I have several Windows Servers running on an Azure virtual network with 2 subnets. I have a domain controller at 10.0.0.4, and servers at 10.0.1.4, 10.0.1.5, etc. I configured a point-to-site VPN, so that I can make a VPN connection to the virtual network from my PC. When I make the VPN connection, my PC receives a 10.0.16.x IP. By default the VPN connection provided by Azure routes only 10.x.x.x traffic through the VPN, but I've modified this by checking Use default gateway on remote network, because I want all internet traffic routed through Azure when I am connected to the VPN. When I make this connection, I am able to access the servers on the Azure virtual network, but I have no connectivity to the internet. My understanding is that a NAT router will be required in order to facilitate internet connectivity.
I have added a CentOS VM at 10.0.1.6. It has just a single NIC, as it's not possible for Azure VMs to have more than one NIC. I have two questions:
Will it be possible to configure a NAT router with a single NIC? If so, how? Google searching buries me in an avalanche of iptables commands, mostly for NAT routers with 2 NICs. I can't find anything that simplifies the configuration steps required for this type of scenario. I tried the commands here, but that was not successful.
On my PC after connecting to the VPN, I'm not quite clear what I'll need to do. Will I be essentially wanting to make 10.0.1.6 the default gateway? If so, is this how I will do that?
route delete 0.0.0.0 route add 0.0.0.0. MASK 0.0.0.0 10.0.1.6
In case it helps, here is the output of ifconfig
on the CentOS VM:
eth0 Link encap:Ethernet HWaddr 00:15:5D:61:7E:1E
inet addr:10.0.1.6 Bcast:10.0.1.255 Mask:255.255.255.0
inet6 addr: fe80::215:5dff:fe61:7e1e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:931 errors:0 dropped:0 overruns:0 frame:0
TX packets:1034 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:101709 (99.3 KiB) TX bytes:162650 (158.8 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Here's a snip from the Azure Virtual Network configuration page that hopefully helps to describe the layout of the network. I am using "Subnet-1" for domain controllers, and "Subnet-2" is where all other servers live (including the CentOS VM that i'm trying to use as a router). Azure automatically configures the VMs in "Subnet-1" with a default gateway of 10.0.0.1, and the VMs in "Subnet-2" with a default gateway of 10.0.1.1. But those gateways are not servers that I have any control over. The VPN clients are allocated IPs from the "point-to-site connectivity" address space.
Azure Virtual Network Configuration Screenshot
(I'm not allowed to post images apparently)
And here's a link to the route table on the (windows) vpn client (in this case after configuring 10.1.0.1 as the default gateway):