Recently one of our teams has changed location. They moved from one cozy place with a dedicated IP to a corporate building with an IP range and port restriction.
The issue is: our development environment integrates an Azure SQL Database, using (among other thing) the firewall to restrict access.
We finally turned to VPN P2S solution, using Azure Gateway, a VNet and Azure Private Link.
The idea is simple: making the database accessible from the VNet through a private IP.
But, using the IP address to connect instead of the FQDN, raises another issue. An error "The target principal name is incorrect" happened during connection.
Luckily, Internet has always raised the issue, and has almost the (right?) answer to it.
So the solution was either to modify the host or to create a private DNS Zone.
I hope this help.
If you are look for some inspirations for basic architecture, you can have a look at this diagram.