I have a Windows Azure Cloud Service with a single worker role. The worker role's App.config file specifies NTLM credentials should be used for the WCF authentication (Gist for all of this : http://goo.gl/wFCLv7 ).
Everything works as expected locally but when I deploy my CloudService to Azure, though I am prompted to enter my NTLM credentials (which are successfully audited according to the Windows Event Security logs of the Worker Role's machine which I RDP onto), invocations of the WCF service return null. (I don't know how to gather further debugging information)
After verifying with colleagues, sure enough the host machine for the WCF service is private, and not publicly facing - this probably explains why I can't query it from my application when it is hosted on the cloud, even with my Windows Authentication credentials.
How to I leverage non-public, NTLM-secure WCF services from Windows Azure? What do I need to change on the WCF server in order to consume the services from Azure? An easy answer may be to make the WCF host public - however the company is very fearful of "The Cloud" as it is -- is there a smaller alternative that can used for proof of concept?
Best, networking/security/Azure noob