The connection to data plane failed. Please refresh and try again.

hi Gomolemo,

you've set up the private link, but the data plane is still unreachable. this almost always comes down to a dns or network configuration problem.

the error message is helpful because it points to the troubleshooting guide, but let's break down the most common culprits. check the dns resolution. the key vault's data plane url, like yourvault.vault.azure.net, must resolve to the private ip address of your private endpoint, not the public one. you can test this from a virtual machine inside your vnet using nslookup yourvault.vault.azure.net. if it returns a public ip, your private dns zone isn't linked correctly.

verify the private dns zone. you should have a private dns zone named privatelink.vaultcore.azure.net that is linked to your virtual network. inside this zone, there should be an a record for your key vault name pointing to the private ip address.

also, check the network security groups on your subnet. they must allow outbound traffic to the key vault's private ip on port 443. an overly restrictive nsg can block the connection even if the dns is correct.

use nslookup to confirm your vault's name resolves to a private ip. if it doesn't, check your private dns zone configuration and its link to the vnet.

regards,

Alex

and "yes" if you would follow me at Q&A - personaly thx.
P.S. If my answer help to you, please Accept my answer

https://ctrlaltdel.blog/

Hello @Gomolemo Matsunyane

Thank you for reaching out to Microsoft Q&A.

I see your comment mentioning that you have requested your firewall team in order to set rules to allow onpremise network to access the keyvault on azure.

Please reach out to us in case issue persists post checking with your firewall team. We're happy to help.

Access to key vault was granted from on-premise. Issue has been resolved.