Azure DB, ROUTE ADD, and VPNs

One of the things that I have to content with every now and then with Azure SQL is accessing our Azure SQL databases through the corporate VPN. Our servers are set up to only allow access from within the company office. We have a VPN set up to let me get into the company office servers. There are several routes set up for existing entities, but every now and then an Azure IP address changes or we start using a new server for which a route isn’t already configured.  Until that route is added to our VPN configuration, I found that using the old ROUTE ADD functionality has served to get me working while waiting.

From within an Admin Command Prompt (ROUTE ADD requires admin rights):

  • Run ROUTE PRINT
    • Determine your VPN Mask, Gateway, and Interface
    • May need to get the interface (IP address) and Net Mask (mine is 255.255.255.255) from an “IPCONFIG” statement.  Look at the values for your VPN connection.
  • Run a ROUTE ADD with the appropriate parameters:
    • ROUTE ADD destination MASK net mask    gateway IP    METRIC metric  IF  interface #
      • Destination == your target IP
      • Net Mask == the net mask for the interface – probably 255.255.255.255
      • Gateway IP == whatever gateway is used for getting out through the VPN
      • Metric == cost for the destination. I’ve been using something like 3
      • Interface # == the interface number listed in the “Interface List” from ROUTE PRINT

I’ve been able to get this running without the METRIC or INTERFACE numbers and the Gateway IP being the IP address of the VPN connection.

ROUTE ADD AzureDBIPAddress MASK 255.255.255.255 VPNIPAddress

Advertisements