![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 84%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELD%3C/text%3E%3C/svg%3E)
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,804 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 36%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
Hi Lokesh,
thanks for posting vpn issue )) since u see inbound traffic but no outbound, it's likely a routing or security rule hiccup. in azure, check the route table associated with ur gateway subnet. make sure u have proper routes pointing back to ur onprem network. sometimes azure adds default routes that mess things up )) to verify that https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings.
peek at ur network security groups. they might be blocking the return traffic. u can check the effective security rules right in the azure portal under 'effective security rules' for the subnet. yes yes, its easy to overlook ))
try this quick test from azure, do a continuous ping to ur onprem resource while checking the vpn gateway metrics. if u see outbound packets suddenly, then bingo - its probably a timeout or asymmetric routing issue.
as well check this sometimes the onprem firewall needs specific policies for azure's public ip ranges. https://learn.microsoft.com/en-us/azure/virtual-network/service-tags-overview. worth looking into if u haven't whitelisted them yet.
always check both ends of the tunnel when vpn acts up. its like plumbing - u gotta check all the pipes ), packet captures are ur best friend. azure has built in diagnostics for this https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-packet-capture-overview
this might help in other tools too - try reducing the mtu size temporarily. some devices get fussy with default sizes.
btw u can see realtime metrics under 'connection troubleshoot' in the portal. pretty slick :))
keep us posted if this helps
Best regards,
Alex
and "yes" if you would follow me at Q&A - personaly thx.
P.S. If my answer help to you, please Accept my answer