Changes

Setting up a Site-to-Site IPsec Tunnel between Teltonika Networks and Microsoft Azure (view source)

Revision as of 23:48, 27 May 2024

1,577 bytes added ,  27 May
no edit summary
Line 31: Line 31:  
   
 
   
 
'''Public IP address'''
 
'''Public IP address'''
* '''Public IP address:''' Create new one.
+
* '''Public IP address:''' Create new.
 
* '''Public IP address name:''' Vnet1GWpip.
 
* '''Public IP address name:''' Vnet1GWpip.
 
* '''Assigment:''' Static.
 
* '''Assigment:''' Static.
Line 79: Line 79:  
* '''Address Space:''' The router's LAN network(s)
 
* '''Address Space:''' The router's LAN network(s)
 
* '''Configure BGP settings:''' No.
 
* '''Configure BGP settings:''' No.
   
<br> </br>
 
<br> </br>
[[File:VNGW10.png|600px|center]]
+
[[File:VNGW_10.png|600px|center]]
 
<br> </br>
 
<br> </br>
[[File:VNGW11.png|600px|center]]
+
[[File:VNGW_11.png|600px|center]]
    
Verify the configuration and click on "Create" to finish.
 
Verify the configuration and click on "Create" to finish.
 +
<br> </br>
 
[[File:VNGW_12.png|600px|center]]
 
[[File:VNGW_12.png|600px|center]]
   Line 93: Line 93:  
<br> </br>
 
<br> </br>
 
[[File:VNGW_13.png|600px|center]]
 
[[File:VNGW_13.png|600px|center]]
 +
<br> </br>
 +
Complete the connection settings using the information and images below as reference:
 +
<br> </br>
 +
'''Projects details'''
 +
* '''Suscription:''' Your suscription.
 +
* '''Resource Group:''' Your resource group.
 +
 +
'''Instance details'''
 +
* '''Connection type:''' Site-to-Site (IPsec).
 +
* '''Name:''' SiteToSite.
 +
* '''Region:''' Your prefered Region (It must match the one selected above).
 +
 +
'''Virtual network Gateway'''
 +
* '''Virtual network gateway:''' Vnet1GW.
 +
* '''Local network gateway:''' toRegion.
 +
* '''IKE Protocol:''' IKEv2.
 +
* '''Use Azure Private IP Address:''' Unchecked.
 +
* '''IPsec/IKE policy:''' Custom.
 +
* '''IKE Phase 1:''' Encryption: AES256 ; Integrity/PRF: SHA1 ; DH Group: DHGroup2
 +
* '''IKE Phase 2:''' Encryption: AES256 ; IPsec Integrity: SHA1 ; PFS Group: None
 +
* '''IPsec SA lifetime in KiloBytes:''' 0.
 +
* '''IPsec SA lifetime in seconds:''' 10800.
 +
* '''Use policy based traffic selector:''' Disable.
 +
* '''DPD timeout in seconds:''' 45.
 +
* '''Connection mode''' Default or ResponderOnly.
    +
'''NAT Rules Associations'''
 +
* '''Ingress NAT Rules:''' 0 selected.
 +
* '''Egress NAT Rules:''' 0 selected.
 +
<br> </br>
 +
[[File:VNGW_14.png|600px|center]]
 +
<br> </br>
 +
[[File:VNGW_15.png|600px|center]]
 +
<br> </br>
 +
[[File:VNGW_16.png|600px|center]]
 +
<br> </br>
 +
'''Note:''' You can use different crypto proposals; however, you must ensure that they match on the router.
 +
<br> </br>
 +
[[File:VNGW_17.png|600px|center]]
 +
 +
'''Note:''' the tag field can be leaved empty.
 +
<br> </br>
 +
Check that the parameters match and click on "Create"
 +
<br> </br>
 +
[[File:VNGW_18.png|600px|center]]
 
==Teltonika device configuration==
 
==Teltonika device configuration==
   Line 100: Line 144:  
===IPsec configuration===
 
===IPsec configuration===
   −
==Check Site to Site Comminication==
+
==Check Site to Site Communication==
Retrieved from "https://wiki.teltonika-networks.com/view/Special:MobileDiff/125903"

Navigation menu