Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>It is common for enterprise IT to block outbound ports because some argue this provides better security. I don't think this necessarily makes sense, but here's what you can do to verify. As a best practice, always connect to Windows Azure VMs using DNS names rather than IP addresses because the addresses are subject to change, while DNS names will not.</p> <p>1 Confirm the port you're trying to connect to. By default, Windows Azure assigns a port in the dynamic range (49152–65535) for Remote Desktop, which is mapped internally to the usual RDP port 3389. You can see which one this is by checking your VM endpoint public port in the Windows Azure portal (Select Virtual Machines > Your VM > Endpoints tab > RemoteDesktop entry). You need to connect using this port after the name (using the Connect button in the portal gives you an RDP shortcut file that does this for you). If my public port is 62472, I put this in the Remote Desktop Connection computer field:</p> <blockquote> <p>percepten-VM1.cloudapp.net:62472</p> </blockquote> <p>If you like, you can edit the public port here in the portal using the "Edit the endpoint" option on the RemoteDesktop entry. That way you can make it 3389 if your IT department asks you for a single port number to allow outbound.</p> <p>2 Test your DNS resolution to your VM using nslookup or ping. If you get "non-existent domain", then your corporate DNS is blocking Windows Azure resolution. This is what you want to see:</p> <pre><code>&gt;nslookup percepten-vm1.cloudapp.net Non-authoritative answer: Name: percepten-vm1.cloudapp.net Address: 157.56.182.135 </code></pre> <p>3 If you can resolve DNS, then try using an outbound port scan tool to verify port 3389 is allowed out. I found a nice one at portquiz.positon.org. To use, open the site with a port appended in the URL. In this case, open "<a href="http://portquiz.positon.org:3389" rel="nofollow">http://portquiz.positon.org:3389</a>". You should see this on the page:</p> <blockquote> <p>Outgoing port tester</p> <p>This server listens on all TCP ports, allowing you to test any outbound TCP port. You have reached this page on port 3389.</p> <p>...</p> </blockquote> <p>4 If you receive "page not available", then the port is blocked. Try contacting IT to ask them to open port 3389 (or the entire dynamic range if you're feeling ambitious). If they want to open it only to specific places on the Internet, provide them this list of all Windows Azure IP address ranges:</p> <p><a href="http://www.microsoft.com/en-us/download/details.aspx?id=29840" rel="nofollow">Windows Azure Datacenter IP Address Ranges</a></p> <hr> <p>Hope that helps! </p> <p>Noah Stahl</p> <p>Percepten</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload