Line 29: |
Line 29: |
| * '''Generation:''' Generation2 (mandatory). | | * '''Generation:''' Generation2 (mandatory). |
| * '''Virtual Network:''' Select or create a new one. | | * '''Virtual Network:''' Select or create a new one. |
| + | * '''Gateway Subnet Address Range:''' 10.1.1.0/24 (if using Virtual Network default configuration). |
| | | |
| '''Public IP address''' | | '''Public IP address''' |
Line 80: |
Line 81: |
| * '''Configure BGP settings:''' No. | | * '''Configure BGP settings:''' No. |
| <br> </br> | | <br> </br> |
− | [[File:VNGW_10.png|600px|center]] | + | [[File:VNGW__10.png|600px|center]] |
| <br> </br> | | <br> </br> |
− | [[File:VNGW_11.png|600px|center]] | + | [[File:VNGW__11.png|600px|center]] |
| | | |
| Verify the configuration and click on '''Create''' to finish. | | Verify the configuration and click on '''Create''' to finish. |
Line 108: |
Line 109: |
| * '''Virtual network gateway:''' Vnet1GW. | | * '''Virtual network gateway:''' Vnet1GW. |
| * '''Local network gateway:''' toRegion. | | * '''Local network gateway:''' toRegion. |
− | * '''IKE Protocol:''' IKEv2. | + | * '''Local network gateway:''' toRegion. |
| + | * '''Shared Key(PSK):''' Your Pre-shared key (It must match the one in the router IPsec configuration). |
| * '''Use Azure Private IP Address:''' Unchecked. | | * '''Use Azure Private IP Address:''' Unchecked. |
| * '''IPsec/IKE policy:''' Custom. | | * '''IPsec/IKE policy:''' Custom. |
Line 158: |
Line 160: |
| Locate the following path: WebUI > Services > IPsec ; and a new instance: | | Locate the following path: WebUI > Services > IPsec ; and a new instance: |
| <br> </br> | | <br> </br> |
− | [[File:TN_IPSEC01.png|600px|center]]
| |
− | <br> </br>
| |
− | [[File:TN_IPsec02.png|600px|center]]
| |
− | <br> </br>
| |
− | [[File:TN_IPsec03.png|600px|center]]
| |
− | <br> </br>
| |
− | [[File:TN_IPsec04.png|600px|center]]
| |
− |
| |
− | '''Note:''' in this example, we use DH Group equals to MODP1024 which is the same to Group 2 as selected on the platform.
| |
− | <br> </br>
| |
− | [[File:TN_IPsec05.png|600px|center]]
| |
− |
| |
− | ==Check Site to Site Communication==
| |
− | If you followed the configuration steps, you should see that the Site to Site connection has been successfully established.
| |
− | <br> </br>
| |
− |
| |
| '''Instance details''' | | '''Instance details''' |
| * '''Enable:''' On. | | * '''Enable:''' On. |
| * '''Authentication method:''' Pre-shared key. | | * '''Authentication method:''' Pre-shared key. |
− | * '''Pre-shared key:''' Your pre-shared key. | + | * '''Pre-shared key:''' Your pre-shared key (must match the pre-shared key configured in the Azure platform's IPsec settings). |
| * '''Local Identifier:''' Empty. | | * '''Local Identifier:''' Empty. |
| * '''Remote Identifier:''' Empty. | | * '''Remote Identifier:''' Empty. |
Line 200: |
Line 186: |
| * '''Force crypto Proposal:''' off. | | * '''Force crypto Proposal:''' off. |
| * '''lifetimes''' Empty. | | * '''lifetimes''' Empty. |
| + | <br> </br> |
| + | [[File:TN_IPSEC01.png|600px|center]] |
| + | <br> </br> |
| + | [[File:TN_IPsec02.png|600px|center]] |
| + | <br> </br> |
| + | [[File:TN_IPsec03.png|600px|center]] |
| + | <br> </br> |
| + | [[File:TN_IPsec04.png|600px|center]] |
| | | |
| + | '''Note:''' in this example, we use DH Group equals to MODP1024 which is the same to Group 2 selected on the platform. |
| + | <br> </br> |
| + | [[File:TN_IPsec05.png|600px|center]] |
| + | |
| + | ==Check Site to Site Communication== |
| + | If you followed the configuration steps, you should see that the Site to Site connection has been successfully established. |
| <br> </br> | | <br> </br> |
| [[File:TN_IPsec06.png|600px|center]] | | [[File:TN_IPsec06.png|600px|center]] |