Unable to reach to Azure VM from on prem DMZ network

N Wakchaure, Jagdish 120 Reputation points
2024-08-20T09:40:19.57+00:00

We have very simple network configured on Azure , single Vnet with address space ( 10.6.0.0/16, 10.7.0.0/16) & using multiple subnets. There is connectivity between on prem datacenter to Azure using the express route.

We able to reach all the servers running at the on prem using express route since betlow routes present in express route peering.

primary 172.16.254.8/30 & Secondary 172.16.254.12/30

however there is on more network which is DMZ running at on prem data center. customer not able to reach any VM from DMZ network to Azure .

On prem DMZ range 10.22.8.1/24.

Could you please help how DMZ network can reach to Azure VM. can we add this route in express route peering.? or is there any way were we can auto propagate routes ?

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,404 questions
Windows Network
Windows Network
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Network: A group of devices that communicate either wirelessly or via a physical connection.
739 questions
0 comments No comments
{count} votes

Accepted answer
  1. ChaitanyaNaykodi-MSFT 25,841 Reputation points Microsoft Employee
    2024-08-20T15:07:23.74+00:00

    @N Wakchaure, Jagdish

    Thank you for reaching out.

    I understand your facing connectivity issue from your on-prem to Azure via Express Route.

    Based on your statement above.

    Could you please help how DMZ network can reach to Azure VM. can we add this route in express route peering.? or is there any way were we can auto propagate routes ?

    Yes you need to add this route to your peering so that eBGP can advertise the route in Azure. In Azure express route routing exchange is over eBGP protocol. EBGP sessions are established between the MSEEs and your routers. For connectivity between on-prem DMZ network to Azure you must advertise the routes from your on-premises Edge router to Azure via BGP.

    Currently there is no way to auto-propagate this route.

    You can follow the guide here, just in case you face any connectivity issue even after advertising the DMZ route.

    Hope this helps! Please let me know if you have any additional questions. Thanks!

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.