Troubleshooting Connectivity between Azure VM and On-Premise resource

Scenario 1 - Unable to Access On-Premise Resource via VM located in Azure through Azure Site to Site Connection

When dealing with connectivity issues on Windows Azure Site to Site it is important to start by scoping the problem correctly and making sure that all the basic tests were done before moving forward to a deeper troubleshooting. Here are three key questions that you should ask even before you start collecting and analyzing data:

1) Is this VM able to ping other VMs that are located on the same subnet?
2) Are they part of the same virtual network in Azure?
3) Do I have another VM on the same virtual network able to communicate with on-premise resources?

If the answers to questions 1 and 2 are “no”, most likely the problem will be with the new VM that you just created. Probably they are not on the same virtual network or the new VM was created using the Quick Create option. When you use this option you won’t be able to choose the virtual network on which the VM belongs, therefore it won’t be able to communicate with other VMs that belong to a custom virtual network.

If the answer to the third question is “yes”, then the problem is related to the VM that you just created. Make sure that this VM has the correct configuration, belongs to the same virtual network and after doing that try to perform basic connectivity test with ping, tracert and compare the results with the VM that works.

If the answer to the third question is “no”, then the problem might be related to the Site to Site connectivity itself. Review the following articles to ensure that the connectivity between Azure and On-Premise is working correctly:

• Unable to access resources after enabling site to site connectivity with Azure
• Site to site connectivity with Azure (GA)

Scenario 2 - Error “This page can’t be displayed” when Authenticating via ADFS on Windows Azure Portal

In this scenario, the user is trying to authenticate on Windows Azure Portal using his corporate credentials. This is a new deployment and never worked. When the user tries to log on it receives the error below:

In this scenario, it is important to validate if the ADFS Server is receiving the SSL request. The following settings should be verified:

• Verify if there is a firewall in front of the ADFS Server and if there is one, make sure that it allows SSL connection coming from outside.
• If the ADFS is located on Windows Azure as a VM, ensure that you created an endpoint port 443 for this VM.