Direct Restore to Microsoft Azure | VeeamPN software-defined networking
Post Reply
pmansfield
Enthusiast
Posts: 45
Liked: never
Joined: Jun 30, 2015 3:59 pm
Contact:

VeeamPN Hub Routes are a bit messed up

Post by pmansfield » Nov 21, 2018 2:57 pm

Our VeeamPN hub (in Azure) had a failed Linux distro upgrade and then failed to boot. I pulled a backup of the disk image from Azure and attached that instead of the normal OS disk to get it booting again, but I think part of the config might have gotten messed up.

I can ping into our Azure machines and RDP/SSH onto them from the on-prem machines, but I can't ping from Azure to on-prem. AD replication has also stopped between our on-site DCs and the one in Azure.

The bit that has currently gotten me confused is in the route table for the hub machine in Azure.
Address prefix: 10.171.0.0/16
Next hop type: Virtual appliance
Next hop address: 10.200.0.7

10.171.0.0/16 is the on-prem address range, and 10.200.0.0/24 is the Azure address range. However I don't have anything configured on 10.200.0.7 so suspect that's an error that's crept in somewhere. What should the Next hop address be?

From the hub machine I can ping the IPs of both the Azure and on-prem machines, so it definitely sounds like some dodgy routing somewhere along the line, but I'm not sure where it might have got messed up.

Any advice would be appreciated before I look to tear it down and rebuild it - which is not my preferred solution.

PTide
Veeam Software
Posts: 4660
Liked: 386 times
Joined: May 19, 2015 1:46 pm
Contact:

Re: VeeamPN Hub Routes are a bit messed up

Post by PTide » Nov 21, 2018 6:21 pm

Hi,

*please don't mind me practicing some "rubber duck debugging" here...

If you want to ping your on-prem machine from another machine in Azure, the traffic will be sent to the default gateway in Azure first. Then the gateway will route the traffic to the Azure VeeamPN network hub that will route the traffic to the remote site through the VPN.

That is, I'd expect to see the remote site VeeamPN appliance address as a next hop in the hub routing table. As you've mentioned, it could be either a messed up restore of the hub (however I cannot imagine how simple reattachement of the disk image could go wrong), or the disk image already had wrong routing table.

If you've already tried that and it didn't work, then I suggest you to contact our support team directly as they must have dealt with VeeamPN already.

P.S. Do you use configuration backup?

Thanks!

pmansfield
Enthusiast
Posts: 45
Liked: never
Joined: Jun 30, 2015 3:59 pm
Contact:

Re: VeeamPN Hub Routes are a bit messed up

Post by pmansfield » Nov 22, 2018 3:59 pm

I don't have the option for configuration backup. Under Settings I have Services, VPN, Azure, Alerts, SMTP, Other. The Other page just has options to enable SSH or reset back to the default.

I've just compared the version numbers of the software, and the hub is 1.0.0.291 whilst my on-prem VeeamPN gateway is 1.0.0.380. I don't have any Update options on the hub machine either.

I'm starting to think the whole hub machine config is messed up and will need recreating, but I've got a bunch of other VMs already setup which are hooked into the subnet which was created when I first set it all up...

PTide
Veeam Software
Posts: 4660
Liked: 386 times
Joined: May 19, 2015 1:46 pm
Contact:

Re: VeeamPN Hub Routes are a bit messed up

Post by PTide » Nov 22, 2018 4:18 pm

Well, the current version is 1.0.0.380.

Given the circumstances, the best option in your case would be to deploy a new veeampn setup while keeping the current one in place, test it on a couple of dummy VMs, and then migrate your production from the old version, step by step.

As I've already mentioned, please feel free to contact support team in case you need assistance or an advice.

Thanks!

UPDATE [23.11]: Indeed, the post I've referred to contained wrong info and has been corrected.

anthonyspiteri79
Veeam Software
Posts: 400
Liked: 73 times
Joined: Jan 14, 2016 6:48 am
Full Name: Anthony Spiteri
Location: Perth, Australia
Contact:

Re: VeeamPN Hub Routes are a bit messed up

Post by anthonyspiteri79 » Nov 23, 2018 3:46 am

The HUB is a little old in terms of versioning and might not have had the export/import config option that came with the GA release of 1.0.0.380.

I just tried an update from the Veeam Linux Software Repository and it's telling me the 1.0.0.380 is the latest version. I think that 1.0.0.802 is not correct? Will have to check that.
Anthony Spiteri
Global Technologist, Product Strategy | VMware vExpert
Email: anthony.spiteri@veeam.com | Mobile: +61488335699
Twitter: @anthonyspiteri | Skype: anthony_spiteri

absent
Veeam Software
Posts: 4
Liked: never
Joined: Apr 18, 2012 7:03 am
Full Name: Andrey Zhelezko
Contact:

Re: VeeamPN Hub Routes are a bit messed up

Post by absent » Nov 23, 2018 2:49 pm

Yeah, latest Veeam PN GA version is 1.0.0.380. 1.0.0.802 could have been copied from FastSCP by mistake.

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest