Access Internet through Azure Point to site VPN

Copper Contributor

I have point to site VPN to Azure working with RADIUS auth and can access resources in the vNet. I would like to be able to route traffic out to the internet over that VPN connection. Can this be done?

 

If not, how would I replicate this with Azure services without deploying something like a Cisco virtual device?

thanks

7 Replies

Not the expert, but i believe what you are looking for is force tunneling.

 

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-forced-tunneling-rm

 

Don't believe it can be done over a P2S connection though.

Thanks but needs to P2S, site to site is not an option in this case.

I have got a solution by putting RRAS in Azure. MS don't support RRAS in Azure, but it appears to be working at the moment.

Hi Ryan,

I am having the same issue, can you give me guideline how you use RRAS in Azure to allow internet after P2S? What settings did you have to configure? (e.g. routing?)

Thanks,

Danny

IIRC I just had to add the internal interface to NAT.

@Ryan Clark would you mind sharing how you did that exactly?

@Ryan Clark the last answer regarding adding an NAT to the Gateway won't help.

As far as I can tell it is not possible to create a VPN connection that will route P2S traffic to the internet without using a VM or VM VPN Solution Marketplace Product.

 

NAT limitations 
NAT is supported for IPsec/IKE cross-premises connections only. VNet-to-VNet connections or P2S connections aren't supported