Undocumented connection backdoor in Microsoft Azure Point-to-Site VPN

I had been recently evaluating network capabilities of Microsoft Azure and found an undocumented backdoor that looked interesting.

There is a breach in configuration of Point-to-Site VPN client of Microsoft Azure. This breach allows me to connect back from any Windows Virtual Machine running in my Microsoft Azure subscription to local VPN clients via RDP session.

I describe my findings below.

Question

Can anyone explain technical reasons of the observed behavior: P2S VPN connection drops in case when you try to connect back to physical/virtual machine but survives in case of existing RDP from that machine?

Initial conditions

Assume you have a Virtual Network ("VNET") in your Azure subscription with configured Point-to-Site VPN.

You have a Virtual Machine running Windows ("Azure VM"); it has Remote Desktop client ("RDP").

You also have a physical or virtual local machine ("Local PC #1") with installed Point-to-Site VPN client for Microsoft Azure.

You establish Remote Desktop session from "Local PC #1" to "Azure VM" ("RDP Azure VM"). You initiate and open a Point-to-Site VPN connection from "Local PC #1" to your "VNET" as usually.

As a result you can connect to your resources hosted in Azure subscription using private IP addresses of "VNET".

Attempt to connect back #1

If you try to connect back from "RDP Azure VM" to your "Local PC #1" using RDP client of "RDP Azure VM" and IP address issued to Point-to-Site VPN client of "Local PC #1" the connection fails. It happens because your Point-to-Site VPN session immediately disconnects as it should be (no shared connection allowed).

Special conditions

Assume you have a second local machine ("Local PC #2"), and you establish Remote Desktop session from "Local PC #2" to "Local PC #1" ("Local RDP PC #1").

You install Point-to-Site VPN client for Microsoft Azure to "Local RDP PC #1".

You initiate and open a Point-to-Site VPN connection from "Local RDP to PC #1" to your "VNET" as usually.

As a result you can connect from "Local RDP PC #1" to your resources hosted in Azure subscription using private IP addresses of "VNET".

Attempt to connect back #2

If you try to connect back from "RDP Azure VM" to your "Local RDP PC #1" using RDP client of "RDP Azure VM" and IP address issued to Point-to-Site VPN client of "Local RDP PC #1" the connection somehow succeeds (no shared connection allowed). As a result you can access any resources of "Local PC #1" and other machines of LAN from "RDP Azure VM" using RDP connection established to "Local RDP PC #1".

As you can see there is an obvious difference in back connection behavior between "Attempt to connect back #1" and "Attempt to connect back #2".

Thank you and sorry for a long description.