question

bbqninja avatar image
0 Votes"
bbqninja asked JakubSkibicki-8583 commented

Connect to Azure SQL via IP -- private endpoint

We have an Azure SQL database with no public access and a private endpoint. In our small data movement network we use azure dns, and thus pick up the IP via the private zone created.

However, we have another subnet which does not use azure DNS, and the owners of this network do not want to add in the dns records for the private endpoint.

I understand that Azure SQL is behind a load balancer, hence it needs to know what actual "server" you are connecting to.

Is there a way (in SSMS or otherwise) to connect via IP but also pass along the "name" it wants to connect to? Kind of like a host header in http?

The only alternative is a hosts file, which really is not a great solution.

Thanks

azure-sql-database
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

OuryBa-MSFT avatar image
0 Votes"
OuryBa-MSFT answered JakubSkibicki-8583 commented

Hi @bbqninja Thank you for posting your question on Microsoft Q&A.
1. create a private link by following the steps in this documentation
2. create a private endpoint by following this doc
3. Here you can go ahead create a private DNS zone for the endpoint or you can only go with Ip and create.

After that open SSMS and give Server Name as IP and in username give adminusername followed by servername with @.
Find the screenshot below.
107213-image.png

Also check the Trust server certificate checkbox in connection properties.

Please let me know if the answer helped.
Regards,
Oury



image.png (125.9 KiB)
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @bbqninja Just checking if you had the chance to follow instructions i shared above. Please let me know if you have additional query.
Best Regards,
Oury

1 Vote 1 ·

Hi @bbqninja Were you able to try the above workaround?
Please let us know if more assistance is needed.

Regards,
Oury

1 Vote 1 ·

OMG, This works.

@OuryBa-MSFT would you mind putting this into official docs.

This is quite useful with a setup of P2S VPN since we do not need to modify the Host file to connect to private endpoint.

Do you have any similar trick to connect with AAD MFA in Management Studio?

0 Votes 0 ·