Azure VPN - one one comms



  • Hi

    I have successfully set up a VPN connection between my pfsense firewall and an Azure 2012 Server. I can see the server from within my network (ping, view shared folders etc) but I am unable to see my network from the Server.

    The network setup is as follows:

    Office network - 192.168.0.0/24
    Azure network  - 10.0.0.0/24 (IP range 10.0.0.4 - 10.0.0.254)
    Azure Subnet 10.0.0.0/27 (IP range 10.0.0.4 - 10.0.0.30)
    Gateway 10.0.0.32/29 (IP range 10.0.0.36 - 10.0.0.38)

    The Azure server has a DHCP address of 10.0.0.4 and a gateway of 10.0.0.1. I don't understand why a gateway of 10.0.0.1. Based on my network config above, I would have expected the gateway to be 10.0.0.36 or higher.

    I can't ping 10.0.0.1 but can ping 10.0.0.36 from both networks. I have tried changing the Server's default gateway to 10.0.0.36 without any luck. I have disabled the firewall on the Server and created a firewall IPsec rule on the pfsense box to allow all TCP/UDP traffic from everywhere on all port. Still no luck

    Anyone know what may be wrong?

    Thanks
    O.



  • @ocset:

    Hi

    I have successfully set up a VPN connection between my pfsense firewall and an Azure 2012 Server. I can see the server from within my network (ping, view shared folders etc) but I am unable to see my network from the Server.

    The network setup is as follows:

    Office network - 192.168.0.0/24
    Azure network  - 10.0.0.0/24 (IP range 10.0.0.4 - 10.0.0.254)
    Azure Subnet 10.0.0.0/27 (IP range 10.0.0.4 - 10.0.0.30)
    Gateway 10.0.0.32/29 (IP range 10.0.0.36 - 10.0.0.38)

    The Azure server has a DHCP address of 10.0.0.4 and a gateway of 10.0.0.1. I don't understand why a gateway of 10.0.0.1. Based on my network config above, I would have expected the gateway to be 10.0.0.36 or higher.

    I can't ping 10.0.0.1 but can ping 10.0.0.36 from both networks. I have tried changing the Server's default gateway to 10.0.0.36 without any luck. I have disabled the firewall on the Server and created a firewall IPsec rule on the pfsense box to allow all TCP/UDP traffic from everywhere on all port. Still no luck

    Anyone know what may be wrong?

    Thanks
    O.

    Try setting your firewall rule to be for protocol "any" instead of TCP or UDP. That way pings can get through (they use ICMP). Also, does your LAN have a firewall rule allowing inbound traffic?


Log in to reply