VMX100 - Can't access Azure VM in other Subnet.

Sam_Brown
Here to help

VMX100 - Can't access Azure VM in other Subnet.

Deployed VNX100 in Azure and connected to existing VPN Mesh. I can ping Azure VMX from on-prem and vice versa.

 

Created a new VM in a subnet within the VNET and can't ping this. I've configured the subnets on the VPN within the Meraki Portal but no luck. If I move the VM into the same subnet as the VNX works with no issues so somehow the VMX can't talk to the other subnets within the VNET. I've deployed a few other VNA within Azure and don't believe I've ahd this issue before so assuming some additional config I need to make but resources are thin on the ground when it comes to VMX100 so if anyone has any ideas would be appreciated. 

3 REPLIES 3
JonnyWinter
Here to help

Hey Sam,

 

Have you configured the Azure Route Table for those other subnets? The steps are outlined in this doc about 3/4 of the way down - https://documentation.meraki.com/MX/MX_Installation_Guides/vMX_Setup_Guide_for_Microsoft_Azure

 

Let me know how you get on. I did two of these recently with a similar outcome to what I think you're intending to have, and it worked well following the guide. 

 

Jonny.

Yes noticed that. I hadn't added the routing table to the VNET the VM was in. Once I added that I could ping both ways although I'm not getting any internet traffic on the VM for some reason. May need to point to the VMX as the gateway. 

 

I don't suppose you are aware of any documentation for configuring a DMZ within Azure with a VMZ at all? 

Hey Sam,

 

Yeah, everything should route via the route table. So, it should be your default gateway for clients & the MX. It's a little bit old now, but this has stood the test of time 😉https://www.youtube.com/watch?v=Prp9HrBjG14&ab_channel=SteveVTSftw The YouTuber goes through the setup which may help. 

 

Not sure RE DMZ setup, maybe a new post may attract someone that does - or call Meraki and they may be able to provide some information to you. Hope this all helps.

 

Jonny.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels