0

As many have asked before, we have a problem with spoke-vnet <-> hub/checkpoint-vnet <-> expressroute-vnet. Spokes can see all routes from hub, hub can see all routes from spoke and expressroute, but expressroute cannot see spoke-routes, and obviously cant return traffic to the spoke. I see that NVA in the hub is mentioned as a workaround for this non-transitive attribute, but how? We have a checkpoint-nva there, but i dont see how to create the routes to get around this. (the reason the expressroute is in its own vnet is a managability-issue, as they are slow to be re-provisioned if we have to rebuild the checkpoint-vnet).

The problem right now is that the Expressroute gateway cannot see the spoke-routes, and so the traffic loops between onprem and er-gw. Cant seem to force this route into the er-gw with UDR.

shakalakka
  • 105
  • 1
  • 1
  • 8
  • Are you still stuck on this issue? – Nancy Jan 29 '21 at 08:03
  • Are you still stuck on this issue? If you have solved it, you may share your solution so that other people may benefit from it. – Nancy Feb 01 '21 at 07:43
  • Using VPN gateway might be an solution for the above . Please refer this https://charbelnemnom.com/use-azure-vpn-gateway-to-route-traffic-between-spoke-networks/ – Ansuman Bal Jun 29 '21 at 09:50

0 Answers0