Azure VPN


I have a VPN setup between Azure and Vyos, the connections have been established and working perfectly, but when i enable zone-polices it blocks all traffic between the Local Subnet and the Azure Subnet.

The remote subnet is and my local subnet is i have a zone-policy and firewall rules configured on my local subnet which i assume is blocking the traffic, but how do i define rules to allow traffic to flow between the VPN connection and local subnet as i don’t know how to configure the a zone-policy for the VPN connection?

Hope that makes sense.



check out this post

Hi, Thanks for the link.

I have managed to get this working now. So just in case anyone else comes across the same issues, here’s what i had to do:

i have the VYOS setup with Zone-Polices with each interface assigned a zone. DMZ, Production and so on. As i only have a single outbound interface (eth0) i set this as my DMZ zone and my VPN is set to use the same interface. So to get the traffic flowing between Azure and my Local Subnet i had to create source IP firewall rules within my DMZ Zone-Policy. (DMZ-PROD) and vice versa.

The only problem i have now is that to enable traffic to flow from my local Subnet to Azure I’ve had to disable NAT, which now prevents my Local servers from accessing the internet. :frowning:
I’m sure there must be a way to have NAT enable and still be able to communicate with Azure, but i dont know how yet.

Anyway, hope this all makes sense.