Remove From My Forums

Azure to OnPrem Routing Issue

Question
0

Sign in to vote

Hello!

Im having an issue with routing from Azure to OnPrem. When I do a telnet test from an azure VM to a server OnPren it fails.

telnet 10.14.1.5 9876

I have 10.14.0.0/16 in the local networks and Security allowed it through the firewall. Security however doesn't see anything coming from Azure trying to hit the firewall wen we attempt the telnet test. Is there anything on the azure side of things that can be done or fixed?

Any help would be appreciated.

Thank you!

Wednesday, July 8, 2015 6:40 PM

Answers

0

Sign in to vote
Greetings!

Check with disabling Windows Firewall on both the Azure VM and on-prem computer.

You may need to look at Azure Gateway will show Quick Mode (QM) establishment for 10.14.0.0/16 (this action will confirm if this issue is tunnel based).

Once we confirmed that QM is active, you're requested to run simultaneous NetMon traces between the Azure VM and on-prem computer to see if the telnet traffic indeed reaches the on-prem computer (this will confirm if there is a network device in path which is dropping / filtering packets).

For further assistance with diagnosing the trace or for deep-dive troubleshooting, you may engage with a Technical Support Ticket.

Hope this helps!

Arvind
- Proposed as answer by Arvind S. Iyer Thursday, July 16, 2015 6:58 PM
- Marked as answer by Syed Irfan Hussain Tuesday, July 21, 2015 3:37 AM
Thursday, July 16, 2015 6:58 PM

All replies

0

Sign in to vote
Hi Doug,

For one you could check if your VNET has an NSG configured or if some ACL is blocking outgoing traffic from Azure.
You could use the following PowerShell cmdlet to get the details of a NSG along with the rules:

Get-AzureNetworkSecurityGroup -Name "MyVNetSG" -Detailed

Also, you could check the VPN logs to check if there is any data packet loss and where it originates.
http://blogs.technet.com/b/keithmayer/archive/2014/12/18/diagnose-azure-virtual-network-vpn-connectivity-issues-with-powershell.aspx might be helpful.

What VPN device do you use to establish the setting?

Regards,
Malar.
- Edited by Nagamalar Nagarajan Thursday, July 9, 2015 5:29 AM
Thursday, July 9, 2015 5:12 AM
0

Sign in to vote

I did a tracert and it is dying at the azure gateway. I don't have any NSG's setup.

Our VPN device is a Checkpoint device.

Thursday, July 9, 2015 5:24 PM
0

Sign in to vote

Hi Doug,

Would you be able to share the tracert output and logs from your VPN device and azure?
Would be helpful in isolating the issue further and troubleshoot it.

Regards,
Malar.

Friday, July 10, 2015 6:10 AM
0

Sign in to vote

From the VM in Azure the tracert dies at the VM. I don't have access to the VPN device to get logs.

Friday, July 10, 2015 1:07 PM
0

Sign in to vote
Greetings!

Check with disabling Windows Firewall on both the Azure VM and on-prem computer.

You may need to look at Azure Gateway will show Quick Mode (QM) establishment for 10.14.0.0/16 (this action will confirm if this issue is tunnel based).

Once we confirmed that QM is active, you're requested to run simultaneous NetMon traces between the Azure VM and on-prem computer to see if the telnet traffic indeed reaches the on-prem computer (this will confirm if there is a network device in path which is dropping / filtering packets).

For further assistance with diagnosing the trace or for deep-dive troubleshooting, you may engage with a Technical Support Ticket.

Hope this helps!

Arvind
- Proposed as answer by Arvind S. Iyer Thursday, July 16, 2015 6:58 PM
- Marked as answer by Syed Irfan Hussain Tuesday, July 21, 2015 3:37 AM
Thursday, July 16, 2015 6:58 PM

Answered by:

Azure to OnPrem Routing Issue

Question

Answers

All replies