Route Azure Server internet Traffic via On-Prem connection
Hi
Ive got my Azure Server setup so it can only be accessed from our office so they is no static IP address on the Azure server. We connect to the server in Azure Cloud via our Draytek Vigor 2925N Router which is setup with a VPN into Azure Cloud. We want all internet request from the Azure Server to come back down the VPN and out to the internet via our office connection. Currently they go out via Azure network. I have set the route back into my Draytek router on the Azure side so just need to know what needs setting on the Draytek Router to send the request out to the internet. Currently when I do a tracert to an internet address, it gets back to the draytek router then it gets dropped.
Anyone got this type of config setup already?
Thanks
SycamoreIT
Ive got my Azure Server setup so it can only be accessed from our office so they is no static IP address on the Azure server. We connect to the server in Azure Cloud via our Draytek Vigor 2925N Router which is setup with a VPN into Azure Cloud. We want all internet request from the Azure Server to come back down the VPN and out to the internet via our office connection. Currently they go out via Azure network. I have set the route back into my Draytek router on the Azure side so just need to know what needs setting on the Draytek Router to send the request out to the internet. Currently when I do a tracert to an internet address, it gets back to the draytek router then it gets dropped.
Anyone got this type of config setup already?
Thanks
SycamoreIT
Soulja
If your Draytek has a default route to the internet and a route back to Azure, there shouldn't be anything else you need to do. Is there a firewall on the Draytek that could be dropping the trace route? What happens when you try to access the internet on the Azure server?
Couple of other points to bring up.
1. Your trace is going from Azure, across the VPN into the Draytek and then being sent back out the from the Draytek to the Internet?
2. What IP does your Draytek see the Azure server coming from when it exits the VPN?
1. Your trace is going from Azure, across the VPN into the Draytek and then being sent back out the from the Draytek to the Internet?
2. What IP does your Draytek see the Azure server coming from when it exits the VPN?
ASKER
@N.Spears - when I try and reach a website on the Azure server it just dosent show the page and errors out as if there is no internet.
@altas_shuddered - the draytek see the azure server coming from 10.0.0.4
@altas_shuddered - the draytek see the azure server coming from 10.0.0.4
Okay so to make sure:
- the Azure server is in a Vnet with a default route pointing across the vpn to your Draytek.
- the draytek has a route pointing back to the Azure subnet across the vpn.
- If there is any filtering, the necessary rules are in place to allow the communication
- on the Draytek, if it is NAtting, the nat rule is accounting for the Azure subnet as a source to NAT to the internet?
- the Azure server is in a Vnet with a default route pointing across the vpn to your Draytek.
- the draytek has a route pointing back to the Azure subnet across the vpn.
- If there is any filtering, the necessary rules are in place to allow the communication
- on the Draytek, if it is NAtting, the nat rule is accounting for the Azure subnet as a source to NAT to the internet?
N.S. If I'm reading his notes correctly, he is trying to hairpin the traffic between VPN and the wild.
My understanding is that he wants to use his office internet from the azure server instead of Azure's. Maybe the author can clear up the confusion.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.