Azure VPN with Multiple Sites

rr-4098 1,321 Reputation points
2022-10-22T15:42:13.617+00:00

I have one VPNGW1 Gateway in Azure and two Local gateways for my two sites which are connected. I do have a NSG assigned to my two test subnets that allows all onprem IP ranges and source and destination ports as *. Both of my sites can RDP to my Azure VM. The problem is that my Azure VM cannot RDP to either test site. How does Azure handle the routing with two local gateways?

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,244 questions
0 comments No comments
{count} votes

Accepted answer
  1. Joe Carlyle 661 Reputation points MVP
    2022-10-24T08:03:10.273+00:00

    As you have an Azure VM active, one of the simplest ways to see this is via the Network Interface of the VM, there is an option called "Effective Routes". When this loads, you should the address ranges configured for your local network gateways with a next hop of Virtual Network Gateway.

    As you can get from Azure to on-prem, but not the reverse - 99/100 this an issue with the on-prem configuration.

    A second note, your NSG rule actually isn't required, it has a default rule allowing "vnet" traffic. When you connect on-prem via VPN, those ranges become part of the system table and are therefore viewed as "vnet".

    0 comments No comments

0 additional answers

Sort by: Most helpful