Forum Discussion
Route-metrics in Azure P2S VPN
We have the following setup in our environment: Azure VPN Gateway S2S-VPN between gateway and our on-premise datacentre. P2S-VPN between gateway and clients. This P2S VPN is configured with AA...
How about below workarounds:
- Use PowerShell to Set Route Metrics Post-Connect
You can run a script after VPN connection to adjust route metrics manually:
Get-NetRoute -DestinationPrefix "10.0.0.0/24" | Set-NetRoute -RouteMetric 25
- Trigger this via Intune PowerShell script or Scheduled Task
- Ensure it runs after VPN connection is established
- Use Split Tunneling with Forced DNS
- Configure split tunneling to avoid overlapping routes
- Use custom DNS suffixes and DNS servers in the XML to control resolution
- Use Route Precedence via Interface Metric
- Lower the interface metric of the Azure VPN adapter
- Go to Network Connections > Adapter Properties > IPv4 > Advanced > Interface Metric
- Raise Cisco AnyConnect Route Metric
- If you can’t lower Azure’s metric, raise the Cisco route metric to >311
- This ensures Azure routes take precedence