03-13-2024 02:10 PM
I'm currently attempting to establish a direct connection between Fivetran and my Azure SQL Database. Despite whitelisting Fivetran's IP addresses, I'm encountering the error message "Unable to connect to private host".
I've tried troubleshooting on my end without success. If anyone has encountered a similar issue or has insights into resolving this, I would greatly appreciate your assistance.
Solved! Go to Solution.
03-14-2024 10:05 PM
Hey @ehawth01 generally databases have a separate Public IP and Private IP listed on the server UI but in the case of Azure SQL, since it's a managed service, there's only the server name:
I would recommend checking with your database team to see if there's any publicly routable server name. If not, SSH would be the way forward.
Here's the setup guide you can use for reference if it's Azure SQL (Assuming it's the managed service and not a self-hosted database on an Azure VM)
If it's an Azure SQL Managed Instance, here's the setup guide
Thank you
03-13-2024 09:14 PM
Hey @ehawth01, I can help here.
The reason you're getting the error "Unable to connect to private host" despite whitelisting Fivetran's IP addresses is because your database is in a private subnet / VNet.
Connecting directly to a database by whitelisting Fivetran's IP addresses is only beneficial when the database is accessible publicly, which it isn't here.
To proceed further, you can look at Forward SSH as a connection option.
With this connection method your database can still remain in a private VNet / Subnet. The only addition would be a jump server / bastion host that can accept the connection from Fivetran's Public IP Addresses and forward it to your database so we can connect to it.
Hope this helps.
Please let me know if you have any questions or if you require additional infromation.
Thank you.
03-14-2024 11:36 AM
Hi @SVijay, thanks for your reply!
Does this still apply even when there are other whitelisted IP addresses connected to the database? Although the database is in a private network, other IP addresses are allowed to access the database because they are whitelisted.
03-14-2024 12:22 PM
@ehawth01 Are the IPs that are able to access your database directly Public IPs? If so, please ensure you're providing the public IP of the database in the Fivetran connector setup form.
If the IPs are not public but rather private IPs, like that of a SSH host, then they'll be access the database directly without being public.
So in conclusion, please provide either the public IP of the database in the connector setup form for Fivetran's Public IPs to be able to reach the database via direct connection or set up a forward SSH (to begin with) as it's one of the easiest methods for Public IPs to access your database that is in a private VNet as only the SSH Host's Private IP needs to be whitelisted in the database.
Thank you.
03-14-2024 01:56 PM
Hi @SVijay thanks for the assistance! I now understand that I either need to provide the public IP of the database or set up SSH. Thanks again for the help. Just a quick question - would you know where to find the Azure SQL Server database's public IP address?