Cloud <> On-prem networking with site-to-site VPN

Dan H 1 Reputation point
2020-06-17T18:37:17.167+00:00

Hi All,

I am new to this forum and looking for some help with networking. I have an on-prem subnet 10.0.0.0/23 and in azure 10.1.0.0/16.

10.1.0.0/16 (azure) has OpenVPN access server running.

10.0.0.0/23 (on-prem) has OpenVPN client running.

From 10.0.0.0/23 I can easily reach all the VMs in 10.1.0.0/16, VPN works as expected.

From 10.1.0.0/16 I can only reach 10.0.0.0/23 from withing my openvpn server but not from any other VM inside 10.1.0.0/16 . I know that openvpn has static routes setup so it is capable of sending traffic back to VPN client and on-prem subnet but how can I accomplish this for other VMs inside azure subnet 10.1.0.0/16 ?

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,281 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. msrini-MSFT 9,271 Reputation points Microsoft Employee
    2020-06-20T21:45:40.943+00:00

    Hi,

    Even though you are able to connect from Azure to On-Prem via OpenVPN from the OpenVPN server, other VMs don't have the route to reach On-prem so the packets just drops.

    So you need to add a route table in Azure , stating if the destination is 10.0.0.0/23, next hop as Interface of Open-VPN server. So the traffic reaches, OpenVPN server in Azure, and all you need to do is to route to On-Premises by configuring the sevrer.

    Regards,
    Msrini

    0 comments No comments