Community discussions

MUM Europe 2020
 
janis
just joined
Topic Author
Posts: 7
Joined: Wed Oct 02, 2019 5:21 pm
Location: Riga, Latvia

Azure VPN works in only in one way. Cannot access cloud VMs from Onprem

Thu Feb 13, 2020 5:10 pm

Hello again,

I made a similar post some time ago. Since then tunnel was not needed and was removed.
Now tunnel is up and running, however the traffic goes only in one direction - from Azure to onpremise, but no vice-versa.

Cloud VMs has ICMP enabled on firewall and Network Security Group.
Without any Mikrotik Firewall rules Azure VMs already able to access the Onprem.

To enable Onprem connectivity to Azure I used rule:
/ip firewall nat add action=accept chain=srcnat comment="Azure" dst-address=\azure-subnet/16 src-address=onprem-subnet/24
However that does not help. I checked logs, nothing is being blocked. Is there any additional Filter/NAT rules that im missing?
What could be the issue?

Ps. In azure the local network address space has a mask of 16, the address range 24. When configuring Mikrotik I used mask 16 where Azure local IP was needed.
 
janis
just joined
Topic Author
Posts: 7
Joined: Wed Oct 02, 2019 5:21 pm
Location: Riga, Latvia

Re: Azure VPN works in only in one way. Cannot access cloud VMs from Onprem  [SOLVED]

Fri Feb 14, 2020 10:01 am

Found a fix. Turns out that the default NAT masquerade rules were messing up the connection. After moving the Azure nat rule higher than masquerade the traffic started to work both directions.

Who is online

Users browsing this forum: bastys, korsar182, llubik, McSee, MSN [Bot] and 114 guests