I was working with a customer to set up a site-to-site VPN between Windows Azure and a corporate network. On the Windows Azure Virtual Network Dashboard, it showed the VPN tunnel was connected but data in and out were 0 KB even after a long time. Firewalls were open to allow the Windows Azure gateway in the corporate network. What went wrong?
The router on the corporate network was Cisco ASA 5500 Series device with ASA OS version 8.4. A VPN configuration script was downloaded from the Virtual Network Dashboard in Windows Azure but the script was for OS version 8.3.
Obviously, the script did not work well for OS version 8.4. It ended up two changes were required for the following sections to resolve the issue.
- Internet Key Exchange (IKE) configuration
- Tunnel configuration
Internet Key Exchange (IKE) configuration
In this section, replace isakmp with ikev1 on the second line before policy 10.
Tunnel configuration
In this section, add ikev1 in front of the keyword pre-shared-key.
After re-running the modified script in the Cisco VPN device, the IN/OUT KB started to increase. VMs were able to communicate between the two networks via PING. Everything seemed to work fine.
Reblogged this on 49514262200010.
Hi,
I need to create a Windows Azure VPN with Cisco ASA 5500 Series with software 8.4, and i need to know if changes needed to make the VPN script after download script are only in this two sections:
– Internet Key Exchange (IKE) configuration
– Tunnel configuration
Best Regards,
Moreira
Yes, those were the two sections we had to change to make it to work after downloading the scripts.