I configured two Red Hat servers, 1 in Amazon and 1 in Azure. I connected the two servers via IPSEC VPN. The two servers can ping each other's internal IP across the tunnel. Amazon's internal 10.99.x.x, Azure 172.16.x.x. I added a route through Amazon's GUI interface routing table to pass traffic going to 172.16.x.x to the Amazon Red Hat. I don't see where to exactly do that in Azure, even through they have a Route Table in Azure it doesn't look correct to me. So I added a route add to the 172.16.0.50 server to pass traffic going to 10.99.x.x to 172.16.0.25.
Now I can ping any server on the 10.99.x.x subnet across the tunnel to the 172.16.0.25 (Azure Red Hat internal IP). However I can't reach anything else in the 172.16.x.x network. Also the 172.16.0.50 server can't ping 10.99.x.x. When I do a wireshark it doesn't even look like the it's sending traffic to the 172.16.0.25 Red Hat VPN server, it's going to some 40.x.x.x public IP. So there has to be something else that needs to be configured in Azure so traffic on the 172.16.x.x network will send packets to the 172.16.0.25 Red Hat and across the tunnel.
Any help appreciated, thanks!