I have a setup in Azure with a Virtual Network that includes Azure Bastion, Azure Virtual Machine and Private Links (among others with a private DNS Zone "privatelink.azure.com") to different Azure resources. I started with Bastion and the VM what worked well. But as soon as I add the Private Links to the same VNET I get an error when trying to access the VM via Bastion:
APP.DIALOG_HEADER_CONNECTION_ERROR
What can I do to resolve that and to be able to access the VM again?
The problem is that whenever a private network link with a private DNS Zone "privatelink.azure.com" is attached to the Bastion Virtual Network, the access to the VM via Bastion fails with the exception mentioned above.
To be able to have Bastion and Private Links using a Private DNS Zone "privatelink.azure.com" in same VNET create a record in your "privatelink.azure.com" zone with
Name = management.privatelink.azure.com
Type = CNAME
Alias = arm-frontdoor-prod.trafficmanager.net
This error message can appear also without having a private link.
I had the same error and the problem was that the NSG was missing from the server. As there was no connectivity for incoming 3389 (RDP port) then the bastion could not enstablish a session. For everyone that may encounter the same issue, make sure that you allow incoming network traffic for the server on which you want to enable bastion service.
