I have two completely independent Azure environments that I control. One virtual network uses the
10.0.0.0/16 address space, the other uses the
10.20.0.0/16 address space. I need my users to be able to connect to both vnets simultaneously via point-to-site (P2S) VPN connections.
I have much of this working. I’m using plain-old, built-in rasphone for this- no special extra VPN client software, I set up the connection directly in rasphone with no downloads or installs. Either one of the connections work perfectly alone, the problem comes when I try to use them together.
Apparently, when I connect to either of them, a route gets added for
10.0.0.0/8. So when I connect to both of them, two conflicting routes get added. The one with precedence wins, so in practice one connection of the two will work, while the other fails. In case that isn’t clear, here’s the output from
Network Destination Netmask Gateway Interface Metric 10.0.0.0 255.0.0.0 10.1.0.0 10.1.0.3 36 10.0.0.0 255.0.0.0 10.21.0.0 10.21.0.9 36
In the above case a
10.20.0.5 shows that it’s trying to resolve the IP address via the
10.1.0.0 gateway (the one with precedence), which is the wrong one, so it finds nothing. I need to route
10.20.0.0/16 traffic through
Now, I could try to modify the route explicitly on every client PC, but that adds a whole extra step to the process of setting up each and every PC. The Azure VPN Gateway is obviously capable of telling the client what routes to add, since the
10.0.0.0/8 route gets added automatically every time I connect, so I’m hoping there’s a way to configure that default route and limit it to only the IP range I want. And if there isn’t a way to explicitly alter it, is there at least some way I can rearrange my address spaces so that the gateway realizes I don’t want to route all of