I have set up a S2S VPN in Azure to connect to an on-prem device (PfSense) of a 3rd Party.
We have managed to establish the VPN tunnel, and I can see the status of the connection in the Azure Portal is 'Connected', but when I try a telnet connection from a VM in my VNet to a device in the on-prem network it fails.
Initially I thought it may have been a routing issue but I checked the 'Effective Routes' for the VM and the next hop type for all traffic to the on-prem address space is set to Virtual Network Gateway, so I don't think that is the issue.
After running the Troubleshooting on the Azure Portal I noticed that the Egress Packets seem to be getting dropped due to a Traffic Selector Mismatch
Connectivity State : Connected
Remote Tunnel Endpoint : x.xx.xx.xxx
Ingress Bytes (since last connected) : 672 B
Egress Bytes (since last connected) : 0 B
Ingress Packets (since last connected) : 8 Packets
Egress Packets (since last connected) : 0 Packets
Ingress Packets Dropped due to Traffic Selector Mismatch (since last connected) : 0 Packets
Egress Packets Dropped due to Traffic Selector Mismatch (since last connected) : 4 Packets
Bandwidth : 0 b/s
Peak Bandwidth : 0 b/s
Connected Since : 5/24/2019 2:28:38 PM
The on-prem device that I am connecting to is Policy Based, so I recreated the Azure VPN connection with the 'UsePolicyBasedTrafficSelectors' IpSec setting set to true, but I'm still having the same issue. Can anyone suggest where to go from here?
