question

DylanChrysanthou-4249 avatar image
0 Votes"
DylanChrysanthou-4249 asked DylanChrysanthou-4249 commented

Cannot RDP to Azure VM over point to site VPN

Good Day,

I am hoping some one can assist me. I am having trouble getting RDP access to the private IP of an Azure VM over a point to site connection using a VPN gateway.
Current configuration:

VMNET Address Space: 10.0.0.0/16
VMNET Subnet: 10.0.100.0/24 VM IP 10.0.100.4
Gateway subnet: 10.0.101.0/24

VPN Address Pool: 172.16.1.0/24
I have modified the NSG rules for AllowRDP and allowed 10.0.0.0/16 and 172.16.1.0/24 address ranges. The client connects correctly and gets an IP of 172.16.1.130 and adds routes to 10.0.0.0/16 address space.

Any pointers to assist in resolving this will be appreciated.

azure-vpn-gateway
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AlanKinane avatar image
0 Votes"
AlanKinane answered DylanChrysanthou-4249 commented

Is it blocked in the other direction also? If you have another client machine that you can test the VPN connection with then I'd try that as well. There are some tools in 'Network Watcher' that might help to troubleshoot this such as VPN diagnostics and connection troubleshoot. https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

tThank you Alan for pointing me in the correct direction. I tried from a VM and not on my direct machine and the VPN was infact working 100%. I will deep dive my notebook now to see what is causing the problem.

0 Votes 0 ·
DylanChrysanthou-4249 avatar image
0 Votes"
DylanChrysanthou-4249 answered

Hi Alan,

RDP is allowed from any source on the Windows VM Firewall. I have also added an allow rule for pinging and cannot ping across the VPN either.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AlanKinane avatar image
0 Votes"
AlanKinane answered

Assuming it's a Windows VM, have you checked Windows Firewall allows RDP access? Any anti-virus software installed that could have a software firewall built in?

Usually it's not the NSG as once connected Azure treats the VPN client as part of the same VNET so the VNET Allow All rule will let the traffic through unless you have a deny rule above that.

Check if you can at least ping the VM first (again make sure Windows Firewall allows this).

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.