When transitioning to Azure, had thought that this pattern would work as a replacement for the Cisco ASA to support our partners requiring limited access to our environment. Having an issue with gateway transit, however, between the partner VPN gateways and our primary VNet.
Client can connect okay to partner VNet and access resources (e.g., VM) in the partner VNet (VPN connect)
Routing to primary VNet (10.190.0.0/16) using partner VPN interface appears correctly in client routing table
VM in the partner VNet can access resources in primary VNet okay (peering)
The client, however, is unable reach any resources in the primary VNet which suggests a gateway transit issue in the peering.
Hoping that you might have some insight or suggestions.