Site to site with Azure VPN
I followed this article https://www.sonicwall.com/support/knowledge-base/how-can-i-configure-a-vpn-between-a-sonicwall-firewall-and-microsoft-azure/170505320011694/
and everything works great TO azure from on-prem, however not in reverse. I opened a ticket with MS and they see no issues with the azure config and traffic. It was almost as if the traffic coming from azure was being dropped when azure initiates, like the sonicwall did not route the traffic from azure correctly.
so when traffic comes in over that vpn from an azure lan like 10.0.0.0/24 i cannot say ping or rdp or http to an on-prem system in the 192.168.168.0/24 lan, but I sure can up to azure.
NOTE I do NOT have the extended license so BGP is not an option, just simple routing.
ideas?
Best Answer
-
Saravanan Moderator
Hi @RICHARDROY,
Thank you for visiting SonicWall Community.
As per your report, it seems like the traffic from Azure to SonicWall is not happening. Please ensure you have VPN to LAN or Appropriate Zone rule allowed on the SonicWall.
Also, the best way to diagnose this issue is to perform a packet capture on the SonicWall when the traffic is sent from the Azure side to see if the SonicWall drops the traffic.
Please follow the steps listed in the below generalized KB article to isolate the issue and find out the root cause. Though the title says Site to Site VPN, the same steps are still applicable for Tunnel Interface VPN because of same troubleshooting.
Hope this helps.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
1