Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,379 questions
Remote Site --> HQ --> VPN/Azure Question
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 8%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
John Smith
1
Reputation point
I have an IPSEC VPN built on a Fortinet 200E that is working between our HQ and Azure. I have several VM's in Azure and traffic flows successfully. I now want to route traffic from some remote locations to Azure via the VPN. These locations are currently connected to HQ via the Fortinet.
Basic topology:
HQ - Lan1
Remote Locations - Wan1
Internet - Wan2
I have policies for HQ to Azure (Lan1 --> Azure VPN interface) and the remote locations (Wan1 --> Azure VPN interface). When pinging from a remote location I see the traffic handed off to the Azure VPN but nothing comes back. I see no traffic when pinging from Azure to the remote location.
I believe that this indicates a problem on the Azure side but I have been unsuccessful in capturing packets to verify this. I have tried capturing packets at the Gateway and the Gateway connection and both fail saying there was no data. So far the Azure networking side is a black hole.
Dows anyone have any experience in this scenario?
Thanks
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 36%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
SaiKishor-MSFT 17,181 Reputation points2021-04-14T19:46:13.307+00:00 @John Smith Thank you for reaching out to Microsoft Q&A.
Could you confirm if using Route Based VPN GW, Do you have the following setting enabled? Without this setting enabled, traffic will only be routed for a single traffic selector.
Sign in to comment