SD-WAN

 View Only
Back to discussions
Expand all | Collapse all

Gateway Site to Site VPN to Azure

This thread has been viewed 11 times

  • 1.  Gateway Site to Site VPN to Azure

    Posted Aug 21, 2024 12:57 PM

    Hi team.

    I'm trying to get a site to site vpn working from a 9004 AOS10 gateway to Azure. Gateway F/W 10.6 I used Florians guide: https://www.flomain.de/2022/07/azure-site-to-site-vpn-with-an-aruba-gateway/   

    Unfortunately the IKE policy profile is missing from the instructions (Florian uses Policy 25 which is not a default) and I'm having a hard time matching the options in Azure with the options in gateway config resulting in the tunnel not establishing. The only Aruba Central event I'm seeing: VPN Peer is unreachable. In Azure: not connected. 

    I tryd both IKE v1 and v2 with both Azure default and custom settings.

    Shared Secret is 100% match.

    Anyone with a working site to site VPN willing to share the IKE settings used and any other settings not matching Florians guide?

    thanks in advance

    Erik



  • 2.  RE: Gateway Site to Site VPN to Azure

    Posted Sep 10, 2025 02:14 AM

    Hi Erik.

    I used this configuration to make it work with this setup:

    Type of VPN Peer Microsoft Azure VPN Gateway (Route based)
    Encryption IKEv2
    Settings https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpn-devices
    Example Phase 1 AES256, SHA256, DH group 14, 28800 sec
    Example Phase 2 AES256, SHA256, PFS2048 (eventuelt ingen PFS), 28800 sec

    -------------------------------------------

    Original Message


Related Content