'Create new firewall rule' does not give my client IP access RRS feed

  • Question

  • I am trying to connect to an Azure SQL database through Visual Studio. I open Visual Studio through the Azure Portal and when I click connect I am prompted to 'create a new firewall rule' because my 'client IP address does not have access to the server'. I select 'Add my client IP' and click 'OK'. The box disappears and then immediately reappears.

    I tried clicking 'OK' a few times, and when I check the firewall settings in the Azure portal my client IP has been added multiple times. I also tried waiting 1 hour and longer for the changes to take effect, but to no avail.

    I have tried connecting through a python script as well and get the same error.

    It seems to me that something is preventing the firewall changes from taking effect, but I have no idea what that might be.

    Wednesday, July 3, 2019 2:07 PM

All replies

  • Hello Jon,

    It appears that you do not have the required privileges to add a firewall rule.

    Do you have access to the Azure portal? Could you try adding your client IP to the firewall via the portal?

    The instructions are here.

    If it doesn't work, you will need to work with your administrator to get privileges or get your client IP added.

    Please let us know how it goes.

    Wednesday, July 3, 2019 3:03 PM
  • Hi,

    I have tried adding my client IP via the portal and this does not solve the problem. As mentioned in my original post, the rules also appear in the portal when I add them from Visual Studio.

    Wednesday, July 3, 2019 3:19 PM
  • I think both problems (Your other post) you've posted are related. Tell us about the environment you're in. Are you on a secured company network? Did you try using another network, hotspot, another device or something similar and add the IP from this to your SQL server firewall? (Adding the IP should be processed after 5 minutes FYI) Depending on who manages the database their might also be a possibility for database-level firewall rules existing. See

    Wednesday, July 3, 2019 6:59 PM
  • I am on a secured company network. However, I tried both connecting through my cellular network, using a VPN to connect and using a different device. The result was the same every time. (I added my IP-address to the firewall rules every time) This leads me to think that there is something with the SQL database and not the environment I'm trying to connect from.

    You mention database-level firewall rules. Is it possible for an administrator to create "invisible" firewall rules that override the ones I see in the Azure portal?

    Thursday, July 4, 2019 7:33 AM
  • Hi,

    Please ensure "Allow access to Azure Services" is ON on the firewall setting panel, and other valid concern is at your network environment,

    If your corporate network uses the proxy, then you can try to whitelist the Azure IP addresses to allow inbound communication.

    Murugesa Pandian,

    Gear up for some solid action by doing IT not saying IT.
    More insight @ Intelliview

    Sunday, July 7, 2019 1:16 PM
  • If not already done so, can you take a very close look at the IP Address being added. Is it the internal (behind a firewall) IP Address or the external IP Address (NAT'd)? Can you use a service such as What is my IP Address? to identify your external IP as identified, and ensure it is the same that was added to the Allow List for your Azure SQL deployment.



    Wednesday, July 17, 2019 2:06 PM
  • Just checking in to see if the above answer(s) helped.

    If this answers your query, do click “Mark as Answer” and Up-Vote for the same which might be beneficial to other community members reading this thread .

    And, if you have any further query do let us know. 

    Thursday, July 25, 2019 6:34 AM