Routing Help Needed - Site to Site VPN

Question

I have successfully established an IPsec Site-to-Site VPN tunnel between our On-Prem network (Gateway, Cisco RV220W) and Azure. However I am hitting a knowledge gap with regards to setting up the routing to allow me to actually send traffic between the two sites.

Here are the details:

On-Prem:

Local Network: 172.16.0.0

Subnet: 255.255.255.0

Azure Local Network

Local Network: 172.16.1.0

Subnet: 255.255.255.0

Azure Virtual Network

Virtual Network: 10.0.0.0

Subnet: 255.255.255.224

Gateway: 10.0.0.32 Subnet 255.255.255.248

I'm unable to route traffic between the two. Connection is stable and established. Azure tells me it has sent a few KB of data but I am stuck with 0 Bytes of data received. This is also confirmed with the IpSec Connection status monitor on the Cisco router.

I have looked and got as far as believe I need to set up a static route between the two subnets but I can't make the Cisco config out. The one I have set up looks a little like this:

• RouteName: LocalToAzure
• Active: Yes
• Private: No
• Destination IP Address: 172.16.1.0
• IP Subnet Mask: 255.255.255.0
• Interface: WAN(Internet)
• Gatway IP Address: {On-Prem-Public-IP}
• Metric: 2

This doesn't make sense to me as I initial throught I would need to set the Gateway IP as the Azure IP but Cisco won't let me as it needs to be in the subnet for my WAN. Any help?

Answer 1

I notice that you have mentioned that you've successfully established a site-to-site VPN, but you haven't listed its interface in your post - basically you want to alter your default gateway to the VPN gateway interface on the Cisco in your configuration as above (not your WAN IP).