@Ritesh Agrahari Thank you for your question. I suspect the routing here. I believe you have a Site-to-Site VPN connection, make sure on your on-premises (other side where you are connecting to Azure) VPN appliance, you have added the address space of the Spoke VNET so that you have that route as well. You probably only have the address space of the Hub VNET but not the Spoke. Please add the Spoke address space on your VPN appliance.
Unable to use the virutal network gateway from peered VNET via transit gateway
We have hub-spoke VNet connection, and both are peered where transit gateway is enabled both side. On hub we have Virtual network gateway and on spoke we have a VM which tries to connect to an instance outside Azure. Tested the connectivity with this instance from Hub Vnet/Subnet works fine. But from spoke Vnet/Subnet it fails to connect. Although from Spoke i could connect successfully to Hub Vnet/Subnet Virtual machine via peering connection.
I suspect these is something with NSG or Route Table. Please help/advice.
Appreciate quick response.
3 answers
Sort by: Most helpful
-
Tchimwa Sougang 941 Reputation points Microsoft Employee
2022-07-08T14:14:56.363+00:00 -
Rishabh mishra 156 Reputation points
2022-07-18T12:09:28.413+00:00 @Ritesh Agrahari Hi Ritesh, I think this may be due to route table. Since you mentioned hub spoke can u please check if peering is enabled and also you if try traceroute see where packet getting dropped.
-
Harshvir Bhati 26 Reputation points
2022-12-14T17:48:52.437+00:00 Hello,
I have a similar issue. I can able to ping On-prem from the hub and hub to spoke. But when I am trying to Spoke to On-prem, I cannot ping. I have allowed RDP and ICMP traffic in both Inbound and Outbound in NSG and VM. The GW transit on the Hub network is enabled but disabled on the Spoke network.
Any suggestions?