connect from a web app to a virtual network

0
votes

enter image description here

according this post https://docs.microsoft.com/en-us/azure/app-service/web-sites-integrate-with-vnet

I have been able to connect my web app to my azure virtual network. means I can easily ping my VM that is in the azure virtual network from my webapp. also I can ping(telnet session) from my VM on my azure network to on-prem device.

but i cannot connect(ping) from my web app to on-prem devices. do I need to do any configuration on the (green) on-prem virtual network to allow the that to happen (like adding the point to site ip range)or should it work when the point-to-site and site-to-site are each working.

1
azurenetworkingazure-virtual-networkvirtual-network
Hi, do you still face this issue? If the reply is helpful, you could accept it or let me know if you have any question.Nancy Xiong
@NancyXiong I am waiting to test it with client vpn. after testing will mark it as answer .Saba

1 Answers

0
votes

In this case, App can access the on-premises resources. The document states that

To access resources on-premises, you need to update your on-premises VPN gateway routes with your point-to-site address blocks. When the site-to-site VPN is first set up, the scripts used to configure it should set up routes properly. If you add the point-to-site addresses after you create your site-to-site VPN, you need to update the routes manually. Details on how to do that vary per gateway and are not described here. Also, you cannot have BGP configured with a site-to-site VPN connection.

Also, you could follow the troubleshooting steps. If your VNet hosted VM can reach your on-premises system but your app can't, then the cause is likely one of the following reasons:

  • your routes are not configured with your point to site IP ranges in your on-premises gateway.
  • your network security groups are blocking access for your Point-to-Site IP range
  • your on-premises firewalls are blocking traffic from your Point-to-Site IP range

You could check the above possible reasons on your side. If you still have any question, feel free to let me know.