from my on-premises setup i am unable to send the traffic to another VNET behind my Azure VNET. I have an Expressroute Gateway and an NVA in my subscription.

Sujith Gopalakrishnan 0

I have an on premises range 192.168.200.8/29, connected to Azure Network through Azure Express Route (gateway type - Express Route) and and NVA-Firewall. We are unable to route the traffic from an on-prem to another VNET. The traffic is getting dropped at the Microsoft Edge router and not reaching the NVA firewall. Is there a way that we can force all the traffic from on-premises reaching the Microsoft Edge router to forward to NVA-Firewall?

Sujith Gopalakrishnan 0 Reputation points

2024-09-06T20:06:07.71+00:00

Thank you, Ganesh. Could you please share some documentation or steps for the Solution 1 - Configure UDR, create a route table and how to associate with ER circuit and to add the next hop as NVA Firewall.

Can we add a Static default route or a Specific route on the Microsoft Edge router to point all traffic to NVA Fw, which can then send the traffic over the VNET peering to the other VNET subscription.
Ganesh Patapati (Quadrant Resource LLC) 175 Reputation points Microsoft Vendor

2024-09-10T08:51:12.6266667+00:00

Hi Sujith Gopalakrishnan,

Sorry for the inconvenience!!

I have submitted an update to my comment above; could you please go through it?

If you need any further assistance, please don't hesitate to reach out to us.

We are happy to assist you.

Regards,

Ganesh
Ganesh Patapati (Quadrant Resource LLC) 175 Reputation points Microsoft Vendor

2024-09-11T11:14:20.4433333+00:00

Hello Sujith Gopalakrishnan,

Good day!

I'd like to continue with the thread.

Just dropping in to see if you had a chance to read my response to your query about correcting the issue. If you have any further concerns, please do not hesitate to contact us.

We are pleased to help you.

I look forward to your response and appreciate your time on this.

Regards,

Ganesh
Ganesh Patapati (Quadrant Resource LLC) 175 Reputation points Microsoft Vendor

2024-09-12T14:09:24.7166667+00:00

Hello Sujith Gopalakrishnan,

I hope everything is going well for you!

I wanted to make sure you had an opportunity to read my response to your query in terms of fixing the problem. Do not hesitate to contact us if you are still experiencing problems.

We are pleased to help you.

I value your time and look forward to hearing from you on this.

Regards,

Ganesh
Sujith Gopalakrishnan 0 Reputation points

2024-09-12T15:34:29.44+00:00

Thank you, i will try to test and see.
Ganesh Patapati (Quadrant Resource LLC) 175 Reputation points Microsoft Vendor

2024-09-13T11:19:01.7366667+00:00

Hello Sujith Gopalakrishnan,

If you have any further concerns, please do not hesitate to contact us.

We are pleased to help you.

I look forward to your response and appreciate your time on this.

Regards,

Ganesh
Ganesh Patapati (Quadrant Resource LLC) 175 Reputation points Microsoft Vendor

2024-09-16T17:54:38.0066667+00:00

Hello Sujith Gopalakrishnan,

Hope you are doing well!

I wanted to make sure you had an opportunity to read my response to your query in terms of fixing the problem. Do not hesitate to contact us if you are still experiencing problems.

We are pleased to help you.

I value your time and look forward to hearing from you on this.

Regards,

Ganesh

1 answer

Ganesh Patapati (Quadrant Resource LLC) 175 Reputation points Microsoft Vendor

2024-09-06T08:45:07.19+00:00
Hi Sujith Gopalakrishnan,

We appreciate your patience!

Welcome to the Microsoft Q&A Platform! Thank you for asking your question here.

I apologize for the inconvenience. As I misinterpreted your query earlier, I've corrected my response below.

You must properly establish your network settings. To make sure that traffic from your on-premises network is routed through your NVA and not dropped, use the following high-level approach:

Verify that BGP (Border Gateway Protocol) is set up on your ExpressRoute circuit to permit dynamic routing.

Make that the routes being advertised by your on-premises BGP peers are correct. I apologize for the inconvenience. As I misinterpreted your query earlier, I've corrected my response below.

Refer: https://video2.skills-academy.com/en-us/azure/expressroute/expressroute-routing#dynamic-route-exchange

You may also check out the thread below to see how routing should operate in certain instances.

Refer: https://video2.skills-academy.com/en-us/answers/questions/568983/azure-express-route-forced-tunneling-with-nva

If you have any further concerns, please do not hesitate to contact us.

We are pleased to help you. I look forward to your response and appreciate your time on this.

Regards,

Ganesh
Please sign in to rate this answer.

0 comments No comments
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

Share via

from my on-premises setup i am unable to send the traffic to another VNET behind my Azure VNET. I have an Expressroute Gateway and an NVA in my subscription.

1 answer

Your answer