Hello. I’m missing something somewhere. Sorry for the text diagram, I have an image diagram but can’t post an image for whatever reason. Anyway…
VPN clients—VPN GW/Vnet Subnet1—Vnet peer—Vnet Subnet2
VPN clients can communicate with servers in Vnet Subnet1.
Servers in Vnet Subnet 1 can communicate with servers in Vnet Subnet2.
VPN clients cannot communicate with servers in Vnet Subnet2.
I’ve triple checked routes, security groups, tunnel settings, etc. There must be some basic switch I’m overlooking to get this to work.
Take a look at this for reference if you haven’t already… Azure VPN Gateway: About P2S routing - Azure VPN Gateway | Microsoft Learn
I have run into this in the past where access to peered vnets don’t work either because of asymmetric routing or not having the correct routes on the peered vnet subnets.
Would need to know specifics of the config to really be able to help unfortunately.
Edit. You have made sure traffic forwarding is allowed both to/from the vnets?
Did this the other day, didnt work for me until i checked the correct boxes on both peer configs.
Check ‘use this virtual network gateway’ on the peer config on the vnet where the vpn gateway is located.
Check ‘use the remote virtual network gateway’ on the other vnets peer config.
Also make sure the other options are on default.
- make sure your routes are correct on the onprem gateway
msdocs
Thank you! That reference didn’t have the answer but it lead me down a path that did. Per this article, I did not have the correct virtual network gateway settings.
https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-peering-gateway-transit
Thank you again!
This is the right answer but I didn’t see your reply as I had not refreshed my browser window after viewing the other reply. Thank you too!