locked
Routing for additional local Subnets not working RRS feed

  • Question

  • Hello everybody,

    We have a VPN tunnel to the old Azure environment and one to the new Azure RM. We added a new local subnet on both environments. On the old one it works properly. On the new one not! The old one is using static routing the new one dynamic routing. If I login to the server on Azure RM, I can ping a workstation in the new local subnet. If I login to the workstation in the new local subnet, I cannot ping the server on Azure RM but it works properly with all other local subnets. It seems to be an issue on the Azure site, because our firewall is routing the request correctly to the VPN tunnel but hasn't gotten an answer from the server so far.

    Any idea what the problem could be?

    Thanks,

    Manfred

     

    Wednesday, March 23, 2016 7:49 AM

Answers

  • Hello Dipin,

    We have solved the problem. The firewall had some troubles to handling more than one tunnel to Azure. After we disabled the tunnels to the old Azure environment, the tunnel to Azure RM was working with all subnets. We enabled the other tunnels again and everything seems to work.

    Thanks a lot for your support,

    Manfred

    Wednesday, March 30, 2016 8:17 AM

All replies

  • Hello Manfred,

    Thank you for contacting us. It seems like you have communication from Azure to onprem and not from onprem to Azure. Is that correct?

    If that is the case you need to check the routing on the onprem and confirm you have defined the Azure subnets on the new Local site that you have added.

    Please let me know if you have any queries.

    Regards,

    Dipin Mathew.

    Wednesday, March 23, 2016 7:16 PM
  • Hello Dipin,

    Thanks for your reply. That's correct. The routing onprem should be correct, because we can see in the firewall's log that the request is sending to the VPN tunnel. But the request hasn't gotten an answer from the server on the azure site. Is there something else which could block the communication except the firewall? We have temporally disabled the firewall. We have a lot of subnets onprem, which work properly. It is only the new added one which causes the problem. Could it be that the new subnet is not correctly entered in the routing table on the azure site? Is there a possibilty to list the entries of the routing table?

    Thanks,

    Manfred

    Thursday, March 24, 2016 7:32 AM
  • Hello Manfred,

    Do you have any NSG(Network security group) configured for the subnet where the New VM belongs to. If yes, please allow all the connections to be accepted from both ways ie for incoming and outgoing.

    Disable Windows firewall on the source and destination machines and check again.

    Regards,

    Dipin Mathew.

    Sunday, March 27, 2016 6:41 PM
  • Hello Dipin,

    We have solved the problem. The firewall had some troubles to handling more than one tunnel to Azure. After we disabled the tunnels to the old Azure environment, the tunnel to Azure RM was working with all subnets. We enabled the other tunnels again and everything seems to work.

    Thanks a lot for your support,

    Manfred

    Wednesday, March 30, 2016 8:17 AM