I am using Global VNet peering in Azure (2 networks in 2 different regions) and I'd like to access a VM I have in one of them from a WebApp I'd like to integrate with the other.
I have tried integrating the WebApp through a gateway and also directly without a gateway (the preview function) and I managed to see VMs from the same VNet but I am unable to access the VM from the globally peered VNet by its private IP.
Is this possible to achieve and if so, how? Thank you.
Yes, It's possible since you could use remote gateways or allow gateway transit in globally peered virtual networks in preview, currently. The preview is available in all Azure regions, China cloud regions, and Government cloud regions. Read more details. Moreover,
Route tables and global peering are not yet available with the new VNet Integration.
So you could try to use the existing VNet integration with a VNet which has a P2S VPN gateway. To configure peering to work with your app, you could refer to peering configuration.
Allow virtual network access and check Allow forwarded traffic and Allow gateway transit.Allow virtual network access and check Allow forwarded traffic and Allow remote gateways.Please note that you must add the peered VNet address in step 3. Then sync network, you will see the address range in the IP ADDRESSES ROUTED TO VNet. In my case, my peered VNet address range is 10.0.0.0/24.
The tools ping, nslookup and tracert won’t work through the console due to security constraints. Navigate to the web app console, we can use tcpping to verify the TCP connection with its private IP address. Please check if vm does not allow incoming pings or that the network security group for the virtual machine blocks them. See more troubleshooting details here.
