Troubleshooting Microsoft Foundry Accessing On‑Premises APIs Over Private Networking

2026-04-20 · Source: Microsoft Foundry Blog articles · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cloud Computing & IT Infrastructure · Depth: Advanced, medium

Summary

This article addresses common issues encountered when Microsoft Foundry Agent Services attempt to access on-premises APIs over private networks using corporate DNS, specifically when a VM in the same VNet succeeds but the Foundry agent fails. The core problem identified is that Foundry agents do not automatically run within the customer's VNet, even with private endpoints configured. Outbound agent traffic only flows through the VNet if a "Capability Host" is explicitly defined. This host binds a Foundry project or agent to a customer-managed subnet, enabling container injection and ensuring outbound traffic adheres to VNet routing, security, and DNS configurations. Without a Capability Host, agents do not inherit VNet DNS settings, leading to resolution failures or connection timeouts, even if the overall DNS design is correct. The article also touches on HTTP 401 errors post-connectivity, indicating authentication issues.

Key takeaway

For Azure solution architects and network engineers deploying Microsoft Foundry in network-isolated environments, you must prioritize configuring a Project Capability Host. This critical step ensures Foundry agents inherit VNet routing and DNS, enabling secure access to on-premises APIs. Without it, your agents will fail to connect, regardless of other network configurations, leading to premature troubleshooting of DNS or VPN issues.

Key insights

Foundry agents require a Capability Host to inherit VNet networking and access on-premises resources.

Principles

• Private endpoints are inbound constructs.
• Capability Hosts bind Foundry agents to VNets.
• Agent runtime inherits VNet settings post-injection.

Method

To enable private connectivity for Foundry agents, create and associate a Project Capability Host, binding the project to a delegated agent subnet, and ensure proper RBAC permissions and dependent Azure services are configured.

In practice

• Use Project Capability Hosts for VNet injection.
• Validate agent placement and network inheritance.
• Confirm on-prem DNS reachability from the agent subnet.

Topics

• Microsoft Foundry
• Private Networking
• On-Premises APIs
• Capability Host
• Azure Virtual Network

Code references

• ralacher/network-secured-agent

Best for: AI Architect, MLOps Engineer, DevOps Engineer

Related on AIssential

• Private Networking and Inference in Microsoft Foundry: Architecture Impact on Enterprise AI — Private networking in enterprise AI platforms fundamentally alters ML system behavior and operational reality.
• Cross-Region Model Connectivity Options in Microsoft Foundry: Supported Patterns and Tradeoffs — Azure API Management enables governed, VNet-secured cross-region model access in Microsoft Foundry, extending agent and inference capabilities.
• Microsoft's AI Futurist explains how he uses Copilot — and the real-world problems enterprises are solving with agents — Microsoft's agent strategy centers on providing a comprehensive platform for context, governance, identity, and secure data access, alongside diverse model choices.
• Configuring Amazon Bedrock AgentCore Gateway for secure access to private resources — Amazon Bedrock AgentCore Gateway provides secure, private connectivity for AI agents to internal AWS resources.
• Introducing Fireworks AI on Microsoft Foundry: Bringing high performance, low latency open model inference to Azure — Fireworks AI on Microsoft Foundry provides high-performance, enterprise-grade open model inference within Azure's unified AI platform.
• Cisco Live 2026: New Security Tools Target AI Threats — Cisco's new platform and security tools aim to unify AI-era IT management and defend against machine-speed threats.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Microsoft Foundry Blog articles.