Share via

Cannot connect to VM using Point to Site VPN connection

Scott Groner 21 Reputation points
2020-09-03T15:53:58.31+00:00

I am trying to set up the P2S VPN connection to my newly created VM. I downloaded the VPN Connection client from Azure after everything was created. I can see my laptop has been assigned a private IP from Azure and is on the same subnet as the VM I'm trying to connect to. However, I cannot ping or RDP to the VM from my laptop. I followed the following article as well as the troubleshooting steps at the bottom but no success: https://zcusa.951200.xyz/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal

I can connect via RDP using the Public IP address via the downloaded RDP file from Azure.

Please advise.

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,543 questions
0 comments
Accepted answer
  1. Andreas Baumgarten 110.2K Reputation points MVP
    2020-09-03T20:50:37.74+00:00

    Moving a VM in a different subnet isn't that easy.

    The only way I know so far is:
    Delete the VM -> Important keep the disk!
    Create a new VM connected in the right subnet and use the existing disk from the deleted VM

    Regards

    Andreas Baumgarten

    (Please don't forget to Accept as answer if the reply is helpful)

    0 comments

6 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andreas Baumgarten 110.2K Reputation points MVP
    2020-09-03T17:46:04.327+00:00

    The VM is in the same Virtual Network (but different Subnet) as the VPN Gateway?
    Which IP Adress do you use locally on your laptop without connected to the VPN?
    Which IP subnet is used in the Azure subnets and virtual network?
    Which private IP is used by the VM?

    Kind regards
    Andreas Baumgarten

    0 comments
  2. Scott Groner 21 Reputation points
    2020-09-03T18:03:42.65+00:00

    Hi Andreas,
    The Virtual Network is 10.1.0.0/16

    The IP on my laptop is 192.168.1.187

    The Virtual Network gateway: GatewaySubnet (10.1.1.0/24)

    The VM is at 10.0.0.4.

    Thank you for any assistance you can provide.

    0 comments
  3. Andreas Baumgarten 110.2K Reputation points MVP
    2020-09-03T18:47:09.347+00:00

    If I get it right it's:
    Virtual network 10.1.0.0/16
    Gateway Subnet is 10.1.1.0/24
    The subnet the VM is in, I guess, is 10.1.0.0/24 ? Or is the subnet 10.0.0.0/24 (because the VM got the 10.0.0.4)?

    If the VM really is in the 10.0.0.0/24 subnet I think this might be the problem, because the IP of the VM is outside of the Virtual Network IP range.

    I am using this settings without any problem:
    Local subnet: 192.168.0.0/24 (laptop)
    Virtual Network: 10.0.0.0/16
    Subnet for VMs: 10.0.1.0/24 -> IP of VM 10.0.1.4
    GatewaySubnet: 10.0.2.0/24
    ClientSubnet for Point2Site Connections: 172.16.0.0/24

    With this config I am able to connect via RDP from my laptop to the VM (10.0.1.4). If the VM is new and Windows ping doesn't work because ICMP is blocked by the firewall of the VM by default. To enable the ICMP on the Windows VM open the firewall settings -> Inbound Rules -> enable “File and Printer Sharing (Echo Request – ICMPv4 – In)”

    Hope this helps.
    Regards
    Andreas

  4. Scott Groner 21 Reputation points
    2020-09-03T20:33:19.477+00:00

    You are correct that the VM is on the 10.0.0.0/24 subnet. I was able to verify that under the IP configuration under the VM. How would I go about moving it to the 10.1.0.0/24 subnet. (Sorry I have never done this.)

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.