So I think this question has been asked before but I want to make sure I understand the answer. I have an Azure VNET with a Virtual Network Gateway. This VNG is configured with a S2S VPN to on-prem and P2S VPN for external Win10 clients. The Win10 VPN clients can connect over P2S to Azure and connect with Azure resources but cannot connect with the on-prem resources using the S2S. From what I'm reading is that the S2S VPN and the on-prem firewall need to be configured to use BGP but I'm not sure why using static routes will not work. Am I correct in this and why is this the case. My research lead me to the following but this shows multiple S2S VPNs and I'm not sure if this matches my situation https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-point-to-site-routing#multivnets2sbranchbgp
Additionally, we are waiting for ExpressRoute to be configured. When this is fully provisioned will this work between the P2S clients and on-prem resources or will special configurations need to be made.