JohnSmith-2567 avatar image
0 Votes"
JohnSmith-2567 asked SaiKishor-MSFT commented

Remote Site --> HQ --> VPN/Azure Question

I have an IPSEC VPN built on a Fortinet 200E that is working between our HQ and Azure. I have several VM's in Azure and traffic flows successfully. I now want to route traffic from some remote locations to Azure via the VPN. These locations are currently connected to HQ via the Fortinet.
Basic topology:
HQ - Lan1
Remote Locations - Wan1
Internet - Wan2
I have policies for HQ to Azure (Lan1 --> Azure VPN interface) and the remote locations (Wan1 --> Azure VPN interface). When pinging from a remote location I see the traffic handed off to the Azure VPN but nothing comes back. I see no traffic when pinging from Azure to the remote location.
I believe that this indicates a problem on the Azure side but I have been unsuccessful in capturing packets to verify this. I have tried capturing packets at the Gateway and the Gateway connection and both fail saying there was no data. So far the Azure networking side is a black hole.
Dows anyone have any experience in this scenario?

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@JohnSmith-2567 Thank you for reaching out to Microsoft Q&A.

Could you confirm if using Route Based VPN GW, Do you have the following setting enabled? Without this setting enabled, traffic will only be routed for a single traffic selector.

0 Votes 0 ·

0 Answers