Hi,
I have a site-to-site VPN setup from a network in Azure to AWS.
For some reason and I'm not entirely sure why, but it doesn't let me communicate end-to-end if the below settings configured on the Site-To-Site VPN Connection are set to anything but:
Local IPv4 network CIDR:
0.0.0.0/0
Remote IPv4 network CIDR
0.0.0.0/0
Perhaps it's my misunderstanding but surely you should set this to the specific networks on each side, for example and using just generic 10 network IP's for arguments sake:
Local IPV4 network CIDR:
10.20.1.0/24 - Let's assume this is the subnet configured on AWS
Remote IPV4 network CIDR:
10.230.1.0/24 - Let's assume this is the subnet configured in the vnet on Azure side.
Surely this would allow traffic from 10.20.1.2/32 (let's say this is an EC2 instance)
to communicate end to with a Windows server at the other end IP:
10.230.1.5/32
Am I misunderstanding this or is there something I've missed, happy to discuss with anyone, I don't see it as an issue but it's bugging me it doesn't work the way I expect it to, Id rather have everything as restricted as possible rather than 0.0.0.0/0 but then again I suppose it is traversing over an IPSEC tunnel so it's not the end of the world..
Thanks in advance for any help,
Zack
Hi Gary, thanks for your prompt reply. Yeah I can see that now, I'll wait until out of hours later and configure it and test it and see if it works, thanks again.
Cheers Zack, look forward to the update..
How did you get on Zack?