Share via

Azure Network Connectivity Issue between vWAN and VPN Gateway

SID 20 Reputation points
2025-01-10T19:40:05.2133333+00:00

Good day, Azure community

I’m facing network connectivity issue with my current setup, I can’t ping between two Azure VMs (native vm) the network setup as following:

  •  2x VMs each VM on different vNet, (vNet1=10.194.0.0/24) & (vNet2=10.1.0.0/24)
  • Both vNet1 and 2 are peering with the Azure VPN gateway.
  • The third VM is connected to the third vNet (vNet3=10.192.0.0/24). vNet3 is peering with the vWAN hub. The vWAN is configured with 2xIPsec toward the VPN gateway, and BGP is enabled to exchange routing between the two networks.

The network topology looks like:

VM1(10.194.0.4) ----nic----vNet1----peering ----Azure VPN gateway ----2x IPsec (2x pub IP) ----(BGP) ---- 2x IPsec (2x pub IP) ----Azure vWAN ----peering vNet 3 ----nic ----VM3 (10.192.0.4)  

Highlighted Notes:

  • All the above setups are deployed on the same region/subscription.
  • VM1 and VM2 can ping each other.
  • IPsec are up and running.
  • BGP are able to exchange routing from both side I can see learned routes on each side.
  • I checked the network watcher | Connection troubleshooting I got this message (Connectivity test Unreachable Probes sent: 10, probes failed: 10 )

Thanks in advance.

Azure Virtual WAN
Azure Virtual WAN
An Azure virtual networking service that provides optimized and automated branch-to-branch connectivity.
239 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,602 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Rohith Vinnakota 2,090 Reputation points Microsoft Vendor
    2025-01-13T08:24:41.8866667+00:00

    Hi @SID
    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    I have set up the lab on my end and successfully pinged VM1 in VNet1 and VM3 in VNet3.

    I followed these steps as per Microsoft documentation:

    1. Configure VPN Gateway virtual network gateway.
    2. Create Virtual WAN VPN sites.
    3. Connect sites to the virtual hub.
    4. Create the local network gateways.
    5. In the local network gateway create connections.

    Refer this Microsoft Doc: https://learn.microsoft.com/en-us/azure/virtual-wan/connect-virtual-network-gateway-vwan.

    And

    • Can also check you configured the correct BGP peer IP address and ASN.
    • Check the connectivity status of the VPN site is connected or not.

    User's image

    This my topology. User's image

    If above is unclear and/or you are unsure about something add a comment below.

    Hope this helps! Please let me know if you have any additional questions. Thank you!

    Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

    Regards,

    Rohith

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.