Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,470 questions
Routing internet traffic over AOVPN
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 95%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EES%3C/text%3E%3C/svg%3E)
Edward Smith
1
Reputation point
I have a specific requirement in that I have an always on VPN setup that allows me to connect to Azure resources, as expected. However, I also need to access a specific public IP address to access an online service, as the tunnel uses split tunneling this traffic would normally be routed through my home internet connection. However, the vendor will only allow access from a single IP address that does not change.
Under normal VPN conditions I would add a new route on the tunnel that forced traffic to the IP address down the tunnel to be routed out by the firewall, which the vendor can then whitelist and allowing access from the on prem firewall. Can AOVPN be configured in this way also? (I have created an InTune policy that adds the route to the connection profile and can see from a route print that the traffic to this IP is being sent down the tunnel). In theory I should then be able to get the Azure route table to then pass this traffic to the internet.
Is this even supported?
{count} votes
-
Miguel Gonçalves | AVANADE 886 Reputation points2024-06-13T00:01:36.97+00:00 Hi Edward,
Do you already read about “split-tunneling”? Please Check https://directaccess.richardhicks.com/2018/07/23/always-on-vpn-routing-configuration/
You can add a new route https://directaccess.richardhicks.com/2018/07/23/always-on-vpn-routing-configuration/ defining in a xml. Read all this article.
Sign in to comment