Hi,
I have a problem when I try to add a new firewall rule when is a /32 network in the Azure Analysis Services. If I run the process to add the new firewall rule it works but if I use a foreach to add all the network list of Azure West Europe it doesn’t work and stop when I try to add a /32 network (like “94.245.114.1/32”).
Script:
[pre]
#Get-IPV4NetworkStartIP:
Function Get-IPV4NetworkStartIP ($strNetwork)
{
$StrNetworkAddress = ($strNetwork.split(“/”))[0]
$NetworkIP = ([System.Net.IPAddress]$StrNetworkAddress).GetAddressBytes()
[Array]::Reverse($NetworkIP)
$NetworkIP = ([System.Net.IPAddress]($NetworkIP -join “.”)).Address
$StartIP = $NetworkIP +1
#Convert To Double
If (($StartIP.Gettype()).Name -ine “double”)
{
$StartIP = [Convert]::ToDouble($StartIP)
}
$StartIP = [System.Net.IPAddress]$StartIP
Return $StartIP
}
#Get-IPV4NetworkEndIP:
Function Get-IPV4NetworkEndIP ($strNetwork)
{
$StrNetworkAddress = ($strNetwork.split(“/”))[0]
[int]$NetworkLength = ($strNetwork.split(“/”))[1]
$IPLength = 32-$NetworkLength
$NumberOfIPs = ([System.Math]::Pow(2, $IPLength)) -1
$NetworkIP = ([System.Net.IPAddress]$StrNetworkAddress).GetAddressBytes()
[Array]::Reverse($NetworkIP)
$NetworkIP = ([System.Net.IPAddress]($NetworkIP -join “.”)).Address
$EndIP = $NetworkIP + $NumberOfIPs
If (($EndIP.Gettype()).Name -ine “double”)
{
$EndIP = [Convert]::ToDouble($EndIP)
}
$EndIP = [System.Net.IPAddress]$EndIP
Return $EndIP
}
$allIPs = (Get-MicrosoftAzureDatacenterIPRange -AzureRegion “north Europe”).Subnet
$i = 100
$FirewallRuleList = foreach ($IP in $allIPs) {
$aasFirewallRuleName = “Rule$(([string]$i++).PadLeft(2,‘0’))” # “Rule100,Rule101,…”
$Start = Get-IPV4NetworkStartIP $IP
$End = Get-IPV4NetworkEndIP $IP
Write-Host “Adding IP Range to Firewall > $IP… > $aasFirewallRuleName”
New-AzureRmAnalysisServicesFirewallRule -FirewallRuleName $aasFirewallRuleName -RangeStart $start.IPAddressToString -RangeEnd $End.IPAddressToString
}
$FirewallRuleConfig = New-AzureRmAnalysisServicesFirewallConfig -EnablePowerBIService -FirewallRule $FirewallRuleList
Set-AzureRmAnalysisServicesServer -Name $aasName -ResourceGroupName $aasRg -FirewallConfig $FirewallRuleConfig
[/pre]
The script that I use to do the process work but stops when it try to add an /32 network. The error is:
[pre]
Set-AzureRmAnalysisServicesServer : The IP range System.Byte-System.Byte is invalid because the range start is greater than range end.
At line:11 char:1
- Set-AzureRmAnalysisServicesServer -Name $aasName -ResourceGroupName $ …
-
- CategoryInfo : CloseError: ( [Set-AzAnalysisServicesServer], CloudException
- FullyQualifiedErrorId : Microsoft.Azure.Commands.AnalysisServices.SetAzureAnalysisServicesServer
[/pre]
If I try to add it manually it works!
[pre]
$aasName = “AnalysisServicesServiceName”
$aasRg = “AnalysisServicesResourceGroup”
IPRange = “94.245.114.1/32”
$aasFirewallRuleName = “Rule1”
$Start = “94.245.114.1”
$End = “94.245.114.1”
$FirewallRuleList = New-AzureRmAnalysisServicesFirewallRule -FirewallRuleName $aasFirewallRuleName -RangeStart $Start -RangeEnd $End
$FirewallRuleConfig = New-AzureRmAnalysisServicesFirewallConfig -EnablePowerBIService -FirewallRule $FirewallRuleList
Set-AzureRmAnalysisServicesServer -Name $aasName -ResourceGroupName $aasRg -FirewallConfig $FirewallRuleConfig
[/pre]
Can you help me about this problem?
Thanks!