On premise devices failed to communicate to Azure AD Domain Service via VNET Peering

Question

question

baresi asked · Jun 15, 2020 at 08:48 AM

On premise devices failed to communicate to Azure AD Domain Service via VNET Peering

Hi all,

I would like to know if this scenario below works in Azure.

I have two VNETs in two regions (A and B) and both VNETs have VPN Gateway deployed and connecting to on-premise network via IPSec.

Recently, I deployed Azure AD Domain Service in the existing VNET A. Peering between the two VNETs is enabled. I want all the on-premise devices connected via IPSec from the VNETs can communicate to the domain controllers in VNET A and work with Azure AD Domain Service.

I found that the on-premise devices connected to the VNET in A are working fine with Azure AD Domain Service but the on-premise devices connected to the VNET in B failed to reach to the Azure AD Domain Service's domain controller even do ping test to IP address of the domain controller.

Thanks in advance.

Regards,
Gary

azure-virtual-network

10 |1000 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 1 · 2020-06-20T21:38:41.617Z

msrini-MSFT answered · Jun 20, 2020 at 09:38 PM

Hi,

This setup will not work. VNET A and VNET B are just connected via peering and they will be able to communicate with each other. But On-prem devices which are connected to VNET A will not be able to speak to VNET B machines and On-Prem devices which are connected to VNET B will not be able to connect to VNET A.

If you want to resolve this issue, create a mesh topology by connecting ALL On-premises to both Gateways.

Regards,
Msrini

· Share

10 |1000 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

question