Azure VPN Gateway Traffic Selector mismatch drop package from ADF managed virtual network

Question

Hello,

I want to access on-prem data to use in Azure Data Factory data-flows but it looks like self-hosted Integration Runtime is not able to run data-flows. That said, I followed this tutorial to configure Azure IR in a managed virtual network and then connect to on-prem.

https://learn.microsoft.com/en-us/azure/data-factory/tutorial-managed-virtual-network-on-premise-sql-server

In this scenario, I created a V-Net as the tutorial says, but with an additional config. The forwarding is done to a peered network and that network has a VPN connected to on-prem. This is the architecture:

My problem is that from VMs placed in the net 192.168.21.0/24 I am able to connect to on-prem but the packages coming from Azure IR (10.250.4.0) are droped by the TS (Traffic selector) in VPN Gateway

I tried adding custom traffic selectors to the connection, but still not working. This is the configuration of the connection.

Anyone has experienced this situation or similar?

Thank you,

Answer 1

@Andoni Garrido Albizu

Thank you for the response above.

I am glad to know that the issue was resolved. I am summarizing the resolution here for community benefit so that it can help anyone facing similar issue.

Issue description:

The packets arriving from Azure IR service were getting dropped over Azure VPN network.

Resolution:

After taking a look at the backend logs the issue was due to on-prem device's traffic selector and was resolved after enabling the traffic from the private IP address, we were able to make the connection.

You can take a look at individual config guidelines for validated on-prem VPN devices here to help troubleshoot any config issues.

Thank you!