Unable to connect (RDP) to VM over VPN gateway transit (Azure)

YoutOkoyo 1 Reputation point
2022-08-25T11:40:58.06+00:00

I'm trying to RDP to an Azure VM, over a transit gateway VPN connection. More information: https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-peering-gateway-transit

My RDP client is not able to connect (ie: it is unreachable)

What I've done:

I've set up two VNets: target-vnet and hub-vnet

I have set up a VNet peering between the two, as detailed in the link.

In the hub-vnet, I've created a Virtual Network Gateway, with P2S. I can connect via the P2S VPN to a VM in the hub-vnet, however, I can't connect to a VM in the target-vnet.

What I've checked:

None of the following address spaces overlap:

target-vnet
hub-vnet
The address space under the 'Point-to-Site Configuration'
The address space in the connecting machine's network
I can RDP to a VM in the hub-vnet from the client (over P2S)

I can RDP from a vm in the hub-vnet to a vm in the target-vnet, and vice versa

In the peering, I've selected 'Use this virtual network's gateway' and 'Use the remote virtual network's gateway' as appropriate, and the Azure portal reports the gateway transit "Enabled" against the VNet peering from the hub-vnet.

I've ensured that the Virtual Network Gateway's clients address range is allowed in the VM's network rules (although I don't believe this is necessary, on top of the standard 'VirtualNetwork' allow rule)

As all of the knowledge bases I've consulted have the same (simple) list of instructions, I'm at a loss as to what's gone wrong.

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,081 questions
Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,368 questions
{count} votes