Cannot connect to Windows Azure virtual network with netgear router

Question

Has anyone sucessfully connected to a Windows Azure Virtual network using a Netgear router?

I am attempting to connect to a Windows Azure virtual network using a Netgear FVS318G VPN firewall router. I am able to create a 49 character pre-shared key (limitation on the Netgear router) thanks to code that I found on the internet. After reviewing the templates that are provided for Cisco and Juniper routers, I put similar settings into the Netgear router. I am receiving time up errors for Phase 1 and Phase 2 negotiations.

The virtual network I setup follows the example in the tutorials: •FrontEnd: 10.4.2.0/24 •BackEnd: 10.4.3.0/24 •ADDNS: 10.4.4.0/24 •DNSServer: 10.1.0.21 •Gateway: 10.4.1.0/24 •On premise network: 10.1.0.0/24

In the router, I set up the IKE proposal to point to our public IP address and the public IP address presented by the Virtual Network configuration. and the IPSec between the on-premise network, 10.1.0.0/24, and the gateway network, 10.4.1.0/24.

In the proposals, I used AES128, SHA1, Group2 and dead peer detection.

Here is a sample of the messages from the router VPN log. Messages are in descending time sequence.

2012 Aug 9 19:56:50 [FVS318g] [IKE] Could not find configuration for 168.62.165.4[1024]_
2012 Aug 9 19:56:30 [FVS318g] [IKE] Phase 1 negotiation failed due to time up for 168.62.165.4[500]. 696cb5bec1f28e81:0000000000000000_
2012 Aug 9 19:56:01 [FVS318g] [IKE] Phase 2 negotiation failed due to time up waiting for phase1. _
2012 Aug 9 19:56:01 [FVS318g] [IKE] Invalid SA protocol type: 0_
2012 Aug 9 19:55:40 [FVS318g] [IKE] Could not find configuration for 168.62.165.4[1024]_
2012 Aug 9 19:55:30 [FVS318g] [IKE] Setting DPD Vendor ID_ 2012 Aug 9 19:55:30 [FVS318g] [IKE] Beginning Identity Protection mode._
2012 Aug 9 19:55:30 [FVS318g] [IKE] Initiating new phase 1 negotiation: 70.182.146.165[500]<=>168.62.165.4[500]_
2012 Aug 9 19:55:30 [FVS318g] [IKE] Configuration found for 168.62.165.4._
2012 Aug 9 19:55:25 [FVS318g] [IKE] accept a request to establish IKE-SA: 168.62.165.4_
2012 Aug 9 19:55:25 [FVS318g] [IKE] Adding IKE configuration with identifer "MP2CCloudNetwork"_
2012 Aug 9 19:55:25 [FVS318g] [IKE] Adding IPSec configuration with identifier "MP2CCloudNetwork"_

Answer 1

After more work with the Netgear support technician, the router, even though it has the functionalities listed for the Azure virtual network, is incompatible with the VPN connection for the virtual network.

Answer 2

I'd imagine that the OP has moved on at this point, but in case anyone else finds this post like I did when trying to solve the problem, it is, in fact, possible to connect a Netgear VPN to a Windows Azure Virtual Network. I made a detailed writeup of my experience. If you have questions, please leave a comment on my blog. I hope it's helpful.

http://exactsolutions.biz/blog/2013/5/3/adfs_on_azure_virtual_machines_part_1

From the above Link:

These steps are for Netgear's Prosafe VPN routers, but there is helpful information here for anyone attempting to use a router that is not on the "approved" list. The primary hurdle to using a Netgear router (or many other prosumer routers) for an Azure VPN is the PSK length. You see, the default PSK length for the Azure VPN is 50 characters, and the maximum PSK length for many routers is... you guessed it 49 characters. The PSK length can be changed, but the process is unfortunately not for the faint of heart. Lucky for you, I've done the heavy lifting for you and have created a C# Console app that will change the settings for you. If you'd rather not trust my app, you can follow the original outline of my manual procedure here.