Team,
Good morning.
I’m using NPA to connect to Azure Databricks via Private Link’s.
My initial connection works fine but the connection fails on the second attempt.
I must clear the cache on the endpoint and disable/enable all clients services in the Netskope console for the connection to work again.
When the connection fails, I get the error message below. Has everyone experience this issue connecting to Azure Databricks using NPA?
Without private app configuration, it’s hard to say for sure,, but it seems that you may need to allow access to addtional CORS domains when accessing Databricks.
Please use DevTools to check where the access errors are occurring.
In the past with Private Links, I’ve seen cases where all required URLs/endpoints aren’t included in the App Definition so certain traffic was still using the public IP addresses and egressing via the public internet rather than the Publisher. Additionally, are all Publishers hosted in the proper Azure locations? I’m wondering if it’s landing on a different Publisher on the second attempt.
Thanks, everyone for the feedback.
It looks like Databricks has its own IP allowlisting that needs to be configured per the article below. My plan is to add my Publisher IPs to the allowlist. I suspect Netskope is sending the traffic through SWG because the Publisher IP are not allowlisted.
https://docs.databricks.com/aws/en/security/network/front-end/ip-access-list
More to come.
If you haven't already registered, now is a good time to do so. After you register, you can post to the community, receive email notifications, and lots more. It's quick and it's free! Create an account.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
