Hello again,
I made a similar post some time ago. Since then tunnel was not needed and was removed.
Now tunnel is up and running, however the traffic goes only in one direction - from Azure to onpremise, but no vice-versa.
Cloud VMs has ICMP enabled on firewall and Network Security Group.
Without any Mikrotik Firewall rules Azure VMs already able to access the Onprem.
To enable Onprem connectivity to Azure I used rule:
/ip firewall nat add action=accept chain=srcnat comment="Azure" dst-address=\azure-subnet/16 src-address=onprem-subnet/24
However that does not help. I checked logs, nothing is being blocked. Is there any additional Filter/NAT rules that im missing?
What could be the issue?
Ps. In azure the local network address space has a mask of 16, the address range 24. When configuring Mikrotik I used mask 16 where Azure local IP was needed.