Hello,
I need the clients in the branches to be able to access the virtual machines on Azure.
Those VMs are in a separate virtual network from the SpeedFusion, and I have set up a peering between the two virtual networks.
I have adjusted the route table applied to our virtual machine subnet so that the VMs point to the FusionHub on 172.16.11.4 for my test branch (192.168.51.0/24).
I have verified the NSG for the virtual machines have a rule allowing ICMP from 172.16.11.0/24 and 192.168.51.0/24
The only way I have found to get the FusionHub to advertise 172.16.253.0 is to add it as a static route, pointing to the FusionHub’s WAN gateway (172.16.11.1) but that doesn’t seem to actually work.
Is it possible to get someone’s assistance with the last part of this configuration, or is what I’m trying to do even possible with the FusionHub in Azure? Or is it only for aggregating bandwidth for the branches?
Can you draw up a diagram showing how it all connects?
the fusion hub wan is directly to the internet?
the fusionhub lan interface, what IP/subnet is that?
the azure VMs, what subnet is that? what gateway did they use before you changed it?
The virtual machines’ gateway is 172.16.253.1 which is I’m guessing Azure’s default gateway to the internet (it isn’t a router of mine, but handed out by the subnet’s DHCP server)
Which is why there needs to be a route table, so the VMs know where to reach different internal subnets. The route table has destinations for each of the branches and then the router to find them on. Currently we use a Meraki vMX and so they all point to the vMX’s LAN IP. I have set up a B-ONE to test and have pointed it to the FusionHub’s LAN IP. There is a peering set up between the FusionHub virtual network and the virtual machine virtual network, so the 172.16.253.1 gateway should have connectivity (a route) to the FusionHub’s LAN subnet.
I guess the question is, how do you get the FusionHub to advertise other subnets on Azure, such that other Peplink devices and the clients behind them can reach the services/VMs on those other Azure subnets
Solved it. Needed to remove the VM subnet from the Static Routes on the FusionHub, and instead on Advanced → OSPF & RIPv2, I added the VM subnet to the Custom Route Advertising section, saved, applied, and voila! I’m pinging my VMs from the test branch B-ONE