Changes

Setting up a Site-to-Site IPsec Tunnel between Teltonika Networks and Microsoft Azure (view source)

Revision as of 00:37, 28 May 2024

295 bytes added ,  28 May
no edit summary
Line 29: Line 29:  
* '''Generation:''' Generation2 (mandatory).
 
* '''Generation:''' Generation2 (mandatory).
 
* '''Virtual Network:''' Select or create a new one.
 
* '''Virtual Network:''' Select or create a new one.
 +
* '''Gateway Subnet Address Range:''' 10.1.1.0/24 (if using Virtual Network default configuration).
 
   
 
   
 
'''Public IP address'''
 
'''Public IP address'''
Line 80: Line 81:  
* '''Configure BGP settings:''' No.
 
* '''Configure BGP settings:''' No.
 
<br> </br>
 
<br> </br>
[[File:VNGW_10.png|600px|center]]
+
[[File:VNGW__10.png|600px|center]]
 
<br> </br>
 
<br> </br>
[[File:VNGW_11.png|600px|center]]
+
[[File:VNGW__11.png|600px|center]]
    
Verify the configuration and click on '''Create''' to finish.
 
Verify the configuration and click on '''Create''' to finish.
Line 108: Line 109:  
* '''Virtual network gateway:''' Vnet1GW.
 
* '''Virtual network gateway:''' Vnet1GW.
 
* '''Local network gateway:''' toRegion.
 
* '''Local network gateway:''' toRegion.
* '''IKE Protocol:''' IKEv2.
+
* '''Local network gateway:''' toRegion.
 +
* '''Shared Key(PSK):''' Your Pre-shared key (It must match the one in the router IPsec configuration).
 
* '''Use Azure Private IP Address:''' Unchecked.
 
* '''Use Azure Private IP Address:''' Unchecked.
 
* '''IPsec/IKE policy:''' Custom.
 
* '''IPsec/IKE policy:''' Custom.
Line 158: Line 160:  
Locate the following path: WebUI > Services > IPsec ; and a new instance:
 
Locate the following path: WebUI > Services > IPsec ; and a new instance:
 
<br> </br>
 
<br> </br>
[[File:TN_IPSEC01.png|600px|center]]
  −
<br> </br>
  −
[[File:TN_IPsec02.png|600px|center]]
  −
<br> </br>
  −
[[File:TN_IPsec03.png|600px|center]]
  −
<br> </br>
  −
[[File:TN_IPsec04.png|600px|center]]
  −
  −
'''Note:''' in this example, we use DH Group equals to MODP1024 which is the same to Group 2 as selected on the platform.
  −
<br> </br>
  −
[[File:TN_IPsec05.png|600px|center]]
  −
  −
==Check Site to Site Communication==
  −
If you followed the configuration steps, you should see that the Site to Site connection has been successfully established.
  −
<br> </br>
  −
   
'''Instance details'''
 
'''Instance details'''
 
* '''Enable:''' On.
 
* '''Enable:''' On.
 
* '''Authentication method:''' Pre-shared key.
 
* '''Authentication method:''' Pre-shared key.
* '''Pre-shared key:''' Your pre-shared key.
+
* '''Pre-shared key:''' Your pre-shared key (must match the pre-shared key configured in the Azure platform's IPsec settings).
 
* '''Local Identifier:''' Empty.
 
* '''Local Identifier:''' Empty.
 
* '''Remote Identifier:''' Empty.
 
* '''Remote Identifier:''' Empty.
Line 200: Line 186:  
* '''Force crypto Proposal:''' off.
 
* '''Force crypto Proposal:''' off.
 
* '''lifetimes''' Empty.
 
* '''lifetimes''' Empty.
 +
<br> </br>
 +
[[File:TN_IPSEC01.png|600px|center]]
 +
<br> </br>
 +
[[File:TN_IPsec02.png|600px|center]]
 +
<br> </br>
 +
[[File:TN_IPsec03.png|600px|center]]
 +
<br> </br>
 +
[[File:TN_IPsec04.png|600px|center]]
    +
'''Note:''' in this example, we use DH Group equals to MODP1024 which is the same to Group 2 selected on the platform.
 +
<br> </br>
 +
[[File:TN_IPsec05.png|600px|center]]
 +
 +
==Check Site to Site Communication==
 +
If you followed the configuration steps, you should see that the Site to Site connection has been successfully established.
 
<br> </br>
 
<br> </br>
 
[[File:TN_IPsec06.png|600px|center]]
 
[[File:TN_IPsec06.png|600px|center]]
Retrieved from "https://wiki.teltonika-networks.com/view/Special:MobileDiff/125918"

Navigation menu