question

MatthewCampbell-6749 avatar image
0 Votes"
MatthewCampbell-6749 asked MatthewCampbell-6749 commented

I cannot save external mapping on Azure Network Gateway (VPN) NAT Rule - gets saved as external mapping = internal mapping

I am having issues trying to configure a NAT rule on an Azure Virtual Network Gateway. I'm using the sku VpnGw2

I'm using the azure web portal to configure the resource. I want a static EgressSnat rule that maps an VNET address 10.6.0.64/32 to 20.190.117.64/32.

I enter the Mode: EgressSnat, Internal Mappings: 10.6.0.64/32, External Mappings: 20.190.117.64/32 and press Save.

Going back to the NAT rules screen and both Internal and External Mappings are set to 10.6.0.64/32.

What am I doing wrong?

Screenshot 1: 199434-image.png

Screenshot 2: 199435-image.png


azure-virtual-network
image.png (44.8 KiB)
image.png (43.2 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

ChaitanyaNaykodiMSFT-9638 avatar image
0 Votes"
ChaitanyaNaykodiMSFT-9638 answered MatthewCampbell-6749 commented

Hello @MatthewCampbell-6749, welcome to the Microsoft Q&A forum.

I tried setting up a similar NAT rule at my end, and I did not face the issue above and the rule was saved correctly.

200410-image.png

200370-image.png

The issue here might be due to a transient portal error. Can you try below mentioned steps and see if that helps in resolving the issue?

  1. Can you try clearing cache and cookies for your browser and then try adding the NAT Rule? if possible using a different browser can help as well. Please let me know if the issue still persists.

  2. Can you try enabling the NAT rule using PowerShell commands? This might help us to pinpoint the actual issue. You can run the below mentioned command to add a NAT rule. You can run this command using Azure Cloud shell.

    $Gw = Get-AzVirtualNetworkGateway -Name "<your-Gw-name>" -ResourceGroupName "<RG_Name>"
    $Egress = New-AzVirtualNetworkGatewayNatRule -name "<rule_name>" -type "static" -mode "EgressSnat" -InternalMapping @("<IPaddress>") -externalmapping @("IPaddress") -InternalPortRange "<port>" -ExternalPortRange "<port>"
    Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gw -NatRule $Egress

Hope this helps! Please let me know if you have any additional concerns. Thank you!



image.png (32.7 KiB)
image.png (30.7 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks @ChaitanyaNaykodiMSFT-9638,
I tried your option 1, clearing the cache and hard reloading in MS Edge and then trying Firefox as well. Neither of these worked and I got the same result. I didn't completely close all my Edge tabs though.

I tried your option 2 using powershell commands and it worked great. The EgressSnat rule is now working as expected.

Thanks!

0 Votes 0 ·