Meraki

Darian · ‎Apr 6 2021

Hello everyone,

We have a client that has their main HQ that remote users connect to via client VPN and they also have a site-to-site azure connection to the HQ that has a file server.

The issue here is when a user connects to client VPN they cannot reach the azure file server, I did check and confirmed that the "Client VPN" subnet is allowed to communicate over the site-to-site connection.

I also confirmed that I can ping it from a computer that is on the same network as the HQ Meraki. Anyone have any ideas here?

Bruce · ‎Apr 6 2021

Do you have the routing on the Azure end correctly configured? (Sorry, not an Azure expert).

It appears that traffic is traversing the VPN tunnel as you say you can ping the Azure file server from a subnet behind the MX. But is there a path all the way from the Azure file server back to the 172.16.10.0/24 network (i.e. is the Azure routing configured to send 172.16.0.0/24 back through the VPN tunnel)?

View solution in original post

Bruce · ‎Apr 6 2021

Do you have the routing on the Azure end correctly configured? (Sorry, not an Azure expert).

It appears that traffic is traversing the VPN tunnel as you say you can ping the Azure file server from a subnet behind the MX. But is there a path all the way from the Azure file server back to the 172.16.10.0/24 network (i.e. is the Azure routing configured to send 172.16.0.0/24 back through the VPN tunnel)?

Darian · ‎Apr 9 2021

After looking a little harder, I was able to find where to input the subnet for azure so it knows where and what is allowed to pass traffic. I assumed you had to add it into the site-site / Azure IP information but you have to add it into the "remote WAN" section to work. Thank you for the help guys!

Meraki

Community

Remote users cannot access a server over Site-to-Site.

Remote users cannot access a server over Site-to-Site.