06-30-2021 08:52 AM
Since the upgrade for being able to scan multiple subscriptions, we have hit an issue.
In Azure you can have overlapping IP ranges, as long as they aren't peered, especially with services like Databricks where "farms" are auto deployed via Microsoft PaaS services. It seems that IB doesn't like this and the scan just falls over. As with any of the Discovery logs are very lacking. The subscription in question also contain VNETs with standard subnets that are peered, so I can't exclude whole subnets.
Has anyone else seen this issue, and come up with a workround?
Solved! Go to Solution.
06-30-2021 09:18 AM - edited 06-30-2021 09:20 AM
This is expected behavior when vDiscovery encounters overlapping IP space. There are a couple options you can use here. If you want to discover all VNets, including the overlapping space, you can set the option "The tenant's network view (if it does not exist, create a new one)" on the Network View tab of the vDiscovery Job Properties. This will create seperate network views in your Grid for the overlapping space. The other option is to restrict vDiscovery to specific VNets by setting permissions in Azure at the VNet and/or resouce group level instead of for the entire subscription for the app used.