Adding VPN configuration on iOS (Choose to use certificate to authentication,details information is in the VpnSettings.xml, which downloaded from Azure portal > Point-to-site configuration> Download VPN client> Open the folder > Generic ). Azure VPN tunnels, for Site-to-Site connectivity (S2S), are by design/default encrypted using IPSEC. Encryption is also provided for Point-to-Site (P2S) using SSTP (Secure Socket Tunneling Protocol). ExpressRoute does not provide network traffic encryption for its circuits.
I'm currently having some issues with connecting the VPN to my Vnet properly. The Virtual Network is called MGS-vnet with an address space of 10.0.0.0/8. It contains 2 subnets:. default with an address range of 10.0.0.0/16. GatewaySubnet with an address range of 10.1.0.0/16 I then have a Virtual Network Gateway, aptly named VPN. Under MGS-vnet there is a VM called MGSServ1 which is connected by a network inteface mgsserv1261 and assigned the IP address 10.0.0.4. The issue is that I can't get the VPN to communicate with the MGSServ1, I've attempted with some different netmasks since I noticed that might've been the issue so I changed the address space to 10.0.0.0/8 which is now my current configuration, I believe this would be the correct configuration but that address space means I cannot specify an address range on the Point-To-Site that isn't already reserved.
Failed to save virtual network gateway 'VPN'. Error: The virtual network gateway's VPN client address pool overlaps with the virtual network's address space. The overlapping address space prefixes are 10.0.0.0/8 and 10.1.0.0/24.
Hope you can advise where the issue is in creating this connection between the VPN and the VM. I've also attempted with creating a Route Table between the IP range of VPN to the specific VM, I was unable to get that working and not sure if I should proceed with that solution. Network Diagram.