Site-to-Site VPN between Azure and Meraki MX Firewall local VLan with tag 300 not accessible from Azure

Question

I successfully created a Site-to-Site VPN connection between my local network and our Azure infrastructure. Our default VLAN is 192.168.192.0/24, and any resource on that subnet is accessible in Azure. However, we have a VLAN (tagged 300) on our local network with the subnet 192.168.193.0/24, and none of the resources are accessible.

For example, the VLAN gateway is 192.168.193.1. In the Azure Local network gateway, I've tried to add two records of 192.168.192.0/24 and 192.168.193.0/24 in the Address Space(s). Although I could reach anything on the 192.168.192.0 subnet, I still couldn't reach anything on the 192.168.193.0/24. So, I tried to only add one record that covered both subnets in the Azure Local network gateway Address Space(s): 192.168.192.0**/23**, but this didn't work either.

From our local network firewall, the resources on the 192.168.193.0/24 subnet can be pinged.

From Azure VM

From Local PC

Answer 1

Thanks for posting your question in the Microsoft Q&A forum.

• Ensure that the on-premises VPN device is configured to advertise or route traffic for both the 192.168.192.0/24 and 192.168.193.0/24 subnets over the site-to-site VPN connection.
• In the Azure portal, navigate to the Local Network Gateway resource associated with your on-premises network. Update the "Address Space" field to include both subnets as separate entries. after updating the Local Network Gateway address space, try resetting the Azure VPN Gateway associated with the site-to-site connection.

192.168.192.0/24
192.168.193.0/24

---

Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful