I have an Azure VPN Gateway with an IPSec VPN connection to a remote vpn server. The internal vpn interface is on a GatewaySubnet (zone redundant). I can get the tunnel to come up with the remote server but only see inbound traffic on the Azure side, never any outbound. It's as if the traffic comes in and gets lost. Given the routing that I'm trying to pull off with this configuration, this seems plausible. I need all traffic on the Azure VNet (on which the Azure VPN Gateway resides) to be routed to the remote end of the vpn tunnel. If I associate the GatewaySubnet to a route table, Azure doesn't allow that route table to have a default route. This is true even if the default route type is 'Virtual Network gateway'. I tried with a more specific route but it doesn't impact the one-way traffic described above. All routing is static. How can I establish a default route from VNet subnet(s) -> GatewaySubnet -> Azure VPN Gateway -> Remote VPN endpoint?