I have Azure virtual network with subnets connected to on-premises network via VPN. Everything is addressed with 10.0.0.0 private address space. The communication is working with other Private Endpoints. I have created Key Vault with Private Endpoint and firewall. Firewall is configured as follows:
- Allow access from: Private endpoint and selected networks
- Virtual networks: only Azure subnets can be listed ( I need acces from on-premises )
- Firewall: IPv4 CIDR allow only public IPs. 10.0.0.0 address space is forbidden.
How to access key vault from on-premises network? The Azure Portal doesn't allow me to add Keys, Secrets nor Certs. The message is: Firewall is turned on and your client IP address is not authorized to access this key vault.
When trying to add my on-premises address range I go a message: Invalid value found at properties.networkAcls.ipRules[0].value: 10.99.0.0/16 belongs to forbidden range 10.0.0.0–10.255.255.255 (private IP addresses)