none
Connect with IP-Adress only (Private link / public) RRS feed

  • Question

  • Is it possible to connect a Azure SQL Database with ip-adress instead of DNS FQDN (xxx.database.windows.net)?

    I have done a Prove of Concept of Private Link for SQL Database.
    In my Scenario i didn't created a private DNS Zone, hence i tought i can connect with private IP only (e.g 10.1.0.5) instead of DNS FQDN.

    But if i connect with ip with SSMS i got the error:

    TITLE: Connect to Server
    ------------------------------
    Cannot connect to 10.1.0.5.
    ------------------------------
    ADDITIONAL INFORMATION:
    A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The target principal name is incorrect.) (Microsoft SQL Server, Error: -2146893022)
    For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft%20SQL%20Server&EvtSrc=MSSQLServer&EvtID=-2146893022&LinkId=20476
    ------------------------------
    The target principal name is incorrect
    ------------------------------
    BUTTONS:
    OK
    ------------------------------

    By the way: Same error if i connect to another SQL DAtabase with public IP


    Thursday, November 7, 2019 9:23 AM

All replies

  • Hi The_Andy80,

    There is no way to connect via IP Address. The FQDN or DNS instance name is required, as it is required for some functionality to behave correctly, such as geo failover. Is there a requirement to specify an IP Address versus the FQDN or are you simply asking as it would make your POC a bit easier?

    Thank you,

    Mike

    Thursday, November 7, 2019 8:55 PM
    Moderator
  • Hi The_Andy80,

    No, Azure SQL DB doesn't give you an IP that you can connect. Even if you ping the FQDN the ip will not help you. For some reason you are having an authentication issue... How are you connecting to the azure sql db? Are you connecting using MFA authentication?

    regards!

    Friday, November 8, 2019 4:06 PM
  • HI

    in PoC we thought about it whether it is easier to use onPremise own A-Records for the private Link IPs. Hence we tried at first to connect the IP Adress and i got the mentioned error. 

    That means we have to integrate the FQDN in our onPremise Network. Have anyone already experience with the same? Is it enough to just create the private DNS Zone?

    Thanks.

    Monday, November 11, 2019 8:26 AM
  • Hi Andy, We used aliases to modify dns.. like server.your domain but internally it is calling the azuresqldb server. Hope this helps!
    Monday, November 11, 2019 11:11 AM
  • HI

    Are you talking in case of a public or private endpoint? in case of a public it will works with a cname (alias), but in case of private endpoint it is not working for us. In my point of view in case of private endpoint we have to integrate a private DNS Zone which can created if you deploy a private link, isn't it?

    IN my test i wos not able to connect the private link deployed SQL Database. For testing i have added the private link IP to my local hosts file and it was working.

    Monday, November 11, 2019 1:27 PM