4

I am trying for hour now to communicate between two computer.

  1. Local PC
  2. AzureVM

They are both connected via Point-2-Site VPN. The VPN itself works like a charme and isn´t hard to handle. But I don´t get the communication to work.

The local computer get´s IPs from the range 192.168.10.0/24 (client address pool). The server has the IP 10.0.1.4. Usually I would set up a router or a second NIC on the server to get this to work. But obviously I am to dump to get this to work on Azure.

No ping, nothing.

I already tried this script: Routing in Azure between point-to-site and site-to-site networks

Unfortunately it doesn´t helped me out. Is there anybody out there who can lead me the way to knowledge ?

Thanks for any reply!

Felix Zeidler
  • 43
  • 2

1 Answers1

0

Do you ensure VPN connection has been established? You could check as the following screenshot.

enter image description here

No ping, nothing.

By default, Windows Firewall blocks ICMP package. So, you could not ping Azure VM. If possible, you could disable Windows Firewall and try again.

More information about configure a Point-to-Site connection to a VNet using the Azure portal please refer to this link.

Also, you could follow this link to verify your connection.

Update from discuss:

ICMP could block by firewall policy, such as local network policy, Azure NSG. You had better use other way to check VPN connection, such as RDP.

Shui shengbao
  • 3,503
  • 1
  • 10
  • 20
  • Yes I already deaktivated the firewall on both sites. The VPN ist correctly configured and connected. I also can see my IP in the Azure management portal. First I ran a manually config via PointAndClick adventure using your first link. After a few hours of trying to get this to work I found the script and used it. But still no luck. Any other ideas? – Felix Zeidler Feb 20 '17 at 08:44
  • @FelixZeidler Do you ping with private IP? You could not ping public IP. The ICPM packages are blocked by Azure. – Shui shengbao Feb 20 '17 at 08:45
  • I`ve checked your second link and yes, everything looks fine. Yes I pinged the 10.0.1.4. Just to get you: Why should I try to ping the PublicIP. If I want to access my VM via public connection what for do I need the P2S VPN? – Felix Zeidler Feb 20 '17 at 09:02
  • @FelixZeidler Sorry for my mistake, yes, you are right. According to your desciption, everything seems fine. If possible, you could check VPN gateway log. You could refer to this [link](https://blogs.technet.microsoft.com/keithmayer/2016/10/12/step-by-step-capturing-azure-resource-manager-arm-vnet-gateway-diagnostic-logs/) to check VPN logs. Help this help. – Shui shengbao Feb 20 '17 at 09:06
  • @FelixZeidler Do you try login Azure VM from your local PC? In other words, test the connection of port 3389. Now, you open port 3389 on Azure NSG. NSG could block ICMP package. – Shui shengbao Feb 20 '17 at 09:09
  • The port 3389 is allowed due to the RDP connection. I will try to check the logs. Is it possible that I need a kind of another (default)gateway or DNS server to get this to work? – Felix Zeidler Feb 20 '17 at 09:18
  • Let us [continue this discussion in chat](http://chat.stackexchange.com/rooms/53927/discussion-between-walter-msft-and-felix-zeidler). – Shui shengbao Feb 20 '17 at 09:18