Share via

Can I create a network in Azure with the same subnet as the onpremise LAN?

Salves 501 Reputation points
2020-08-30T21:32:12.913+00:00

Hi,

I need to create an Express Route to establish communication between my Azure and Datacenter Equinix.

I talked to an Equinix specialist and assured me that I can create a vNet with the same subnet as my LAN network in the onpremise environment.

In conversation with a friend from Azure Microsoft Network he confirmed that this is not possible, as this will cause the so-called overlap.

Does using an Express Route have any benefits for using the same subnet and that is why the Equinix specialist informed me that we can?

Thank you.

Azure ExpressRoute
Azure ExpressRoute
An Azure service that provides private connections between Azure datacenters and infrastructure, either on premises or in a colocation environment.
381 questions
Accepted answer
  1. GitaraniSharma-MSFT 49,651 Reputation points Microsoft Employee
    2020-08-31T03:41:34.853+00:00

    Hello @Salves ,

    You cannot create a virtual network in Azure with the same subnet/address range as your onpremise LAN, if you want to connect your on-premise network to this particular virtual network using VPN or ExpressRoute.
    Please refer : https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview#best-practices

    Creating an Azure Vnet with same address range as your on-premise network and connecting them via ExpressRoute will cause routing problems. Hence when using a virtual network as part of a cross-premises architecture, be sure to coordinate with your on-premises network administrator to carve out an IP address range that you can use specifically for this virtual network. If a duplicate address range exists on both sides of the VPN/ExpressRoute connection, traffic will route in an unexpected way.

    Please refer : https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/enterprise-scale/network-topology-and-connectivity

    Kindly let us know if the above helps or you need further assistance on this issue.

    ----------------------------------------------------------------------------------------------------------------

    Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. karimfahmy 6 Reputation points
    2022-03-02T15:54:19.443+00:00

    I believe yes you can but you need to use the new feature from Azure VPN NAT ,here you go the link :

    https://learn.microsoft.com/en-us/azure/vpn-gateway/nat-howto

    0 comments
  2. Miguel Gonçalves 961 Reputation points
    2022-04-06T12:37:55+00:00

    In many cases its needed configure same network ranges in the both sides (on-premises / azure)
    In many cases its needed configure same network ranges in the both sides (azure / other locations with ipsec s2s tunnel)
    Many times we have Production environments in azure and staging/dev environments on-premises or in another cloud with s2s connections and we need preserve same private ips.

    NAT over connections with Network Gateway: https://learn.microsoft.com/en-us/azure/vpn-gateway/nat-overview
    "NAT is supported on the the following SKUs: VpnGw2~5, VpnGw2AZ~5AZ."
    "NAT is supported on IPsec cross-premises connections only. VNet-to-VNet connections or P2S connections are not supported."

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.