I have a private subnet in VNet 1 with Network Security Group only allowing inbound traffic from a specific private IP CIDR. This subnet hosts Azure Database for PostgreSQL with a server name.
I also have a public subnet in a different VNet (VNet2) that hosts a standard VM.
I have done VNet peering to connect the two and they don't overlap the address spaces. I have also whitelisted the Private IP of the VM (in VNet2) in the NSG of Private subnet in VNet 1 but I cannot ping the PostgreSQL DB from my VM. It says:
ping: mydb-dev.postgres.database.azure.com: Name or service not known
Both VNets are in same subscription and same region
Things to be notice.
You can't ping directly with server name ping mydb-dev.postgres.database.azure.com
. Because this domain/server name is not registered in any public or private DNS Zone . If you want to ping with Server name your domain should be registered in DNS record.
Another more imortant things is you need to open port default PostgreSQL port is 5432
at both the Vnet for inbound and outbound level.
you are able to ping when your deploying both the resource in one VNEt.So By default, there is no security boundary between subnets for a VNet, so VMs in each of these subnets can talk to one another.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.