Access Internet through Azure Point to site VPN

Copper Contributor

I have point to site VPN to Azure working with RADIUS auth and can access resources in the vNet. I would like to be able to route traffic out to the internet over that VPN connection. Can this be done?


If not, how would I replicate this with Azure services without deploying something like a Cisco virtual device?


7 Replies

Not the expert, but i believe what you are looking for is force tunneling.


Don't believe it can be done over a P2S connection though.

Thanks but needs to P2S, site to site is not an option in this case.

I have got a solution by putting RRAS in Azure. MS don't support RRAS in Azure, but it appears to be working at the moment.

Hi Ryan,

I am having the same issue, can you give me guideline how you use RRAS in Azure to allow internet after P2S? What settings did you have to configure? (e.g. routing?)



IIRC I just had to add the internal interface to NAT.

@Ryan Clark would you mind sharing how you did that exactly?

@Ryan Clark the last answer regarding adding an NAT to the Gateway won't help.

As far as I can tell it is not possible to create a VPN connection that will route P2S traffic to the internet without using a VM or VM VPN Solution Marketplace Product.


NAT limitations 
NAT is supported for IPsec/IKE cross-premises connections only. VNet-to-VNet connections or P2S connections aren't supported