We have been running an Azure to on-premise firewall VPN for about 1.5 years without issue, but the last few days our on-premise network and specifically the AD controllers can not talk to our Azure VM which is also an AD controller, and somethings are not working the way back either
I can ping the Azure VM even with a large packet size, but can not RDP, map a drive, or Http/s to the VM.
In the other direction I can ping from the Azure VM to the on premise servers, and I can map a drive and RDP ok.
As some light things like ping and NSlookup connection but not queries work from the on-premise servers to the Azure VM, so I thought it must have been the MTU, I have tried setting the TCP-MSS to 1350 and MTU to 1350 on both the Azure VM and the on-premise server and the firewall, and its still not working
When I have sniffed the VPN traffic leaving our on-premise network it is getting encapsulated and sent but never received by the Azure VM, I suspected something is blocking it but its not out firewall or the Windows firewall.
As we haven't changed anything on our firewall I suspect something in the Azure virtual networking has changed, or is blocking the traffic.
I havn't recreated the Azure virtual network but that maybe my next option, unless anyone can suggest anything else?
Thanks