postgresql azure azure-active-directory dns vpn

Unable to Connect to Azure PostgreSQL Database via Point-to-Site VPN with Azure Active Directory on macOS

I’m trying to connect to my Azure Flexible PostgreSQL private access server using a Point-to-Site (P2S) VPN configured on an Azure Virtual Network Gateway with Azure Active Directory not Certificates, but I’m unable to access the database from my local machine (macOS, M1 chip, Sonoma 14.6.1). The VPN connects successfully, but I cannot resolve the database’s private DNS.

Steps Taken:

Verified that the VPN connects, and I receive an IP address from the address pool (172.16.0.0/24).
Attempted to ping and nslookup the database hostname, but DNS resolution fails with NXDOMAIN.
Manually configured the DNS server to the Azure VNet internal DNS (e.g., 10.0.0.4) on my macOS network settings, and flushed the DNS cache.

nslookup timepiepstg.postgres.database.azure.com
Server: 194.168.4.100
Address: 194.168.4.100#53
** server can't find timepiepstg.postgres.database.azure.com: NXDOMAIN

[![enter image description here][1]][1]

Additional Info:

• The VPN route table includes:

• 10.1.0.0/24

• 10.0.0.0/24

• 172.16.0.0/24

• Other internal resources (like VMs) also do not seem reachable.

Question:

What could be causing the DNS resolution to fail for the private PostgreSQL Flexible Server? Is there a networking or DNS configuration that I might be missing?

Any guidance or troubleshooting tips would be appreciated.

Solution

Unable to Connect to Azure PostgreSQL Database via Point-to-Site VPN with Azure Active Directory on macOS ** server can't find timepiepstg.postgres.database.azure.com: NXDOMAIN

The error above was encountered due to a DNS issue. The P2S VPN client normally uses Azure DNS servers configured in the Azure virtual network, so all DNS queries are sent to the Azure DNS servers. If the Azure DNS servers do not have records for the local resources, the query fails.

To resolve the issue, you can add a host entry on your local machine with the Private DNS zone IP and the SQL database FQDN.

 10.0.0.xs  sample.postgres.database.azure.com

After adding the host entry to the hosts file, make sure to connect to the VPN, and it should resolve the DNS correctly.

Reference: Issue with resolving hostnames while connected to p2s Azure VPN by GitaraniSharma-MSFT

Stack link where I answered a similar related issue