I am attempting to route internet traffic from a Japan VM, running Windows Server 2022 over a peered vnet to East US with a Windows Server 2022 VM using RRAS. Esentially force tunneling without a S2S requirement
The configuration is as follows Japan Vnet > Vnet peering connection > EastUS2 vnet > internet is esentially what I want. I have a server in useast configured with RRAS and it routes traffic over the site to site tunnel fine (Example: onprem network is 10.0.8.0, this works fine from Japan going through the VM in USEast over vnet peering), but getting it to route internet traffic is not working.
I configured a static route using azure route tables for the japan server to 0.0.0.0/0 to the IP of the azure useast server, simlar to how i configured a static route for having the japan server connect to on-prem over the vnet. But this just causes a loss of internet, and I have to remove the route. vnet to vnet traffic continues to work.
I also tried setting the gateway on the NIC of the Japan server to the IP of the USEast2 system. Also did not work.
I do not want to use the S2S tunnel. I simply want the Japan server to use the internet from the USEast2 vnet.
Created two virtual machines peered vnet to Japan vm to west us:
Enable IP forwarding in East US and change private Ip address allocation to static this allows the RRAS server to forward traffic between the peered Vnets.
Installed RRAS server in East us make sure to add new static route in destination -> Japan vnet IP address, gateway -> you can find gateway address using cmd
ipconfig.Now configure UDR (User-Defined Route) on the Japan VM route table with the destination as 0.0.0.0/0 and the next hop as the IP address of the NIC of the Windows Server 2022 VM in East US and add subnet under the setting.
Make sure in windows defender firewall turned off like below:
The Japan VM should be able to route its internet traffic via the RRAS server in the East US VNet successfully:
Reference:
Use Azure VPN Gateway To Route Traffic Between Spoke Networks - CHARBEL NEMNOM - MVP | MCT | CCSP | CISM - by Cloud & CyberSecurity