How to fix "Connect Timeout" and/or "Cannot open server xxx requested by the login" when connecting to Azure SQL Managed Instance in redirect mode

Table of Contents

Here is something that will save you lots of time and headaches when trying to connect to Azure SQL Managed Instances, especially from onprem servers or from other clouds; I had to repeat this multiple times to multiple actors, so I know it will happen to someone else too.

In most cases, “Connect Timeout” and/or “Cannot open server xxx requested by the login; Login failed” errors are caused by the firewall configuration and a lack of understanding the SQLMI networking model, let me explain:

As stated by this article , which you should read, the recommended connection type is redirect:

Diagram shows an on-premises network with redirect-find-db connected to a gateway in an Azure virtual network and a redirect-query connected to a database primary node in the virtual network.

  • Redirect (recommended): Clients establish connections directly to the node hosting the database. To enable connectivity using redirect, you must open firewalls and Network Security Groups (NSG) to allow access on ports 1433, and 11000-11999. Packets go directly to the database, and hence there are latency and throughput performance improvements using redirect over proxy. Impact of planned maintenance events of gateway component is also minimized with redirect connection type compared to proxy since connections, once established, have no dependency on gateway.

As stated in the documentation, your client initially logs to the gateway on port 1433 (as the good ol’ SQL Server), but then in redirect mode the connection is made directly directly to the database container in the backend, through a random port in the range 11000-11999 , opening up this while range is essential, as if you open (or happen to have opened before) anything less, you can find yourself not being able to connect at all to your instance, as the redirect port is not static (it is indeed, ephemeral). Be careful with your networking configuration!

comments powered by Disqus

Related Posts

There's a Bug with Extended Events creation in SQL Server Management Studio 18.7: what it is and a workaround

UPDATE 2: The bug was fixed in SSMS 18.8 UPDATE: The bug still isn’t fixed in SSMS 18.

Read More

SQL Server 2017 CU5 enhances troubleshooting for Intra-Query Parallelism Deadlock

Do you remember this post from not long ago ? Apparently, other than still being an issue, with the latest SQL Server 2017 CU there are additional tools to see what’s going on and troubleshoot.

Read More
How to build an Application with modern Technology

How to build an Application with modern Technology

Nemo vel ad consectetur namut rutrum ex, venenatis sollicitudin urna. Aliquam erat volutpat.

Read More