Azure

Upgrading The IPsec/ IKE Coverage To The Azure Web site-To-Web site VPN Connection Utilizing The Azure Portal

Photo of Harsh Bakshi Harsh Bakshi Send an email November 3, 2020
0 525 2 minutes read

Introduction

 

In our earlier article we realized the way to improve the IPsec/IKE coverage to the Azure Web site-to-Web site VPN Connection utilizing PowerShell. On this article, we’re going to learn to configure an IPsec/IKE coverage for site-to-site (S2S) VPN connections utilizing the Azure Portal.

 

Step 1

 

Earlier than upgrading the connection, please confirm that the next steps are configured within the Azure portal.

  • Digital Community
  • Gateway subnet
  • VPN Gateway
  • Native Community Gateway
  • VPN connection
In case you are not configuring the VPN setup please observe this hyperlink to find out about Implementing Azure Web site To Web site VPN.

 

Step 2

 

Within the Azure Portal, go to the right “Useful resource group” after which open the “VPN Connection”.

 

On this demo our Connection identify is “Site2-to-Site1”

 

 

Step 3

 

Be sure that the connection is up and working with any situation

 

Upgrading The IPsec/ IKE Policy To The Azure Site-To-Site VPN Connection Using The Azure Portal

 

Step 4

 

Go to the “Configuration” below the Settings.

 

Upgrading The IPsec/ IKE Policy To The Azure Site-To-Site VPN Connection Using The Azure Portal

 

Step 5

 

Configuration settings, choose the IPsec / IKE coverage to “Customized”, now we enter the IKE Section 1 and IKE Section 2 (IPsec) parameters.

 

Upgrading The IPsec/ IKE Policy To The Azure Site-To-Site VPN Connection Using The Azure Portal

 

Click on right here to be taught extra particulars about supported cryptographic algorithms and key strengths.

 

Step 6

 

Now we’re going to enter the parameters for the IKE Section 1 and IKE Section 2 (IPsec). on this demo we’re going to enter the beneath parameters.

  1. IKE Section 1
    1. Encryption – AES256
    2. Integrity/PRF – SHA256
    3. DH Group – DHGroup2
  2. IKE Section 2 (IPsec)
    1. IPsec Encryption – AES256
    2. IPsec Integrity – SHA256
    3. PFS Group – PFS2
  3. IPsec SA lifetime in KiloBytes – 102400000
  4. IPsec SA lifetime in seconds – 28800

Step 7

 

After getting into the parameters click on “Save”.

 

Upgrading The IPsec/ IKE Policy To The Azure Site-To-Site VPN Connection Using The Azure Portal

 

Observe

Coverage-based Visitors Selectors should not supported in Azure Stack Hub.

 

Vital

 

As soon as the IPsec/IKE coverage is upgraded to the connection, the Azure VPN gateway will solely ship or settle for the IPsec/IKE proposal with specified cryptographic algorithms and key strengths on that specific connection. Be sure that your on-premises VPN gadget for the connection makes use of or accepts the precise coverage mixture, in any other case the S2S VPN tunnel won’t set up.

 

Abstract

 

On this article, we now have realized the way to improve the VPN Connection parameters utilizing the Azure Portal. In our earlier article we realized to improve the VPN Connection parameters utilizing the PowerShell instructions. In case you have any questions be at liberty to contact me.

Tags
Photo of Harsh Bakshi Harsh Bakshi Send an email November 3, 2020
0 525 2 minutes read
Show More
Photo of Harsh Bakshi

Harsh Bakshi

Related Articles

Microsoft Entra ID

REST API to Ship Messages to Azure Service Bus Subject Subscription

4 hours ago
Create button

Function Flags in .NET Core with Azure

13 hours ago
Azure cloud services

Azure Storage Replication Methods

21 hours ago
Logic App

Azure Logic App – A Transient Introduction With An Instance

1 day ago

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button