Hub and Spoke architecture traffic flow issue?

Sourabh Chhabra 40 Reputation points

We have a hub and spoke architecture environment. We need communication from vm1 from spoke 1 to communicate to vm2 in spoke 2 using hub and azure firewall in hub vnet. We need to establish this connection without using Virtual Network Gateway. We already have associated route table to spoke 1 and spoke 2 to send the traffic to Firewall as next hope of we need traffic flow. Already allowed firewall rules to allow the traffic. However don't see the traffic going from hub to spoke 2 when trying to connect from vm1 to vm2. Please suggest what setting would be needed to establish this connectivity.

Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
603 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,280 questions
{count} votes

Accepted answer
  1. Andreas Baumgarten 103.3K Reputation points MVP

    Hi @Sourabh Chhabra ,

    for me it sounds like 2 routes are missing:

    • Route from spoke 1 IP to spoke 2 IP address range using the hub vNet NVA in hub vNet as the next hop
    • Route from spoke 2 IP to spoke 1 IP address range using the hub vNet NVA in hub vNet as the next hop

    If you don't have the routes please add the routes and try again.

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)


    Andreas Baumgarten

0 additional answers

Sort by: Most helpful