az network bastion rdp leads to msrestazure.azure_exceptions.CloudError: Unexpected internal error

[lubossykora]

Bug
when calling az network bastion rdp --name bastion --resource-group rg-test --subscription xxx --target-resource-id testmachineresourceId --verbose
i receive

Creating a socket on port: 0
Setting socket options
Binding to socket on local address and port
Auto-selecting port: 60545
Finished initialization
Exception in thread Thread-1:
Traceback (most recent call last):
File "threading.py", line 932, in _bootstrap_inner
File "threading.py", line 870, in run
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/network/custom.py", line 8089, in _start_tunnel
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/network/tunnel.py", line 182, in start_server
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/network/tunnel.py", line 117, in _listen
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/network/tunnel.py", line 104, in _get_auth_token
msrestazure.azure_exceptions.CloudError: Unexpected internal error
Command ran in 9.468 seconds (init: 0.262, invoke: 9.205)

To Reproduce
just calling the command

Expected behavior
native rdp client opens and i can connect through rdp

Environment summary
azure-cli 2.32.0
core 2.32.0
telemetry 1.0.6

Extensions:
ssh 1.0.0

Dependencies:
msal 1.16.0
azure-mgmt-resource 20.0.0

Python location 'C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\python.exe'
Extensions directory 'C:\Users\sykorlub.azure\cliextensions'

Python (Windows) 3.8.9 (tags/v3.8.9:a743f81, Apr 6 2021, 13:22:56) [MSC v.1928 32 bit (Intel)]

Additional context
bastion is set to support native clients following https://docs.microsoft.com/en-us/azure/bastion/connect-native-client-windows.
bastion is hosted in vnet which is peered with second vnet having my test machine. for test purposes all peering connectivity is allowed.
for test purposes all incoming traffic is allowed on nsg for test machine.
Connecting to test machine through bastion from portal UI works.

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @aznetsuppgithub.

Issue Details

---

Bug
when calling az network bastion rdp --name bastion --resource-group rg-test --subscription xxx --target-resource-id testmachineresourceId --verbose
i receive

Creating a socket on port: 0
Setting socket options
Binding to socket on local address and port
Auto-selecting port: 60545
Finished initialization
Exception in thread Thread-1:
Traceback (most recent call last):
File "threading.py", line 932, in _bootstrap_inner
File "threading.py", line 870, in run
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/network/custom.py", line 8089, in _start_tunnel
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/network/tunnel.py", line 182, in start_server
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/network/tunnel.py", line 117, in _listen
File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/network/tunnel.py", line 104, in _get_auth_token
msrestazure.azure_exceptions.CloudError: Unexpected internal error
Command ran in 9.468 seconds (init: 0.262, invoke: 9.205)

To Reproduce
just calling the command

Expected behavior
native rdp client opens and i can connect through rdp

Environment summary
azure-cli 2.32.0
core 2.32.0
telemetry 1.0.6

Extensions:
ssh 1.0.0

Dependencies:
msal 1.16.0
azure-mgmt-resource 20.0.0

Python location 'C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\python.exe'
Extensions directory 'C:\Users\sykorlub.azure\cliextensions'

Python (Windows) 3.8.9 (tags/v3.8.9:a743f81, Apr 6 2021, 13:22:56) [MSC v.1928 32 bit (Intel)]

Additional context
bastion is set to support native clients following https://docs.microsoft.com/en-us/azure/bastion/connect-native-client-windows.
bastion is hosted in vnet which is peered with second vnet having my test machine. for test purposes all peering connectivity is allowed.
for test purposes all incoming traffic is allowed on nsg for test machine.
Connecting to test machine through bastion from portal UI works.

Author:	LubosSykora
Assignees:	-
Labels:	Network, Service Attention, customer-reported, Network - Bastion
Milestone:	-

[yonzhan]

route to service team

[ahmetcecen]

Was this ever resolved?

[lubossykora]

Was this ever resolved?

no. at least as far as i know... :-(

[shoebece]

not for me too..

[mahmkhan]

I faced the same issue for Linux VM. Any solution for this problem?

[KarlRanseier]

still not working in "azure-cli": "2.37.0"