![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 20%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMV%3C/text%3E%3C/svg%3E)
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,592 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 17%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
You need to configure the NSG and ensure that it allows necessary traffic between ADF and Azure Batch, especially if you're using a virtual network and Azure Private Link for private connections.
First, you need to verify that Azure Data Factory is using a Private Endpoint to connect to services like Azure Batch over a private network. This requires ADF to be deployed within a VNet, and the Private Endpoint must be set up to ensure the communication is routed privately.
Then to set up the NSG for the VNet Subnet:
- Go to the Azure portal, and navigate to your Virtual Network (VNet) where Azure Data Factory and Azure Batch are deployed.
- Select the Subnet that will be used by ADF and Azure Batch.
- Then, add or modify the NSG (Network Security Group) rules associated with this subnet.
To create NSG Rules:
To allow communication between ADF and Azure Batch, add the following Inbound and Outbound rules based on the required IP ranges and ports:
- Inbound Rules:
- Allow traffic from Azure Data Factory to Azure Batch:
- Source:
AzureLoadBalanceror specify the IP range of ADF's private endpoint. - Destination:
Any(or the specific IP address/range for the Azure Batch service). - Protocol:
TCP - Port Range:
443(for HTTPS communication).
- Source:
- You may need to allow specific ports for Azure Batch as per its documentation if the default ports do not suffice.
- Allow traffic from Azure Data Factory to Azure Batch:
- Outbound Rules:
- Allow outbound traffic from Azure Data Factory to Azure Batch:
- Source:
Any(or the specific subnet that ADF resides in). - Destination: The IP address or private endpoint of Azure Batch in the North Europe region.
- Protocol:
TCP - Port Range:
443.
- Source:
- Allow outbound traffic from Azure Data Factory to Azure Batch:
You may also want to use Service Tags for common Azure services (like AzureBatch and AzureDataFactory) instead of specific IPs to avoid having to manually update rules if IPs change:
Add rules for AzureBatch and AzureDataFactory service tags as destinations, which helps simplify maintenance.
Let me know if you need further clarification or specific examples for your configuration!