Azure VPN to access US website

ReCloudS 40 Reputation points
2023-04-27T06:57:35.7066667+00:00

Hello ,

I am trying to access the website which was hosted in US region using the Azure VPN(us region ) but we are getting error 16 while accessing it … is there any configuration needs to be changed to the current AZure VPN client or need to create a new Azure VPN ?? If yes what is the configuration to create the new azure vpn ? To access the website which was restricted out of us region ?

thanks

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,537 questions
{count} votes

4 answers

Sort by: Most helpful
  1. Konstantinos Passadis 19,166 Reputation points MVP
    2023-04-27T08:19:42.0633333+00:00

    Hello @Satya Rekapalli!

    Error 16 typically refers to a Cloudflare error indicating that the client IP address is blocked due to geographical restrictions or IP-based blocking. This suggests that the website you are trying to access has restrictions in place for non-US IP addresses.

    To access the website using an Azure VPN from a non-US region, you will need to configure your VPN to route traffic through a US-based IP address. You can do this by creating a new Azure VPN Gateway with a public IP address located in the US region.

    Here are the steps to create a new Azure VPN Gateway and configure it to route traffic through a US-based IP address:

    In the Azure portal, navigate to the Virtual network gateway resource for your existing Azure VPN Gateway.
    
    Click on the "Create gateway" button to create a new Azure VPN Gateway.
    
    In the "Basics" tab of the "Create virtual network gateway" wizard, select the following options:
    
        Gateway type: VPN
    
        VPN type: Route-based
    
        SKU: VpnGw1 (or higher, depending on your requirements)
    
        Virtual network: Select the virtual network where your existing Azure VPN is deployed
    
    In the "IP configuration" tab, select "Add IP address" and enter a name and a public IP address located in the US region.
    
    In the "Review + create" tab, review your configuration and click on "Create" to create the new Azure VPN Gateway.
    
    Once the new Azure VPN Gateway is created, you will need to update your Azure VPN client configuration to use the new gateway. To do this, update the "Remote gateway" configuration in your VPN client to use the public IP address of the new Azure VPN Gateway.
    
    Finally, test your VPN connection to ensure that you are able to access the website from a US-based IP address.
    

    Keep in mind that some websites may have additional restrictions in place beyond geographical blocking, so you may need to work with the website owner to ensure that you are able to access the website from outside of the US.

    In case this was helpful kindly mark it as Accepted!

    BR

    1 person found this answer helpful.
    0 comments No comments

  2. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more

  3. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more

  4. KapilAnanth-MSFT 45,451 Reputation points Microsoft Employee
    2023-05-02T08:50:27.95+00:00

    @ReCloudS

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    You have a URL that restricts access only to US users.

    You are looking at alternative ways to access this site.

    As the URL is provided by your client, you should reach out to your client and ask them to provide access via Internet (or whatever other means you might prefer).

    • Further more, to restrict access only to US sites,
    • You should ask them to deploy the app behind an App gateway
    • And use Geomatch custom rules feature of App Gateway to only provide access to US clients.

    If the website is hosted on an Azure App Service , then you can request them to create a Private endpoint and give the Private EndPoint access to you.

    Refer to : Private Endpoints for App Service apps

    Points to Note:

    Private EndPoints will only work if you have connectivity to the VNet in which the PE is created.

    To get this,

    • You can use a VPN Gateway to connect your OnPrem to the VNet(of your client) in which the PE is created. (yellow)
    • Or if you have a Azure VNet , you can Peer your VNet and the VNet (of your client) in which the PE is created. (green)
    • User's image
    • Or you can create a PE in your Vnet (cross subscription)
    • User's image

    Kindly let us know if this helps or you need further assistance on this issue.

    Thanks,

    Kapil


    Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.