Site-to-Site VPN

 on-prem to the azure vnet 

vnet = 10.0.0.0/16 

subnet = 10.0.0.0/24 

Implement for Site to Site VPN connection :

1. Create a gateway subnet 

The Virtual network gateway uses specific subnet called the gateway subnet. The gateway subnet is part of the virtual network IP address range that you specify when configuring your virtual network. It contains IP addresses that the virtual network gateway resources and services use. The subnet must be named 'Gateway Subnet' in order for Azure to deploy the gateway resources. You cannot specify a different subnet to deploy the gateway resources to. if you dont have a subnet named 'GatewaySubnet' when you create your VPN gateway, it will fail.

2. Create a local gateway 

The local network gateway typically refers to your on-premises location. You give the site a name by which Azure can refer to it, then specify the IP address of the on-premises VPN device to which you will create a connection. You also specify the IPaddress prefixes that will be routed through the VPN gateway to the VPN device. The address prefixes you specify are the prefix located on your on-premises network. If your on-premises network changes or you need to change the public IP address for the VPN device, you can easily update the values later.

3. Create a VPN gateway 

4. Create a VPN connection 

Create the Site-to-Site VPN connection b/w your virtual network gateway and your on-premises VPN device.

reference:

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal