises-connectivity/

0

Please clarify about Azure Connect for AD-integration?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?