Open in app

Sign in

Write

Sign in

CONNECTING AZURE APP SERVICE TO A PRIVATE NETWORK

Benjamin Isong
3 min readFeb 5, 2021
logo

Azure APP Services is a convenient way to set up your application with PaaS. It comes with a lot of features and removes the headaches of Server management or maintenance.

This illustration focuses on a connecting an App Service to a VNET and taking advantages of the resources within the VNET (Such as Private SQL, Storage and much more) in an Azure environment.

Requirements

  • Knowledge of Azure
  • Knowledge of Subnets
  • Virtual Network
  • App Service (PremiumV2 or Higher)

# The resources to be accessed by the App Service could be in the same resource group. (They may be in separate resource group and region or even subscription directory).

# For now, I have not seen where Microsoft explicitly says that App Service (Standard) cannot add a VNET to its Network but I have tried I can tell you that it most likely will not work with a Standard App Service Plan.

STAGE 1

  • Go to your resource group where resources such as VMs are located.
  • Select the Virtual Network
  • Select Subnets from the side menu
select subnets (side menu)

# For existing infrastructure, you may want to ensure you have enough address space.

  • Add new Subnet from the plus option (top of page)
add new subnet/list preview

# If the App service and the VNET are in different regions, you may want to use a Gateway subnet instead.

  • From the pop menu, fill in the NAME and SUBNET ADDRESS RANGE (preferable /27 which is 32 address could be used).
popup form preview
  • Click save at the bottom of the popup form.

# I found subnets that were assigned to other resources not so compactible when integrating with App Services. Try not to add other resources to the subnet of choice.

STAGE 2

  • Go to your App Service, Under Settings select Networking
preview
  • Select the “Click here to Configure” under VNet Integration
preview
  • Click on Add VNET,
pending integration with VNET
  • Select the subscription for the Virtual Network, then select the Network. This will show the list of subnets available under the Virtual Network. Select the subnet that was just created.
select the subnet preview

# The App Service (PremiumV2) takes only one VNet Integration at a time. If you want to connect to other VNET, you will have to do more configurations on the Virtual Network.

COMMON ERRORS

  • This Virtual Network has no Gateway — You might see this error if something goes wrong. It seems to be the common feedback when ever something is not right. Do a refresh of the page and try again. If it does not work, lets talk about it.

CONCLUSION

The success of this configuration allows your App Service to connect with virtual machines or other resources with their private IP which improves the security of your application.

There is a lot that can be done to increase the security of your application and this is one of the ways to achieve such using Azure app services VNET Integration.

I will be exposing more tips and trick every month

Thanks.

Azure
Security
Azure App Service
Azure Virtual Network
DevOps

--

--

Benjamin Isong

Written by Benjamin Isong

0 Followers

Software Engineer | Cloud Infrastructure Engineer | Database Architect | The one who likes video games and his community.

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams