0

Actually I have different Group resources using two subscriptions, but I need to enable access using IPsec VPN Gateway to all of them. I checked to use peering, but I see how if Group resource is in other subscription azure cli can't see them.

How can I mount a connection? I understand that you only can use one subscription to all the infrastructure to activate internal routing? All is in the same region.

Thanks

deconya
  • 135
  • 2
  • 8

1 Answers1

1

According to your description, you have two Vnets in two subscription. If you enable Peering, the two Vnet could communication. But VNet peering is between two virtual networks, and there is no derived transitive relationship.

It seems that you have a Site-to-Site VPN from a local to one Vnet, it only works in the VNet, you could not communication to another VNet. You need create a new Site-to-Site VPN connection.

Shui shengbao
  • 3,503
  • 1
  • 10
  • 20
  • If you don't want to create VPN gateway and create a new site-to-site VPN connection. Maybe you could create a VM in the VNet and create use RRAS to create a site-to-site VPN. But it needs your VM always running. – Shui shengbao Jul 21 '17 at 08:15
  • Yes, I was checking docs (https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-vnet-vnet-cli) where appears different environments and confirm that I need a site-to-site connection If I would like to use my schema. It's a surprise to need a VPN to connect two resources from same cloud in same region simply because there are in two group resources. I imagine in the future will change, because Im not the first to ask – deconya Jul 21 '17 at 08:21