SOLVED

vnet peering working only in one direction

%3CLINGO-SUB%20id%3D%22lingo-sub-1610196%22%20slang%3D%22en-US%22%3Evnet%20peering%20working%20only%20in%20one%20direction%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1610196%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20all%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20two%20subscriptions.%20SubA%20and%20SubB.%20i%20have%20a%20virtual%20network%20vNetA%20in%20SubA%20and%20a%20virtual%20network%20vNetB%20in%20SubB.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ei%20have%20created%20vnet%20peering%20between%20vNetA%20and%20vNetB.%20i%20can%20successfully%20ping%20a%20VM%20in%20vNetA%20from%20a%20VM%20in%20vNetB%20but%20not%20the%20other%20way%20around.%3C%2FP%3E%3CP%3EAlso%2C%20the%20VM%20in%20vNetB%20from%20which%20i%20can%20successfully%20ping%20a%20VM%20in%20vNetA%2C%20i%20cannot%20domain%20join%20that%20VM%20to%20a%20DC%20which%20is%20running%20in%20vNetA.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20ideas%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20in%20advance.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1610983%22%20slang%3D%22en-US%22%3ERe%3A%20vnet%20peering%20working%20only%20in%20one%20direction%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1610983%22%20slang%3D%22en-US%22%3E%3CP%3EHave%20you%20also%20created%20and%20configured%20the%20NSG%20(Network%20Security%20Group)%3F%20Have%20you%20also%20adjusted%20the%20Windows%20Firewall%20so%20that%20ICMP%20is%20not%20blocked%3F%20Hope%20it%20helps%3F%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F318231%22%20target%3D%22_blank%22%3E%40ShehzadUIT%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1612199%22%20slang%3D%22en-US%22%3ERe%3A%20vnet%20peering%20working%20only%20in%20one%20direction%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1612199%22%20slang%3D%22en-US%22%3E%3CP%3Echeck%20the%20windows%20firewall%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F318231%22%20target%3D%22_blank%22%3E%40ShehzadUIT%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1612497%22%20slang%3D%22en-US%22%3ERe%3A%20vnet%20peering%20working%20only%20in%20one%20direction%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1612497%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F593067%22%20target%3D%22_blank%22%3E%40TomWechsler%3C%2FA%3E%26nbsp%3Band%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F771097%22%20target%3D%22_blank%22%3E%40kailashmishra%3C%2FA%3E%26nbsp%3B....thanks%20gents%20for%20pointing%20me%20in%20the%20right%20direction.%3C%2FP%3E%3CP%3Ecreating%20an%20inbound%20rule%20for%20icmpv4%20in%20the%20windows%20firewall%20did%20the%20trick.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAlso%2C%20for%20completion%2C%20the%20VM%20in%20vNetB%20when%20i%20tried%20adding%20it%20to%20the%20domain%2C%20it%20would%20fail.%20the%20error%20was%20that%20it%20couldn't%20find%20the%20DNS%20server.%3C%2FP%3E%3CP%3ETo%20resolve%20that%2C%20i%20had%20to%20add%20the%20DNS%20server%20which%20is%20hosted%20in%20vNetA%20as%20a%20custom%20DNS%20server%20in%20vNetB.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Contributor

Hi all,

 

I have two subscriptions. SubA and SubB. i have a virtual network vNetA in SubA and a virtual network vNetB in SubB.

 

i have created vnet peering between vNetA and vNetB. i can successfully ping a VM in vNetA from a VM in vNetB but not the other way around.

Also, the VM in vNetB from which i can successfully ping a VM in vNetA, i cannot domain join that VM to a DC which is running in vNetA.

 

Any ideas?

 

Thanks in advance.

3 Replies
best response confirmed by ShehzadUIT (Contributor)
Solution

Have you also created and configured the NSG (Network Security Group)? Have you also adjusted the Windows Firewall so that ICMP is not blocked? Hope it helps? @ShehzadUIT 

check the windows firewall @ShehzadUIT 

@TomWechsler and @kailashmishra ....thanks gents for pointing me in the right direction.

creating an inbound rule for icmpv4 in the windows firewall did the trick.

 

Also, for completion, the VM in vNetB when i tried adding it to the domain, it would fail. the error was that it couldn't find the DNS server.

To resolve that, i had to add the DNS server which is hosted in vNetA as a custom DNS server in vNetB.