This topic contains 3 replies, has 3 voices, and was last updated by
September 24, 2019 at 12:54 pm #179301ParticipantTopics: 26Replies: 59Points: 96Rank: Member
I have a point to site VPN setup into a hub and spoke designed private network.
I can see in my routing tables on my desktop, I can see all the networks of the hub and the spokes.
I can not ping any of these servers with the FQDN. I can ping with the IP's.
If I ssh onto a server in the hub, I can ping all the servers using the FQDN's.
In other words, i am getting DNS resolution from a server on the private network, but not my desktop which is connected via VPN.
Any idea how I can get this to work from my desktop across the VPN in Azure?
Am I supposed to be able do access the Azure DNS Private Zones, or DNS for my networks in Azure?
If so, how do I make it work?
PS C:\> ping cnt-inbound-01.prod.dom.local Ping request could not find host cnt-inbound-01.prod.dom.local. Please check the name and try again. PS C:\> nslookup cnt-inbound-01.prod.dom.local Server: UnKnown Address: 192.168.1.1
September 24, 2019 at 1:10 pm #179307ParticipantTopics: 1Replies: 19Points: 52Rank: Member
This definitely looks like a name resolution problem (i.e. not really a Powershell problem). If I VPN into the site of my servers the VPN connection gives me the IP address of a DNS server that can resolve internal names. I assume that is not the case for your VPN connection, maybe you should discuss this with the admin of the server/device that provides the VPN connection?
September 24, 2019 at 4:08 pm #179400ParticipantTopics: 0Replies: 113Points: 420Rank: Contributor
Have you verified the network security groups are configured to allow you to access from the VPN? I agree with Kris, you would need to speak with the admin for your Azure Tenant/Subscription to verify ACLs (network security groups) are configured to allow connection from the VPN connection.
September 25, 2019 at 10:45 pm #179718ParticipantTopics: 26Replies: 59Points: 96Rank: Member
We are talking specifically about Azure Point to Site VPN, it is a product provided by Azure. So I am looking for someone who knows how this is supposed to work. I have complete control over the environment. The way it works is once you have configured your different networks and configured peering between the networks, then you download a vpn client from the Network Gateway that enables you to connect and puts a dll on your workstation that configures all the routing tables so you can access everything via IP. I have added DNS Private Zones, which is new to Azure. Each zone has links to the other zones so they can resolve FQDN's from each serer to each network. I want to know if it is supposed to work over the VPN? If, so, how do I make it work. I have coded out standing up all of this with PowerShell. But yes, it is an Azure question. I see one article out there where it says you have to download the vpn client after the DNS configuration, I have done that with no effect.
You must be logged in to reply to this topic.