Best Practice VPN between VyOS and Azure VPN Gateway Virtual WAN


We actually trying to have a functionnal VPN tunnel between a VyOS firewall and a Virtual WAN VPN Gateway in Azure. We see currently some instability of the tunnel when we have an high trafic, and we can see some TCP Duplicate ACK when we do a wireshark.

We configure the MTU on 1350 but I think we don’t use the recommend encryption parameter who cause some high calculation ressource…

What is the recommend parameter for an IPsec VPN between VyOS an Azure ?



it depends on azure’s requirement , we have a blueprint for how to configure ipsec-route based vpn on azure. maybe it could help with your template .

try to use ikev2 over ikev1 , however , it’s important to know which parameter azure wan recommend.

1 Like