My internal network is 192.168.192.0/22. My TMG (2010 SP2) is 192.168.192.1. I have created an IPsec VPN to Azure. The network at Azure is 10.0.0.0/24. I have a firewall rule that allows (Internal & Azure) <--> (Internal& Azure).
I created a virtual machine at 10.0.0.4 and one at 10.0.0.5 and turned on IIS on both. From either Azure VM I can access the default IIS page on the other server.
The VPN is up and connected. From the internal network I can RDP and access file shares on either VM. I joined the 10.0.0.4 VM to our internal domain. From either Azure VM I can ping, RDP, HTTP, and access shares on the internal network.
I cannot HTTP from any internal machines to either of the Azure VMs. After a minute I receive a timeout error.
TMG firewall logs shown below. 192.168.194.35 is a PC on the internal network. 108.63.8.18 is the public IP of the TMG server.
IIS logs on the Azure VMs never show any traffic getting to them. Any ideas on why HTTP is not reaching the other side of the tunnel?
Image may be NSFW.
Clik here to view.
UPDATE:
I added a self-signed cert to the Azure VM at 10.0.0.4 and the client PC at 192.168.194.35 can accesshttps://10.0.0.4. Still not luck with HTTP though.
