Issue with Azure VPN device connecting to Azure VM (domain controller) RRS feed

  • Question

  • Hi ,

    I have a successfully connected a device (Windows 10 - 19042.1052) with an Azure VM (Domain controller - Windows Server 2019) located in VNet through VPN Point to site. The VPN authentication is certificate-based and protocols are IKEv2 + SSTP.

    The following tests were performed but some failed, then I need your help to solve them:

    Tests from device:

    • Ifconfig (i can see the VPN IP address assigned to my device and DNS) ... it works

    • Nslookup (i can query the domain controller in Azure) ... it works

    • Ping from device to Azure VM IP address located in VNet ... it works!


    1) Ping from device to Azure VM using FQDN ... it does not work
    The error is: Ping request could not find host "fqdn". Please check the name and try again.

    It happens in most client devices (4 of 5 devices tested).

    2) When VPN P2S is conected, all tested devices can see the shares (netlogon and sysvol) in the Azure VM Domain Controller but credentials are requested to access. them I type right credentials but it does not work, asking them again and again. Then I can not make group policy works because device can not query the sysvol folder.

    I checked the following link about VPN P2S issues and solutions but none of them solved my issue

    Wednesday, June 30, 2021 8:31 PM

All replies

  • I have the same problem, did you find the solution?
    Thursday, July 1, 2021 1:30 PM
  • Hi David,

    Unfortunately no yet

    Friday, July 2, 2021 2:46 PM
  • Probably due to firewall settings. Use the tracert command and check which router you are having trouble with.
    • Proposed as answer by Dripjamz Sunday, July 18, 2021 5:49 PM
    • Unproposed as answer by Dripjamz Sunday, July 18, 2021 5:49 PM
    Sunday, July 4, 2021 8:34 AM
  • Hello Gabriel

    How did you configure your DNS, are you using the Default Azure DNS ? 

    if the answer to the above question is yes, then you need to configure a custom DNS. First, Install the DNS role on your Domain controller if you haven't already and then use the IP of the DNS/Domain Controller as your custom DNS. 

    To configure a custom DNS via Azure portal. Navigate to your VNET, click on DNS servers select Custom and enter the DNS server IP. Then reboot your VM.  see if this fix your problem.

    if you are already using a custom DNS, then I will suggest that you change VPN authentication to Azure AD

    Please do not forget to "Accept the answer" and Upvote on the post that helped you, this can be beneficial to other community members.

    • Edited by Oogaga Wednesday, July 21, 2021 8:51 PM
    Wednesday, July 21, 2021 8:48 PM