0

Problem:

We have a .NET Core Web API that we have just deployed as an Azure Web App. Testing locally everything works fine, however we are unable to connect to our DB from the deployed API in Azure.

From Application Insights I can see we are getting the following error:

Microsoft.Data.SqlClient.SqlException (0x80131904): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible.

Our setup:

We have our connection string included in appsettings.json

"ConnectionStrings": {
    "DefaultConnection": "Data Source=<source>.com,<port>;Initial Catalog=<db>;User ID=<username>;Password=<password>;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=True;Connection Timeout=30;"
},

We know our API is using this connections string because we can see in Application Insights that there is a timeout connecting to the db specified in that exact connection string.

We do not have access to DB configuration as we have read only access granted to us from a third party. We can connect via SSMS/Azure Data Studio and when testing our Web API locally (which makes us think the connection string is correct).

Other Posts we have Referenced:

  • Connection String in Azure Web App Configuration - I have tried including and not including our connection string from the Azure App Service Configuration - neither changed that we got a timeout and subsequent 500 error.
  • Include Connection String in appsettings.json - We have our connection string included in appsettings.json and testing locally, we can connect to the db without issue.
  • Improperly Formatted Connection String - The connection string works when testing locally, so we do not believe it to be an issue with the formatting of the connection string. Additionally, because Application Insights says that there is a timeout connecting to the DB specified in the connection string, it appears to be using the connection string we are providing.

Any ideas as to what might be going on here and how we can connect to the DB would be greatly appreciated.

BryceBy
  • 208
  • 5
  • 16
  • What is the geographical distance from the DB server to your web-application's server? It's a bad idea to connect to remote DB servers over the Internet, especially if there's more than ~5ms ping time between them because database connection protocols are very chatty and they'll bog-down your application significantly. – Dai Feb 08 '22 at 00:11
  • @Dai both in eastus. Regardless, distance would not result in a timeout > 30sec – BryceBy Feb 08 '22 at 00:15
  • 1
    Right, sorry - I didn't mean to imply ping times were the reason, I was just giving general advice. Anyway, the problem is almost certainly the Azure SQL Server Firewall rules. You cannot do anything until the owner of the Azure SQL database grants you permission from their end in their Azure SQL Server firewall page. – Dai Feb 08 '22 at 00:18
  • 1
    @Dai. That would certainly make sense. We might have to reach out to that third party in this case. Thank you! – BryceBy Feb 08 '22 at 00:25
  • Have you checked if this is a IP whitelisting issue? Locally I'm assuming your network is whitelisted which is why you can access it. But not sure if you have deployed to a app within a VNET or not? – Anupam Chand Feb 08 '22 at 02:30
  • @AnupamChand, I believe that is the case here, thanks. Our network is whitelisted and the app service ip is not. – BryceBy Feb 08 '22 at 13:19

1 Answers1

0

In this case, we needed to request that the third party whitelist our Azure Web Apps Outbound IP's.

Your Azure Web App Outbound IP's can be located in a number of ways.

Via Azure Portal

Web Apps > Your Web App > Under "Settings" go to Networking > Outbound Addresses

Via Azure CLI

az webapp show -n yourwebappname -g yourresoucegroup --query "outboundIpAddresses"
BryceBy
  • 208
  • 5
  • 16