There's zero chance this is happening in 2025 or even 2026. I've met so many network architects that want to achieve this and each one has found how half-baked and half-supported private endpoints are. We need full and complete NSG support for all private endpoint services. We need full compatibility between services - ever try to privatize a complete function app, it's a nightmare. We need unified support to have a clue. I love the idea of private endpoints, but its death by a thousand caveats.
Thanks for the feedback. This IS happening! I agree there is a lot of work to do to make it practical, And I will talk to the PGs you mentioned, thanks!
I completely agree, Microsoft should make this a lot simpler! Which is why I wanted to know what isn’t working…so I can talk to those groups and start working on it
It feels like i am going back to WVD days regarding AVD deployment 😂😂. Thanks Dean for a very informative video. It is much appreciated. Looks like there's no more time off on weekends 😊 Happy learning, everyone ...
this is a really good synopsis of how it works now vs how it will work going forward. assuming MS doesn't push the cutoff of the default SNAT which it does sometimes for big changes (this is a big one) they are going to get absolutely obliterated with support tickets from everyone that didn't pay attention or didn't plan accordingly.
Agreed, that’s why I asked everyone to start using private subnets NOW and let me know what doesn’t work so I can get the product teams working on fixing it so we don’t have a flood of tickets ☺️
@@AzureAcademy that's fair and it's really a good change tbh. this will really force people to actually think about what they are doing when deploying resources and creating topology.
well...Yes and No. The problem is all the VMs running in Azure using OTHER Azure Services. If a VM is in a load balancer or AppGW backend pool, they are ok to use it...but what about using KeyVault, Azure DevOps, or Azure storage...it isn't going to work without YOU taking extra steps to get those services connected...make sense?
Thank you but, What makes you think it was click bait??? Click bait is where I tell you the video is one thing but it’s actually another. I made this video to help everyone learn how Azure can work TODAY with out internet Seems honest to me!
@@AzureAcademy "When This Happens, Will Azure Still Be Usable?" is a clickbait title since it omits what "This" is. "Azure VMs will soon lose Internet access, Will Azure still be usable?" would be less click-baity.
Thanks for your comment, I found that too. All Azure VMs are activated from the Azure KMS servers...which activate with a public IP address ONLY. So without Internet...there is no activation...I have reported this to the Network and Windows teams...stay tuned!
I hava an issue.our avd host struck at unlock screen when user tried to reconnect the disconnected session after an hour. but if we reconnect instantly no issues.problem is not a static .it occurs for random users. we use fslogix as profile solution. Not sure how to troubleshoot the issue.any suggestions?
There’s nothing “WRONG” with it…but it isn’t always optimal. And if you have VMs in Azure that are VPNed to on prem you CAN choose to force tunnel your internet traffic…but to reach Azure services it would be like driving from NY to CA to go to Brooklyn
🔥AFTER THIS Learn how to enable Internet Access on Azure Private Subnets 👉 ruclips.net/video/SbIeszPXoWo/видео.html 👈
There's zero chance this is happening in 2025 or even 2026. I've met so many network architects that want to achieve this and each one has found how half-baked and half-supported private endpoints are. We need full and complete NSG support for all private endpoint services. We need full compatibility between services - ever try to privatize a complete function app, it's a nightmare. We need unified support to have a clue.
I love the idea of private endpoints, but its death by a thousand caveats.
Thanks for the feedback. This IS happening! I agree there is a lot of work to do to make it practical, And I will talk to the PGs you mentioned, thanks!
I dont care if customers have to pay more, but the problem is that this makes life harder for all, at least microsoft should simplify the move
I completely agree, Microsoft should make this a lot simpler! Which is why I wanted to know what isn’t working…so I can talk to those groups and start working on it
Thanks for the video! At 6:42, I think you meant to say, "update your conditional forwarders" not "update your forward lookup zones."
I think you are correct...Thanks!
It feels like i am going back to WVD days regarding AVD deployment 😂😂.
Thanks Dean for a very informative video. It is much appreciated.
Looks like there's no more time off on weekends 😊
Happy learning, everyone ...
Happy to help! This is all going to get better, but Azure without internet is a big change…stay tuned
@@AzureAcademy cheers
👍☺️👍
this is a really good synopsis of how it works now vs how it will work going forward. assuming MS doesn't push the cutoff of the default SNAT which it does sometimes for big changes (this is a big one) they are going to get absolutely obliterated with support tickets from everyone that didn't pay attention or didn't plan accordingly.
Agreed, that’s why I asked everyone to start using private subnets NOW and let me know what doesn’t work so I can get the product teams working on fixing it so we don’t have a flood of tickets ☺️
@@AzureAcademy that's fair and it's really a good change tbh. this will really force people to actually think about what they are doing when deploying resources and creating topology.
I hope so 🤞
I already route through Azure Firewalls and Application firewalls and use Front Door. This shouldn't be much of a leap from this point.
well...Yes and No. The problem is all the VMs running in Azure using OTHER Azure Services.
If a VM is in a load balancer or AppGW backend pool, they are ok to use it...but what about using KeyVault, Azure DevOps, or Azure storage...it isn't going to work without YOU taking extra steps to get those services connected...make sense?
Dude. Your content is good enough stop with the click bait titles. Jeesh 🙄
Thank you but, What makes you think it was click bait???
Click bait is where I tell you the video is one thing but it’s actually another.
I made this video to help everyone learn how Azure can work TODAY with out internet
Seems honest to me!
@@AzureAcademy "When This Happens, Will Azure Still Be Usable?" is a clickbait title since it omits what "This" is. "Azure VMs will soon lose Internet access, Will Azure still be usable?" would be less click-baity.
thanks for your feedback.
I have your book. I am waiting for the kids to go back to school. Then I should have time to read it.
Awesome, thanks for letting me know! Don’t forget to do a review on Amazon as well, it helps to promote the book ☺️
I have found that Azure deployed VM's w/o internet access will FAIL to activate the OS license.
Thanks for your comment, I found that too. All Azure VMs are activated from the Azure KMS servers...which activate with a public IP address ONLY. So without Internet...there is no activation...I have reported this to the Network and Windows teams...stay tuned!
Yep. Happened to me last week.
Yeah…well stay tuned it’s being worked on
lol that's just funny
yup...huge company makes a change...things break
I hava an issue.our avd host struck at unlock screen when user tried to reconnect the disconnected session after an hour. but if we reconnect instantly no issues.problem is not a static .it occurs for random users. we use fslogix as profile solution. Not sure how to troubleshoot the issue.any suggestions?
Have you configured any of the session time out policies?
What’s wrong with requiring VPN connection only to a cloud?
There’s nothing “WRONG” with it…but it isn’t always optimal. And if you have VMs in Azure that are VPNed to on prem you CAN choose to force tunnel your internet traffic…but to reach Azure services it would be like driving from NY to CA to go to Brooklyn
nat gateway connected to snet will work?
watch the follow up video for all the info on restoring internet access - ruclips.net/video/SbIeszPXoWo/видео.html
When is this change supposed to happen?
watch the follow up video for all the details and how to restore internet access - ruclips.net/video/SbIeszPXoWo/видео.html