0

I've asked before concerning how one might troubleshoot a Site-to-Site VPN connection between Azure and a Cisco device (that I don't control), and didn't get useful answers.

Now, I'm asking a probably more specific question: given that my peer uses one of the supported devices (a Cisco Asa 5500 family device), what are all the default parameters for IPsec and IKE that I can merely enumerate for my peer without having to consult or rely on the config script that Azure suggests? The reason I need this, and don't want to read the script, is that the person configuring the other side of the VPN is not willing to use the Azure script, and instead prefers that I enumerate all the IPsec and IKE parameters of my endpoint (Azure), but I'm not a domain expert, and I'm not sure if what I can infer from the config script is correct. So, maybe someone more knowledgeable in this domain might help...

JWL
  • 185
  • 1
  • 2
  • 8

1 Answers1

1

IPsec Parameters:

https://msdn.microsoft.com/en-us/library/azure/jj156075.aspx#bkmk_IPsecParameters

Even if your device supports these parameters there will be cases where the VPN will not connect for random or unkwown reasons. Make sure to create a static gateway instead of dynamic, it increases the chance of support. Most devices won't work with a dynamic gateway.

Bruno Faria
  • 3,814
  • 1
  • 13
  • 18