Azure Virtual Server cannot Ping Servers Located On-Prem

Hi Everyone!

We have an Azure Virtual Server that is connected to our on-prem LAN via Site to Site VPN.

When I am RDP on the Azure Vitrual Server and try to ping servers located on-prem, I am unable to do so.

Any ideas what I may have missed or what I need to perform to get this work?

Any assistance would be greatly appreciated.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

I believe that ICMP is blocked by default by the Windows firewall on Azure VMs.

Open an elevated command prompt, and issue the following commands:

netsh advfirewall firewall add rule name="ICMPv6" dir=in action=allow enable=yes protocol=icmpv6
netsh advfirewall firewall add rule name="ICMPV4" dir=in action=allow enable=yes protocol=icmpv4
rmessing171ConsultantAuthor Commented:
Thank you for this info asavener, but I am still not able to ping the resource.

Some more info...  I have three resources defined in my ASA for this Azure Cloud.  Two of the resources are located here in Boston, MA and I successful in pinging them.  The third resource is a NFS share located in Europe and that is the resource I am unable to ping.  When I perform a tracert it  seems to leave Azure, but then is has a problem going out and coming back from the resource in Europe.

What are your thoughts?
So the server in Azure cannot ping the NFS server?  How is the traffic directed to the NFS server?  Is it going back out over a VPN, or is it internally routed, or what?
Cloud as a Security Delivery Platform for MSSPs

Every Managed Security Service Provider (MSSP) needs a platform to deliver effective and efficient security-as-a-service to their customers. Scale, elasticity and profitability are a few of the many features that a Cloud platform offers. View our on-demand webinar to learn more!

rmessing171ConsultantAuthor Commented:
That is correct, the server in Azure is unable to ping the NFS Server in Europe.  Internally and via our VPN (when connected via our Cisco VPN client), we are successfully able to ping and tracert to this NFS share.

My apologies to ask, but how I can tell how the traffic is directed to the NFS server, and if it is going back over a VPN?  Is there a tool that will tell me this?
Traceroute will probably tell you a lot.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rmessing171ConsultantAuthor Commented:
I performed a tracert and here is what I am seeing:

On the NFS share IP Address, It performs one hop to and then after 29 hops, it goes to Request timed out.

If I perform a tracert on a resource I am successfully able to ping, it performs on hope to and then after 15 hops showing Request timed out, I get the successful destination.

What are your thoughts?
How is the NFS share connected to the rest of your network?
rmessing171ConsultantAuthor Commented:
This was a routing issue as the resource that we were unable to access was in the Europe.  The router in Europe needed to be updated with the route on how to get to the server in Azure.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.