Host machine cannot connect to Internet after deployment & Registration fails RRS feed

  • Question

  • ADFS went well...But I have same issue with Internet. THe host machine cannot connect to Internet.I am also failing at Registering Azure stack.

    #Register Azure Stack
    $AzureContext = Get-AzureRmContext
    $CloudAdminCred = Get-Credential -UserName AZURESTACK\CloudAdmin -Message "Enter the credentials to access the privileged endpoint."
    Set-AzsRegistration `
       -PrivilegedEndpointCredential $CloudAdminCred `
       -PrivilegedEndpoint AzS-ERCS01 `
       -BillingModel Development

    The provided Azure Environment is not supported for registration:
    At C:\AzureStack-Tools-master\Registration\RegisterWithAzure.psm1:1798 char:5
    +     throw $Message
    +     ~~~~~~~~~~~~~~
        + CategoryInfo          : OperationStopped: (The provided Az... registration: :String) [], RuntimeException
        + FullyQualifiedErrorId : The provided Azure Environment is not supported for registration:

    Also AzReadiness Checker gives me the following error. I have met all the pre-requisites before running the checker

    Output path C:\Users\K~1\AppData\Local\Temp\AzsReadinessChecker already exists, continuing.
    AzsReadinessChecker v1.1807.628.2 started. This log file may contain PII.
    Starting Azure Registration Validation
    Checking Account(s) can logon: OK
    Checking Registration Requirements: Fail
    Error Details for registration account user@xxxxx.com:
    Get-AzureSubscriptionDetail threw an error: System.Net.WebException: The remote server returned an error: (404) Not Found.
       at Microsoft.PowerShell.Commands.WebRequestPSCmdlet.GetResponse(WebRequest request)
       at Microsoft.PowerShell.Commands.WebRequestPSCmdlet.ProcessRecord()
    Finished Azure Registration Validation
    AzsReadinessChecker Log location (contains PII): C:\Users\K~1\AppData\Local\Temp\AzsReadinessChecker\AzsReadinessChecker.log
    AzsReadinessChecker Report location (contains PII): C:\Users\K~1\AppData\Local\Temp\AzsReadinessChecker\AzsReadinessCheckerReport.json
    AzsReadinessChecker Completed

    Thursday, July 12, 2018 7:48 PM

All replies

  • To validate the Host IP and IP assigned to AzS-BGPNAT01 run the follow PowerShell and compare the Output.


    Step 1: Validate IP subnet & default gateway on HOST & BGPNAT

    ipconfig /all

    Invoke-command -computer AzS-BGPNAT01 -Scriptblock {ipconfig /all}


    NOTE: The IP Addresses should both be on the same subnet and use the same default gateway


    If the IP's are on the same subnet & default gateway, move on to step 3.


    If not, you'll need to update the IP config on BGPNAT step 2

    In the example below, I'm setting the BGPNAT IP =

    Default gateway=

    DNS= &


    Step 2: Update IP settings on AzS-BGPNAT01

    New-PSSession -ComputerName AzS-BGPNAT01 -Credential $Credential

    Enter-PSSession – ComputerName AzS-BGPNAT01

    $wmi = Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'true'"

    $wmi.EnableStatic("", "")

    $wmi.SetGateways("", 1)

    $DNS ="",""



    The validate the NETNAT External IP, run the following commands and compare the IP addresses in the output.


    Step 3: Validate BGPNAT & NETNAT External IP

    Invoke-command -computer AzS-BGPNAT01 -Scriptblock {ipconfig}

    Invoke-command -computer AzS-BGPNAT01 -Scriptblock {Get-NetNatExternalAddress}


    The IP addresses listed in the output should match. If they are different, you'll need to update the NAT configuration.  Steps 4 & 5


    To remove the incorrect NAT IP address from AzS-BGPNAT01 run the following command:

    Step 4 : Remove the incorrect NETNAT External IP

    Invoke-command -computer AzS-BGPNAT01 -Scriptblock {Remove-NetNatExternalAddress -IPAddress}


    To assign the new NAT IP address to AzS -BGPNAT01 run the following command:

    Step 5:  Assign new NETNAT External IP

    Invoke-command -computer AzS-BGPNAT01 -Scriptblock {Add-NetNatExternalAddress -IPAddress -PortStart 5000 -PortEnd 49151}


    NOTE: In this example, the IP was and needs to be updated to


    If the forwarders were not setup for some reason, you can run the script below to add Forwarders to the DNS server AzS-DC01.



    #Add DNS Forwarder to AzS-DC01

    Add-DnsServerForwarder -IPAddress -PassThru



    At this point, you should be able to ping port 443 on Login.windows.net from the Host and Azs-DC01.


    tnc login.windows.net -port 443


    If the above does not help, if feasible you restart the AzS-BGPNAT01 and ASDK host machine and then let us know how it goes.

    Saturday, August 18, 2018 10:48 AM