Can I create a network in Azure with the same subnet as the onpremise LAN?

Question

question

salves asked Aug 30, '20 madgonc answered Apr 6, '22

Can I create a network in Azure with the same subnet as the onpremise LAN?

Hi,

I need to create an Express Route to establish communication between my Azure and Datacenter Equinix.

I talked to an Equinix specialist and assured me that I can create a vNet with the same subnet as my LAN network in the onpremise environment.

In conversation with a friend from Azure Microsoft Network he confirmed that this is not possible, as this will cause the so-called overlap.

Does using an Express Route have any benefits for using the same subnet and that is why the Equinix specialist informed me that we can?

Thank you.

azure-expressroute

· 1

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

karimfahmy · Mar 01 at 01:09 PM

I believe yes you can but you need to use the new feature from Azure VPN NAT ,here you go the link :

https://docs.microsoft.com/en-us/azure/vpn-gateway/nat-howto

1 ·

Answer 1 · 2020-08-31T03:41:34.853Z

GitaraniSharmaMSFT-4262 answered Aug 31, '20

Hello @salves ,

You cannot create a virtual network in Azure with the same subnet/address range as your onpremise LAN, if you want to connect your on-premise network to this particular virtual network using VPN or ExpressRoute.
Please refer : https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview#best-practices

Creating an Azure Vnet with same address range as your on-premise network and connecting them via ExpressRoute will cause routing problems. Hence when using a virtual network as part of a cross-premises architecture, be sure to coordinate with your on-premises network administrator to carve out an IP address range that you can use specifically for this virtual network. If a duplicate address range exists on both sides of the VPN/ExpressRoute connection, traffic will route in an unexpected way.

Please refer : https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/enterprise-scale/network-topology-and-connectivity

Kindly let us know if the above helps or you need further assistance on this issue.

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 2 · 2022-03-02T15:54:19.443Z

karimfahmy answered Mar 2, '22

I believe yes you can but you need to use the new feature from Azure VPN NAT ,here you go the link :

https://docs.microsoft.com/en-us/azure/vpn-gateway/nat-howto

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 3 · 2022-04-06T12:37:55Z

madgonc answered Apr 6, '22

In many cases its needed configure same network ranges in the both sides (on-premises / azure)
In many cases its needed configure same network ranges in the both sides (azure / other locations with ipsec s2s tunnel)
Many times we have Production environments in azure and staging/dev environments on-premises or in another cloud with s2s connections and we need preserve same private ips.

NAT over connections with Network Gateway: https://docs.microsoft.com/en-us/azure/vpn-gateway/nat-overview
"NAT is supported on the the following SKUs: VpnGw2~5, VpnGw2AZ~5AZ."
"NAT is supported on IPsec cross-premises connections only. VNet-to-VNet connections or P2S connections are not supported."

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

question