Forum Discussion
venu15
Jan 29, 2025Copper Contributor
Azure Virtual Hub to on-prem connectivity
Hi All,
we are seeing some different behavior from Azure environment, we have Virtual WAN and Vhub Setup of centralized network, traffic flow from Azure to on-prem as below -
Azure VM - Virtual Hub- VPN - On-prem router - destination VM.
the actual problem is we are trying to connect port 53,636,389 AD ports to destination server. but could see only port 3389 is getting success response when we do telnet to destination server. All Nsg are in place and internal routing also appears to be correct. when we checked with our internal network team they were saying traffic is not coming from Azure itself as they could only see response for port 3389 for other ports there is no traffic seen. at this point we are unsure where the traffic is blocking even.
On-prem firewall shows all ports to the Azure Ip addrr is allowed. at this point unsure where we can check further on this.
can some one help on this, appreciate for response..
1 Reply
Sort By
Try to locate and fix the problem by below:
- Check Azure Network Security Groups (NSGs): Ensure that the NSGs associated with your Azure VM and Virtual Hub allow traffic on ports 53, 636, and 389. Double-check the inbound and outbound rules to confirm that these ports are not blocked.
- Verify On-Prem Firewall Rules: Confirm that the on-prem firewall rules are correctly configured to allow traffic from the Azure IP address on ports 53, 636, and 389. It's good that you've already checked this, but it's worth another look.
- Inspect VPN Gateway Configuration: Ensure that the VPN gateway is correctly configured to handle the required ports. Sometimes, specific configurations or settings might be needed to allow certain ports.
- Check Routing Tables: Verify that the routing tables in both Azure and your on-prem network are correctly set up to direct traffic to the destination server.
- Enable Diagnostic Logging: Enable diagnostic logging on the VPN gateway and NSGs to capture detailed information about the traffic flow. This can help identify where the traffic might be getting dropped.