Name resolution of VMs in Virtual Network after connecting via P2S Client VPN

Question

I recently set up a VM on my Azure subscription and connected it to a vNet. The NIC connecting the VM only has a private IP. Now I added a VPN gateway to this vNet, configured it, and downloaded and installed the VPN Client locally. Now, to connect to the VM, I first connect to the VPN and once that is successful, I check the Private IP assigned to the VM and RDP to it. This all works.

However, I felt it may be easier to connect to the Hostname of the VM instead of via the IP. So, I perform the same set of steps to connect to the VPN and then instead of using the Private IP, I use the Hostname. But this time around, it doesn't resolve. Interestingly, I created another VM in the same vNet and connected to it using its private IP and within VM2, I am able to open the RDP connection to VM1 using the Hostname. But that doesn't work from my VPN Client - basically my PC where I installed the VPN Client.

This is the topology of the vNet (prior to me creating the 2nd VM). One option that I already checked was to create Azure Private Zone DNS, but I don't want to go that route. I instead want to be able to use the Azure Provided Name Resolution. I used this link to get a sense of both these options - https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances.

And since the Private IP assignment is dynamic (and I want to keep it that way), adding an entry into my local hosts file won't do me any good.

Answer 1

Hi @Rohit Mitra ,
Thanks for reaching out to Microsoft QnA.
To implement your solution in Azure, you need to deploy a DNS forwarder (server) in Azure virtual network, that will forward or query the Azure managed DNS for name resolution.
Also, since you are using a P2S VPN connection, I assume you are using Azure VPN client. I implemented this in my lab.
What I did was, deployed a VPN Gateway in the Vnet, created two subnets in the Vnet, in each subnet deployed one VM.
VM name : VM1-subnet1
Subnet : subnet1

VM name : VM2-subnet2
Subnet : subnet2

Follow the steps mentioned below:

Step 1: Install Azure VPN Client from Microsoft Store.
Step 2: Downloaded the VPN Client present under Point-to-site configuration of the Virtual Network Gateway blade.

Step 3: Open the downloaded VPN client folder, and open the azurevpnconfig_aad.xml file in editor.
Step 4: Install DNS role in any one of the windows server VM (I did on VM1-subnet1), open the DNS Manager, add a Conditional Forwarder. Name it internal.coudapp.net, add IP 168.63.129.16
Step 5: Open azurevpnconfig_aad.xml and add the following

<AzVpnProfile>  
  <clientconfig>  
  
    <dnssuffixes>  
          <dnssuffix>.internal.cloudapp.net</dnssuffix>  
    </dnssuffixes>  
    <dnsservers>   
    <dnsserver>10.1.3.4</dnsserver>   
    </dnsservers>  
      
</clientconfig>  
</AzVpnProfile>  

Step 6: Add your server private IP under <dnsserver> tag
Step 7: Once again open the Azure VPN Client and select Import, then select azurevpnconfig_aad.xml file. The VPN connectivity will get re-established.

Post doing this, open the RDP prompt, and type in the vmname.internal.cloudapp.net , it will resolve to the correct IP, you can even try doing a ping to vmname.internal.cloudapp.net, and you will see the ping timing out, but you will definitely see the DNS resolution happening.

Ping test from my local machine :

------------------------------------

Please don't forget to and if you think the information provided was useful so that it can help others in the community looking for help on similar issues.