question

BenLevy-4415 avatar image
0 Votes"
BenLevy-4415 asked BenLevy-4415 answered

Azure P2S RDP over VPN

I have followed and set up the MS documentation for creating a P2S VPN. All is well except for I can not RDP to the VM.

I suspect this has something to do with the NSG and/or subnet.

I can see the internal IP's and VM names with PS > Get-AzNetworkInterface

TestVM: 10.0.1.4,Dynamic
database: 10.0.0.4,Dynamic
web1: 10.0.0.5,Dynamic

ipconfig /all gives me this:

PPP adapter RemoteVNet:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : RemoteVNet
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.5.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled

NOTE: the IP is in the expected range.

route PRINT gives this:

===========================================================================
Interface List
21...2c 4d 54 55 48 9d ......Realtek PCIe GBE Family Controller
38...........................RemoteVNet
7...00 ff 24 9d d2 74 ......TAP-Windows Adapter V9
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table


Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.73 25
10.1.0.0 255.255.0.0 On-link 192.168.5.2 43
10.1.255.255 255.255.255.255 On-link 192.168.5.2 281
20.98.103.84 255.255.255.255 192.168.1.254 192.168.1.73 26
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.1.0 255.255.255.0 On-link 192.168.1.73 281
192.168.1.73 255.255.255.255 On-link 192.168.1.73 281
192.168.1.255 255.255.255.255 On-link 192.168.1.73 281
192.168.5.0 255.255.255.0 On-link 192.168.5.2 43
192.168.5.2 255.255.255.255 On-link 192.168.5.2 281
192.168.5.255 255.255.255.255 On-link 192.168.5.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.1.73 281
224.0.0.0 240.0.0.0 On-link 192.168.5.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.1.73 281
255.255.255.255 255.255.255.255 On-link 192.168.5.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table


Active Routes:
If Metric Network Destination Gateway
21 281 ::/0 fe80::7add:12ff:feef:4d28
1 331 ::1/128 On-link
21 41 2001:569:fd0c:3500::/56 fe80::7add:12ff:feef:4d28
21 281 2001:569:fd0c:3500::/64 On-link
21 281 2001:569:fd0c:3500:717e:8e55:c07a:f29/128
On-link
21 281 2001:569:fd0c:3500:c125:a97f:b341:15d7/128
On-link
21 281 fe80::/64 On-link
21 281 fe80::717e:8e55:c07a:f29/128
On-link
1 331 ff00::/8 On-link
21 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None



However, I can not RDP to any on my VM's.

What should I look at.

All the VM's were created before the VPN stuff.

remote-desktop-servicesazure-vpn-gateway
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@BenLevy-4415 What network are you you trying to reach? Is it the 10.0.0.0/16 network? The route table only shows routes for 10.1.0.0/16 network.

0 Votes 0 ·
BenLevy-4415 avatar image
0 Votes"
BenLevy-4415 answered AndreasBaumgarten edited

@AndreasBaumgarten

When the source is "Any". The RDP works fine, but I am pretty sure it is just going over my normal internet connection then.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@BenLevy-4415 ,

the routing from your client to the Azure VM doesn't change if you modify the NSG Security Rule.
Which IP/computer name are you using to connect to the VM via RDP?

Could you please check if you are connected via RDP to the VM which IP is connected ( netstat on the VM)?

Maybe the IP the client is using to connect via RDP isn't a 192.156.5.x IP.


(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Andreas Baumgarten

0 Votes 0 ·
LeilaKong-MSFT avatar image
0 Votes"
LeilaKong-MSFT answered

Hello @BenLevy-4415 ,

How are things going there on this issue?
Please let me know if you would like further assistance.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

BenLevy-4415 avatar image
0 Votes"
BenLevy-4415 answered

This has been resolved!

For anyone else who is having issues and reading this.

As mentioned by @SaiKishor-MSFT, the problem was that the VNet form my servers etc. was different then my VNet for my VPN Gateway.

My environment was all set up and then was adding the VPN. I followed the MS documentation. Everything looked correct, but it did not work. Was very hard to figure out what was going on.

After Sai described what was wrong, got it all sorted out.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.