question

eg1995-5273 avatar image
0 Votes"
eg1995-5273 asked Dev073 commented

gateway transit and remote gateways in azure

dears,

a site to site vpn connection has been made between on premises and one azure vnet vnet1.
and from vnet1 i have a peering connection onto a new azure vnet vnet2.

if i want to achieve communication between on premises to vnet 2 and vice versa, i saw that i can enable gateway transit and remote gateways.
my question would be this is will be enough to achieve my goal? or do i have to create an nva in my vnet1?? or i can use the on prem vpn gateway to create the routes??

can u advise on that point please

thank you

azure-virtual-networkazure-vpn-gatewayazure-firewall
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SaiKishor-MSFT avatar image
0 Votes"
SaiKishor-MSFT answered SaiKishor-MSFT edited

@eg1995-5273 Thank you for reaching out to Microsoft Q&A. I understand that you want to setup connectivity between your on-premise and your secondary vnet-2. Since you already have a connection from vnet-1 to your on-premise, you will be able to utilize this connection and setup connectivity between vnet-2 and on-premise via Gateway Transit as you mentioned (Vnet-1 will act as Hub and Vnet-2 will be the Spoke). You do not need any additional connections or setup for this.

Here are more details Gateway Transit given in this document- Configure VPN gateway transit for virtual network peering Hope this helps.

Please let us know if you have any further questions and we will be glad to assist you further. Thank you!

Remember:

Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.

Want a reminder to come back and check responses? Here is how to subscribe to a notification.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

eg1995-5273 avatar image
0 Votes"
eg1995-5273 answered Dev073 commented

yes i have already checked the documentation. I am just having some doubts because if someone from on premises connects to vnet 2, how would the vpn gateway knows to route the connection to vnet 2 instead of vnet 1 if there are no routes created?

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,

Routes to the gateway-connected virtual networks or on-premises networks will propagate to the routing tables for the peered virtual networks using gateway transit automatically by default.

RouteTables are needed to manually (via static routes) direct traffic to Azure Firewall or an NVA or for any customisation on the traffic control topology.

0 Votes 0 ·