Connect to SQL Managed instance
Published Mar 13 2019 07:03 PM 4,847 Views
First published on MSDN on Sep 13, 2018

SQL Managed instance is located inside a Vnet.

The options to connect to it are :

  1. From the Azure

      • Inside the same VNet (different subnet)

      • From different VNet using VNet peering / Site-to-Site VPN / Express Route circuit (for cross-region connection)

  2. From on-premises . Using express Route or VPN

Refer to this article for details.

In case you are choosing connecting to Managed instance from a different Vnet , you will need to have Vnet Peering Or Site-to-Site VPN between the 2 Vnets.

In case you have configure a Vnet peering Or Site-to-Site VPN and still have a problem to connect to the Managed instance , check the following :

  1. Check that the 2 Vnets are not on different regions - not supported unless you are using Express route cross-region connection

cross region peering is not supported for MI

2. Run Psping to the Managed instance name with Port 1433 . In case it does not work something is wrong  with  the communication between the 2 Vnets:

In this case , you should check that there is  NSG ( Network security group ) rule on the Subnet of the other Vnet ( the Vnet where you are trying to connect to managed instance from  )  The rule need to be configured as the following  :

Source IP addresses  : The subnet  range of IP's where the VM with SSMS is located

Destination IP addresses : The MI subnet range of IP's

This is outbound rule and must have higher priority then rule that would eventually block the connection

P.S - Very soon we are also going to support NSG on port 1433 on Manage instance subnet.
Version history
Last update:
‎Mar 13 2019 07:04 PM
Updated by: