Share via

VPN Site to Site - How to access my VM's?

Lucas Silva 0 Reputation points
2023-04-05T20:42:10.35+00:00

I have a site-to-site vpn, between Azure and my company.
I'm trying to create a virtual machine on Azure and access the Private Ip address of this machine from my company, but I it doesn't happen, I only can connect the public IP, so, I'm not sure why, how do I have to configure the network of the vms?
I need to put it on the same Vnet that I created for the vpn tunnel or should I create a new on? So, wich IP I need to use?

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,798 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jackson Martins 10,606 Reputation points MVP Volunteer Moderator
    2023-04-05T20:46:57.1766667+00:00

    Hi @lucas silva To access the VM through its private IP address, you need to ensure that the VM is correctly configured within your NSG, check if there are any NSGs on the VM's subnet or the VM's network interface blocking the required inbound or outbound traffic. Update the NSG rules to allow the necessary traffic between your on-premises network and the Azure VM. Get in touch if you need more help with this issue. --please don't forget to "[Accept the answer]" if the reply is helpful--

    0 comments
  2. ChaitanyaNaykodi-MSFT 27,481 Reputation points Microsoft Employee Moderator
    2023-05-05T23:06:37.5+00:00

    @Lucas Silva

    Thank you for reaching out on the Microsoft Q&A forum.

    Based on your question above

    I need to put it on the same Vnet that I created for the vpn tunnel or should I create a new on? So, wich IP I need to use?

    It is not required to put the VM in the same VNET. The VM can be in a different VNET but it should be peered with the VNET containing your VPN Gateway. To route traffic between peered VNets, you need to configure address spaces/subnets to send/receive traffic from/to both ends of the tunnel. You also need to configure peering between VNets (if the traffic is originating not from the VPN gateway network) and usage of gateways (or remote gateways) in Vnet peering settings. More information can be found here.

    Traffic between virtual machines in the peered virtual networks is routed through the Microsoft backbone infrastructure, through private IP addresses only. No public internet is involved<sup>2</sup>.

    I hope this helps! Let me know if you have any other questions.

    ​​Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.