Direct Restore to Microsoft Azure | VeeamPN software-defined networking
Post Reply
hamishEd
Lurker
Posts: 1
Liked: never
Joined: Aug 17, 2019 10:42 pm
Full Name: Hamish Edmondson
Contact:

VeeamPN with multiple Azure subnets

Post by hamishEd » Aug 17, 2019 10:57 pm

I've set up a Veeam PN Hub in Azure and connected a site gateway to it, but the gateway doesn't appear to forward traffic outside of the subnet in which the Hub VM resides. The subnets in my Azure virtual network are as follows:

Subnet A: 10.87.5.0/24
Subnet B: 10.87.10.0/24
Subnet C: 10.87.248.0/22

The Veeam PN VM is assigned to Subnet C, and when connected via my site gateway I can reach other hosts on this subnet, but nothing in subnet A or B. The Veeam PN Route Table has all 3 subnets associated, and I'm able to access hosts on, for example, Subnet A from Subnet C. On my local network, I've got a route for 10.87.0.0/16 with the next hop as my site gateway IP. When connected to my local network, if a run a traceroute on an address in subnet A or B, it tries to route via the site gateway, but then goes back to the site gateway's default gateway (ie my local router). It's like the site gateway isn't recognising any destinations in subnets A or B as needing to be routed over the VPN.

Does anyone know where I should start troubleshooting this?

HannesK
Veeam Software
Posts: 3764
Liked: 454 times
Joined: Sep 01, 2014 11:46 am
Location: Austria
Contact:

Re: VeeamPN with multiple Azure subnets

Post by HannesK » Aug 19, 2019 5:34 am

Hello,
and welcome to the forums. I don't have VeeamPN installed but it looks like the routing table is not correct. Can you login to the site gateway and show the routing table output with "route -n" ?

Best regards,
Hannes

DDIT
Expert
Posts: 107
Liked: 20 times
Joined: Oct 29, 2015 5:58 pm
Full Name: Michael Yorke
Contact:

Re: VeeamPN with multiple Azure subnets

Post by DDIT » Aug 22, 2019 11:26 am

Hi

I'm very interested in the answer to this, as I am trying to setup something very similar but hitting the same problem.

In my lab I have a manual wireguard setup and a VeeamPN setup, but they seems quite different. I was expecting VeeamPN to just be a fancy web GUI around the wireguard conf files, but I can't find the wg.veeam interface configuration file anywhere. Does anyone know where it lives? Disclosure: I'm not a linux guy.

AVasilyev
Veeam Software
Posts: 60
Liked: 14 times
Joined: Jan 01, 2006 1:01 am
Contact:

Re: VeeamPN with multiple Azure subnets

Post by AVasilyev » Aug 29, 2019 3:58 am 1 person likes this post

Dear Hamish,

Thank you for bringing this scenario up. Originally we didn't plan to support multiple Azure sites, but I think we can find a way out.
Could you please add two of other Azure subnets (A & B)as a two sites in the Azure hub clients list - you don't need to deploy any site gateways there - we need just two more records to be pushed to your routing on your local site gateway (or endpoint connection).

After adding them you will be able to access all resources in subnets A and B because they should be reachable by Azure default routing.
If yo still have any problems could you please post result of the command "ip route" from your Azure hub VeeamPN server?

Answer to next question from DDIT deserves a separate post - I'll prepare it shortly.

Thank you,
Alexey

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests