question

EvanKaye-8656 avatar image
0 Votes"
EvanKaye-8656 asked ndresang commented

Does Azure point-to-site VPN support forced tunneling?

We want to allow our users to VPN into an Azure network and route all Internet traffic over that VPN, for privacy reasons. Is this something Azure VPN supports?

azure-virtual-networkazure-vpn-gateway
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

TravisCragg-MSFT avatar image
1 Vote"
TravisCragg-MSFT answered ndresang commented

This is not supported for P2S Connections. Internet traffic will be dropped by the VPN Gateway. You can read more about P2S Routing in Azure Here.

If you would like us to add this functionality in the future, please vote for this existing issue here at Azure Networking's feedback.azure.com page.




· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I know this is an old question, but I found this response before I found this other response. So for anyone who might stumble here, there is a method to support forced-tunneling. Please visit here: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-p2s-advertise-custom-routes

0 Votes 0 ·
AndreasBaumgarten avatar image
0 Votes"
AndreasBaumgarten answered AndreasBaumgarten commented

If you take a look here (Configure forced tunneling using the classic deployment model), the force tunneling is available for Sote To Site CPN connections.

I just tested with the Azure VPN Client:

  • There is no option to configure "force tunneling" in the Azure VPN Client

  • After connecting a P2S Tunnel the default route of the Windows 10 client is still pointing to the IP of the client (not to the VPN connection)

Maybe this is helpful.

Regards

Andreas Baumgarten

(Please don't forget to Accept as answer if the reply is helpful)



· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I would assume forced tunneling is something you'd have to configure in Azure, to make it push the appropriate routes to the client. Is there a way to do that?

0 Votes 0 ·

As TravisCragg-MSFT mentioned above this is not supported for P2S connections.

Regards

Andreas Baumgarten

(Please don't forget to Accept as answer if the reply is helpful)

0 Votes 0 ·