Question
When creating a Site-to-Site VPN Gateway, you will reach the section to configure the Local Network Gateway.
In the Address space field, is it necessary to specify the address space used in the on-prem network? If so, does the address space need to be the same as the address space specified for Azure VNet, the gateway subnet, or elsewhere in Azure?
Answer 1
Based on your statement, the address space used in the on-prem network needs to be the same as the one being configured. This is necessary to set up VNet routing and direct traffic destined for <address space> to go over the VPN.
Using the same address space as the Azure VNet is not recommended as this would prevent the VNet from routing traffic to the on-prem network.
Note: It is strongly recommended to avoid overlapping address spaces between the on-prem network and the Azure VNet. However, if they do happen to use the same address space, there are two potential solutions.
Answer 2
It is recommended to use an address space that is separate from the address space associated with your on-premise networks. To ensure optimal functionality, your Azure VNet and on-premise networks should not overlap. If feasible, it will be more convenient to use distinct address spaces from the onset (i.e. Azure and on-prem address space should not intersect).