Azure P2S VPN not providing Static public Ip after connecting

kaushik duddukuri 6 Reputation points
2022-04-29T05:32:35.157+00:00

After connecting to Azure P2S VPN I am still seeing my ISP Public IP instead of Azure VPN static Public IP. How to configure this so that all the traffic will be routed through Azure Vnet instead of each individual's personal ISP.

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,368 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,131 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. suvasara-MSFT 9,996 Reputation points
    2022-05-17T08:52:24.867+00:00

    @kaushik duddukuri , Here is a similar question about forced tunneling. Do refer and let us know if you still need any help with this.
    but if you are looking for a forward proxy to internet from Azure P2S then it is not possible today.

    ----------

    Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.

    1 person found this answer helpful.
  2. GitaraniSharma-MSFT 46,931 Reputation points Microsoft Employee
    2022-09-22T08:36:57.91+00:00

    Hello ,

    Forced tunneling is generally not supported for Azure P2S VPN unless you use Azure Firewall Manager. If you secure internet traffic via Firewall Manager, you can advertise the 0.0.0.0/0 route to your VPN clients. This makes your clients send all internet bound traffic to Azure for inspection. Then, firewall SNATs the packet to the PIP of Azure Firewall for egress to Internet.

    Please note that to advertise 0.0.0.0/0 route to your VPN clients, you need to break them into two smaller subnets 0.0.0.0/1 and 128.0.0.0/1 as mentioned in the below document:
    Refer : https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-p2s-advertise-custom-routes#forced-tunneling

    You have deploy a secured virtual hub with firewall manager and add the P2S VPN Gateway to allow your egress traffic that will be controlled by a firewall policy.
    Refer : https://learn.microsoft.com/en-us/azure/firewall-manager/secure-cloud-network

    You can refer the below doc which explains how to configure forced tunneling for Virtual WAN Point-to-site VPN and take inputs on the configuration:
    https://learn.microsoft.com/en-us/azure/virtual-wan/how-to-forced-tunnel

    Another reference for you:
    https://learn.microsoft.com/en-us/answers/questions/689877/index.html

    Kindly let us know if the above helps or you need further assistance on this issue.

    ----------------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
  3. Luis Rodriguez 6,191 Reputation points Microsoft Employee
    2022-04-29T07:05:54.727+00:00

    Hello @kaushik duddukuri

    Welcome to Microsoft Q&A Platform,

    This seems related to a configuration issue, what's the VPN client address pool configured? Did this worked before properly?

    I would suggest go through the public doc carefully to make sure that the settings are correct:
    https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal#addresspool

    I hope this helps!

    ----------

    Please don’t forget to "Accept the answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.