快速入門:設定從內部部署連線至 Azure SQL Database 受控執行個體的點對站連線Quickstart: Configure a point-to-site connection to an Azure SQL Database Managed Instance from on-premises

此快速入門示範如何使用 SQL Server Management Studio (SSMS),利用點對站連線從內部部署用戶端電腦連線到 Azure SQL Database 受控執行個體。This quickstart demonstrates how to connect to an Azure SQL Database Managed Instance using SQL Server Management Studio (SSMS) from an on-premises client computer over a point-to-site connection. 如需點對站連線的詳細資訊,請參閱關於點對站 VPNFor information about point-to-site connections, see About Point-to-Site VPN

先決條件Prerequisites

此快速入門:This quickstart:

將 VPN 閘道連結到您的受控執行個體虛擬網路Attach a VPN gateway to your Managed Instance virtual network

  1. 在您的內部部署用戶端電腦上開啟 PowerShell。Open PowerShell on your on-premises client computer.

  2. 複製此 PowerShell 指令碼。Copy this PowerShell script. 此指令碼會將 VPN 閘道連結到您在建立受控執行個體快速入門中所建立的受控執行個體虛擬網路。This script attaches a VPN Gateway to the Managed Instance virtual network that you created in the Create a Managed Instance quickstart. 此腳本會使用 Azure PowerShell Az 模組, 並針對 Windows 或 Linux 主機執行下列動作:This script uses the Azure PowerShell Az Module and will do the following for either Windows or Linux based hosts:

    • 在用戶端電腦上建立並安裝憑證Creates and install certificates on client machine

    • 計算未來的 VPN 閘道子網路 IP 範圍Calculates the future VPN Gateway subnet IP range

    • 建立 GatewaySubnetCreates the GatewaySubnet

    • 部署 Azure Resource Manager 範本,該範本會將 VPN 閘道連結到 VPN 子網路Deploys the Azure Resource Manager template that attaches the VPN Gateway to VPN subnet

      $scriptUrlBase = 'https://raw.githubusercontent.com/Microsoft/sql-server-samples/master/samples/manage/azure-sql-db-managed-instance/attach-vpn-gateway'
      
      $parameters = @{
        subscriptionId = '<subscriptionId>'
        resourceGroupName = '<resourceGroupName>'
        virtualNetworkName = '<virtualNetworkName>'
        certificateNamePrefix  = '<certificateNamePrefix>'
        }
      
      Invoke-Command -ScriptBlock ([Scriptblock]::Create((iwr ($scriptUrlBase+'/attachVPNGateway.ps1?t='+ [DateTime]::Now.Ticks)).Content)) -ArgumentList $parameters, $scriptUrlBase
      
  3. 在 PowerShell 視窗中貼上指令碼,並提供必要的參數。Paste the script in your PowerShell window and provide the required parameters. <subscriptionId><resourceGroup><virtualNetworkName> 的值應符合在建立受控執行個體快速入門中所用的值。The values for <subscriptionId>, <resourceGroup>, and <virtualNetworkName> should match the ones that you used for the Create Managed Instance quickstart. <certificateNamePrefix> 的值可以是您自己選擇的字串。The value for <certificateNamePrefix> can be a string of your choice.

  4. 執行 PowerShell 指令碼。Execute the PowerShell script.

重要

在 PowerShell 腳本完成之前, 請勿繼續。Do not continue until the PowerShell script completes.

建立受控執行個體的 VPN 連線Create a VPN connection to your Managed Instance

  1. 登入 Azure 入口網站Sign in to the Azure portal.

  2. 開啟您在虛擬網路閘道中所建立的資源群組,然後開啟虛擬網路閘道資源。Open the resource group in which you created the virtual network gateway, and then open the virtual network gateway resource.

  3. 選取 [點對站設定],然後選取 [下載 VPN 用戶端]。Select Point-to-site configuration and then select Download VPN client.

    下載 VPN 用戶端

  4. 在您的內部部署用戶端電腦上, 從 zip 檔案解壓縮檔案, 然後使用解壓縮的檔案開啟資料夾。On your on-premises client computer, extract the files from the zip file and then open the folder with the extracted files.

  5. 開啟 [WindowsAmd64 ] 資料夾, 然後開啟VpnClientSetupAmd64檔案。Open the `WindowsAmd64 folder and open the VpnClientSetupAmd64.exe file.

  6. 如果您收到 [Windows 已保護您的電腦] 訊息,請按一下 [其他資訊],然後按一下 [仍要執行]。If you receive a Windows protected your PC message, click More info and then click Run anyway.

    安裝 VPN 用戶端\

  7. 在 [使用者帳戶控制] 對話方塊中, 按一下 [是] 繼續進行。In the User Account Control dialog box, click Yes to continue.

  8. 在參照虛擬網路的對話方塊中, 選取 [是] 以安裝虛擬網路的 VPN 用戶端。In the dialog box referencing your virtual network, select Yes to install the VPN Client for your virtual network.

連線到 VPN 連線Connect to the VPN connection

  1. 移至內部部署用戶端電腦上網路 & 網際網路中的VPN , 然後選取您的受控執行個體虛擬網路, 以建立與此 VNet 的連線。Go to VPN in Network & Internet on your on-premises client computer and select your Managed Instance virtual network to establish a connection to this VNet. 在下圖中,VNet 的名稱為 MyNewVNetIn the following image, the VNet is named MyNewVNet.

    VPN 連線

  2. 選取 [ 連接]。Select Connect.

  3. 在對話方塊中,選取 [連線]。In the dialog box, select Connect.

    VPN 連線

  4. 出現連線管理員需要提高的權限以更新路由表的提示時,請選擇 [繼續]。When prompted that Connection Manager needs elevated privilege to update your route table, choose Continue.

  5. 在 [使用者帳戶控制] 對話方塊中,按選取 [是] 以繼續。Select Yes in the User Account Control dialog box to continue.

    您已建立對受控執行個體 VNet 的 VPN 連線。You've established a VPN connection to your Managed Instance VNet.

    VPN 連線

使用 SSMS 連線到受控執行個體Use SSMS to connect to the Managed Instance

  1. 在內部部署用戶端電腦上,開啟 SQL Server Management Studio (SSMS)。On the on-premises client computer, open SQL Server Management Studio (SSMS).

  2. 在 [連接到伺服器] 對話方塊方塊中,於 [伺服器名稱] 方塊中輸入受控執行個體的完整 [主機名稱]。In the Connect to Server dialog box, enter the fully qualified host name for your Managed Instance in the Server name box.

  3. 選取 [SQL Server 驗證],提供您的使用者名稱和密碼,然後選取 [連線]。Select SQL Server Authentication, provide your username and password, and then select Connect.

    SSMS 連線

連線之後,您可以檢視 [資料庫] 節點中的系統和使用者資料庫。After you connect, you can view your system and user databases in the Databases node. 您也可以檢視 [安全性]、[伺服器物件]、[複寫]、[管理]、[SQL Server 代理程式] 和 [XEvent Profiler] 節點中的各種物件。You can also view various objects in the Security, Server Objects, Replication, Management, SQL Server Agent, and XEvent Profiler nodes.

後續步驟Next steps