I set up a VPN gateway in Azure, and configured a P2S connection that connects an on-prem server to the gateway. The Azure P2S configuration asks for an IP pool to assign to the endpoints when they connect, it's set to 172.16.17.0/24.
When the on-prem server successfully connects, it's assigned an IP 172.16.17.2 as expected. It can reach my private subnets on the Azure side normally across the VPN.
However, the on-prem server has its own private IP, 192.168.2.110. From the Azure side, the VMs connected to the VPN gateway can only reach the on-prem server via 172.16.17.2. I need them to be able to reach 192.168.2.110 as well.
I took a look at the effective routing table in Azure. They auto added 172.16.17.0/24 to be routed via the VPN of course. But they have other private IP blocks that are not part of my Vnet address space/subnets set to Drop, including 192.168.0.0/16.
I can't seem to figure out how to add a custom route to my vNic that routes 192.168.2.110 through the same VPN gateway so my VMs can access the on-prem server via this IP.
I tried creating a Routing Table instance, and it allows me to add a route for 192.168.2.110/32, under the "Next Hop Type" I can choose Virtual Network Gateway, but it won't let me specify the IP address of the gateway, and the rule does not seem to work. The auto-added route for 172.16.17.0/24 does have Virtual Network Gateway as hope type and it has the gateway's IP.
Your advice would be greatly appreciated.
Best Answer
The short answer is adding your network route to VPN route config file manually will make it work: %AppData%\Microsoft\Network\Connections\Cm\yourGuid\routes.txt.
Here you can find details about Azure P2S routing: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-point-to-site-routing
Hope it helps.