cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Help
Administration & Architecture
Explore discussions on Databricks administration, deployment strategies, and architectural best practices. Connect with administrators and architects to optimize your Databricks environment for performance, scalability, and security.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

Databricks to SFTP: Connection Fails Even with Whitelisted NAT Gateway IP

jeremy98
Honored Contributor

โ€Ž07-23-2025 06:53 AM

Hi community,

Iโ€™m experiencing a strange issue with my connection from Databricks to an SFTP server.

I provided them with an IP address created for Databricks via a NAT gateway, and that IP is whitelisted on their side. However, even though I have the correct credentials, Iโ€™m still having trouble connecting to the SFTP server.

Could you help me understand what might be causing this issue and what I should check or fix?

33 REPLIES 33

Kenji_3000
New Contributor III

โ€Ž07-29-2025 06:28 AM

Hi @szymon_dybczak ,

We confirmed that it is indeed the backbone network that is causing the issue as we fetched the logs of the sftp
Databricks --> SFTP (region outside Europe West) = Public IP NAT gateway
Databricks --> SFTP (region Europe West) = Private IP

Currently in contact with Microsoft support to overrule this backbone network. I tried to define a route table with 

 
address prefix 20.60.0.0/16 (all azure storage account space, also tested with 0.0.0.0/32)
next hop type: Internet

Unfortunately this also not works. Any idea maybe?

szymon_dybczak
Esteemed Contributor III
In response to Kenji_3000

โ€Ž07-29-2025 06:52 AM - edited โ€Ž07-29-2025 06:53 AM

Hi @Kenji_3000 ,

Thanks for info. I must admit that you guys stumble upon really interesting scenario. In my opinion, defining UDR should override this default behaviour. What could prevent it from working as expected is routing preference of public address IP associated with NAT Gateway. 
Could you check how properties of NAT Gateway public IP looks like? Probably you have configured it like below.

szymon_dybczak_0-1753796848586.png


It seems to me that if your gateway had "Internet" routing set instead of "Microsoft", it would have worked.
But as I said, I'm more data enginneer who sometimes needs to figure out networking issue, so take my word with a pinch of salt ๐Ÿ™‚

Configure routing preference for a public IP address | Microsoft Learn

0 Kudos

Kenji_3000
New Contributor III

โ€Ž07-31-2025 03:09 AM

Hi @szymon_dybczak , 

Thanks for the suggestion. I tried to attach the ip address to the NAT but it requires a NAT also to have an internet routing preference and Azure doesn't allow that. Quite a unique scenario indeed. We have created a workaround now of a seperate VM in germanywest that writes it to the SFTP server. Let's see if we can come up with a more "elegant" solution in the future!

szymon_dybczak
Esteemed Contributor III
In response to Kenji_3000

โ€Ž07-31-2025 03:23 AM

Hi @Kenji_3000 ,

Thanks @Kenji_3000  for sharing workaround, really appreciate that. This is definitely one of the most interesting scenarios I've seen so far on community. If you come up with something else or receive some tips form MS let us know.

0 Kudos

Join Us as a Local Community Builder!

Passionate about hosting events and connecting people? Help us grow a vibrant local communityโ€”sign up today to get started!

Sign Up Now
Announcements