Share via

Azure connections problems

Dave 21 Reputation points
2022-12-08T21:22:20.767+00:00

268698-image.png

Hi,
I have configured as an OpenVPN server (Debian) and other servers on Azure network which is connected to on-premises network via site-to-site VPN IPsec tunnel. Connection was established between Virtual Network Gateway on Azure and local Paloalto. Network connection from azure to local network works. On the OpenVpn server has been configured point to site vpn for clients. From client to Azure communication was established (I can pinging servers on Azure) but I have a problem in that, when I attempt to ping on-premises network behind PaloAlto. On PaloAlto I see requests (ping) from OpenVpn clients what is more local server reply for ping but cannot reach to client. Maybe some problems are in Azure with config? Any thoughts as to why I'm not getting to local net from client net? Thanks very much for your help!
(ofc masquerade is disabled and routing and packet forwarding is enabled on OpenVpn srv)

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jacob Tiva 1 Reputation point
    2022-12-08T21:44:27.65+00:00

    It sounds like you have successfully established a site-to-site VPN connection between your Azure network and your on-premises network. You have also set up an OpenVPN server on Azure and configured point-to-site VPN for clients to connect to the Azure network.

    Based on the information you provided, it seems that the issue you are experiencing is related to the communication between the OpenVPN clients and the on-premises network behind the Palo Alto firewall. You mentioned that the local server is able to reply to ping requests from the OpenVPN clients, but the clients are not able to reach the on-premises network.

    There could be several reasons why this is happening. For example, the routing on the OpenVPN server or the Azure network may not be configured correctly, or there could be network security rules or policies in place that are preventing the communication between the clients and the on-premises network.

    It would be helpful to have more information about the specific configuration and settings on your OpenVPN server and Azure network to provide more specific advice. In general, though, it may be worth checking the routing configuration and network security rules to ensure that the communication between the OpenVPN clients and the on-premises network is allowed. You may also need to check the settings on the Palo Alto firewall to ensure that it is allowing the communication from the OpenVPN clients.

    I hope this helps. Please let me know if you have any other questions or

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.