This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 79%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAC%3C/text%3E%3C/svg%3E)
We have Azure Function configured with VNet integration to our private network.
Also, we have Azure Container Instance with ClamAV application running in our private network.
Using my development machine that is connected to the private network I can connect to the ClamAV application.
But when Azure Function tries to connect to the same ClamAV application it fails with this error: Exception: An attempt was made to access a socket in a way forbidden by its access permissions. [::ffff:172.16.195.196]:3310;
The code looks like this:
var clamAvClient = new TcpClient();
await clamAvClient.ConnectAsync("172.16.195.196", 3310); // <-- exception thorwn here
// send the file data to the tcp client stream
The exact same code works from the dev machine but fails in Azure Function.
Azure Function has access to the private network (it successfully connects to the Blob Storage in this private network).
Azure Function can connect to the different ClamAV application located in the public network.
This error is usually seen when the IP Connection Limit is hit for your instance. You can diagnose these issues as shown in this blog from the Azure Portal itself.
Could you check and confirm if the connection limit is being hit?
Thanks for your reply, I will check this.
But I don't think that's the issue here, because when we use a public container instance everything works as expected:
await clamAvClient.ConnectAsync("<instance name>.azurecontainer.io", 3310); // <-- it works
await clamAvClient.ConnectAsync("172.16.195.196", 3310); // <-- it fails
Looks like you've created the same post on SO and the solution there seems to solve the problem. I was able to reproduce the same problem and while searching for a solution to force IPv4, I found your other thread and the solution from evilSnobu did the trick.
var clamAvClient = new TcpClient(AddressFamily.InterNetwork);
Yes, this solution solves our problem.