Avatar of CHI-LTD
CHI-LTD
Flag for United Kingdom of Great Britain and Northern Ireland asked on

Azure Virtual Desktop not routing

Hi

I'm having issues routing between Azure Virtual Desktop deployment across VPN to my on premise network.


Current setup:

Azure VPN configured with Cisco ASA Firewall connecting all Subnets into Azure.

Azure Subnet in production 10.0.0.0/24

AVD subnet 10.0.10.0/24

Both subnets exist in same RG and vnet.

On premise subnet is 172.19.0.0/16

There is no firewall or NSG on the AVD deployment, only a newish NAT GW for routing out traffic to the web from 1 IP.

I can route between the subnets within azure as expected.


Any ideas?  ASA ACLs, NATGW issue or??


Thanks



AzureDesktopsVPN

Avatar of undefined
Last Comment
CHI-LTD

8/22/2022 - Mon
Jose Gabriel Ortega Castro

Hello CHI-LTD

I would start by checking the similar configurations on both sides.
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-3rdparty-device-config-cisco-asa

If you are able to do Site to Site VPN between both sides you should be able to ping the AVD from on-prem to Azure.
if you do, and you're trying to do AVD, please check the ports in the Security (NSG) not sure if AVD uses them as regular Virtual machines in azure does.
CHI-LTD

ASKER
Hi Jose

There are no NSGs configured on the VMs directly or within the resource group.

Will pass the MS article onto the network team and post update.

Thanks

ASKER CERTIFIED SOLUTION
CHI-LTD

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Your help has saved me hundreds of hours of internet surfing.
fblack61