unable to connect Azure VM using private IP after connecting Azure VPN

yogesh.gupta 1 Reputation point
2022-05-21T16:44:17.067+00:00

I have setup a Point to Site Virtual Network Gateway and installed the Azure VPN client on my local laptop. I am connect to the VPN and it shows connection is successful.

But not able to connect Azure VM (SSH) via Private IP.

My Virtual Network Gateway and Azure VM are in the same VNet. On the Azure VM, NSG, I allowed inbound traffic for port 22 from the Private IP range of P2S configuration to the VM's Private IP address.

Could someone help me out?

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,336 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. risolis 8,701 Reputation points
    2022-05-22T01:29:52.673+00:00

    Hello @yogesh.gupta

    Thank you for your post

    I am wondering if when you try to ssh your vm, you started getting a time out error or any other...

    Also, I would like to ask some question for getting familiar with the issue.

    -Do you SSH this VM before or it is the first time?
    -Did you check the effective routes table for this VM?
    -Do you have any NSG?
    -Was this VPN configured for force or split tunneling?

    Best Regards,

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments

  2. yogesh.gupta 1 Reputation point
    2022-05-22T06:55:05.573+00:00

    Thanks,

    • Yes, I am able to SSH this VM before (earlier SSH was allowed from anywhere for the VM)
    • Yes, I check the effective route table for the VM. It appears correct to me. Do you want me to check any thing specific?
    • Yes, I do have NSG associated with the VM. In the NSG, inbound traffic is allowed for Port 22 from the Private IP range of the Point-To-Site configuration of Virtual Network Gatway.
    • I just configured this VPN using Azure Virtual Network Gateway and Point-To-Site configuration. I don't see any option for force or split tunneling there.

    Regards,


  3. risolis 8,701 Reputation points
    2022-05-22T07:36:10.887+00:00

    Many thanks for your additional details.

    I have seen that your routes are 10.9/16 as well as 172.16/16... Please correct me if I am mistaken on it.

    Also, I noticed that you have some utun interfaces and If i recall those are for Globalprotect for PA.

    If you do a traceroute or ping... Did you get to the remote VM?

    BR,