How to advertise point to site address pool to on prem services

Finbar Pimlott 0 Reputation points
2023-03-02T12:31:39.07+00:00

We are looking to deploy autopilot in Azure and have point-to-site configuration enabled on a VPN Gateway.

The VNET that the VPN gateway is deployed is reachable from our on prem services via expressoute.

However the client point to site hosts are not able to reach the on prem services it needs to access to as the address

pool is not currently reachable. I was thinking to change the point to point address pool to a range within the VNET that VPN gateway is in but looks like that is not supported

For example Azure Supernet

10.138.128/19 > Reachable for On prem

VPN Gateway deployed into the vnet with point to site configuration with address pool : 10.220.220/24

When client clients to point to site it can currently reach the services it needs in Azure but not the on prem services it needs to complete auto pilot configuration

What is the best way to advertise the address pool client IP's so that it can reach the services it needs on prem

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,379 questions
Windows Autopilot
Windows Autopilot
A collection of Microsoft technologies used to set up and pre-configure new devices and to reset, repurpose, and recover devices.
407 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. KapilAnanth-MSFT 35,001 Reputation points Microsoft Employee
    2023-03-02T16:40:46.6066667+00:00

    @Finbar Pimlott

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    I understand that you would like to use Azure as Transit between P2S Clients and OnPrem network.

    Your case is documented here : One VNet and a branch office (BGP)

    There are two requirements to be met here,

    1. You must enable BGP for Azure VPN Gateway to Advertise the P2S address range to the OnPremise network
    2. Manually add the OnPrem route to the P2S Client configuration file. (for Windows clients)

    Advertise custom routes for P2S VPN clients:

    Thanks,

    Kapil

    Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.