Hello,
I have a Site-to-Site-VPN with an Azure VPN gateway where some local subnets on the UTM are configured. Now I have enabled forced tunneling on the Azure site, so that all traffic is send over the tunnel to route the internet traffic from Azure through the UTM. This is not working at the moment because I need to change the local networks on the VPN connection to Any otherwise the internet traffic:
About forced tunneling for site-to-site - Azure VPN Gateway | Microsoft Learn
"The on-premises VPN device must be configured using 0.0.0.0/0 as traffic selectors."
If I add a single internet IP (e.g. 8.8.8.8) to the tunnel I see that it works, so from the change to any should be the solution. But I am not sure if this is really the right procedure. The UTM is in a remote data center and I don't want to lose the connection through a misconfiguration. In addition I'd like to doublecheck the security (the autmatic creation of firewall rules are disabled.
Thanks!