![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 15%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Azure Data Lake Storage
An Azure service that provides an enterprise-wide hyper-scale repository for big data analytic workloads and is integrated with Azure Blob Storage.
1,409 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 64%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENR%3C/text%3E%3C/svg%3E)
Hello Sriram M,
Greetings! Welcome to Microsoft Q&A Platform.
I understand that you would like to establish a successful connection using Fivetran's public IP with the storage account via a private endpoint and to resolve the error - "Websicket connection blocked - A blocked connection can be caused by Adblocker browser extensions, Antivirus/Firewall software, Proxy/VPN connections or local processing agent not active."
Ensure that you’ve whitelisted Fivetran’s IP range (CIDR) in the storage account firewall settings. This allows Fivetran to access your ADLS Gen2 account. If you have a firewall enabled and your Fivetran instance is configured to run in the same region as your Azure Storage Account, consider configuring virtual network rules. Add Fivetran’s internal virtual network subnets to the list of allowed virtual networks.
A private endpoint is a special network interface for an Azure service in your Virtual Network (VNet). When you create a private endpoint for your storage account, it provides secure connectivity between clients on your VNet and your storage. The private endpoint is assigned an IP address from the IP address range of your VNet. The connection between the private endpoint and the storage service uses a secure private link.
Refer this following article which have detailed guidance and steps to create the Private endpoint.
But when you enable Private endpoint, the storage doesn't allow public access at all. And hence it fails, when accessing the Storage container using Azure Portal from the virtual machine via a browser because this connection is Public and private endpoint expects the client to connect to the Private IP address.
Private endpoint is mainly a connection from a private IP address to a private IP address and the traffic is not public at all.
By enabling a private endpoint, you're bringing the service into your virtual network.
Client (subnet with private endpoint) ---> uses private IP address ------> to access the FQDN of the SQL server or any other Azure service which should resolve to the private endpoint IP address.
Refer: https://video2.skills-academy.com/en-us/azure/private-link/private-endpoint-overview
https://github.com/MicrosoftDocs/azure-docs/issues/77513
Hope this answer helps! Please let us know if you have any further queries. I’m happy to assist you further.
Please "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.