I have created two new VM's on the same subnet of an azure virtual network.
My Azure virtual network is 172.16.32.48/28, so the first Azure VM has an address of .52 and the second .53. My point to site VPN subnet is 172.16.42.0/28.
My Virtual Network Gateway is at 172.16.32.4.
From the 172.16.32.52 VM, I can ping, RDP, and map to shared folders. All is well here. When I tracert from .52 to a VPN connected PC at 172.16.42.6, I see a "good" first hop at 172.16.32.4.
From the 172.16.32.53 VM, I can do no such things. tracert from this VM to the VPN connected PC at 172.16.42.6 seems like it's trying to route to the Internet....I can't tell for sure because the first hop in tracert is "* * * Request timed out".
The only thing that I can think of that I did differently when provisioning these two servers was this: On the non-functional .53 VM, I created three additional Endpoints (80, 443, and 22). I've since gone back into Azure mgmt console and removed these Endpoints, but maybe that doesn't matter.
Is there a way that I can rectify this situation so that return traffic routes correctly to the VPN subnet (172.16.42.0/28)? I want to be able to communicate to the .53 VM on several different ports via the VPN tunnel, but with the invalid return path, I would seem to be hosed. I'll create a new VM if I have to, but wanted to save/preserve the work I've done to date on the .53.