Hell Eveyone,
I have setup IP-SEC tunnel from our cloud enviornment to AZURE platform and keep dropping every 50 min then reconnect itself, but it disturb data replication job at our end.
I have setup multiple proposal on phase1 as not sure which one is going to work with Azure platform
vpn {
ipsec {
auto-update 60
esp-group ESP-group {
compression disable
lifetime 3600
mode tunnel
pfs dh-group2
proposal 1 {
encryption aes256
hash sha1
}
}
ike-group IKE-group {
close-action restart
dead-peer-detection {
action restart
interval 15
timeout 30
}
ikev2-reauth no
key-exchange ikev1
lifetime 3600
proposal 1 {
dh-group 2
encryption aes256
hash sha1
}
proposal 2 {
dh-group 2
encryption 3des
hash sha1
}
proposal 3 {
dh-group 2
encryption aes128
hash sha1
}
proposal 4 {
dh-group 2
encryption aes256
hash sha256
}
}
ipsec-interfaces {
interface eth0
}
site-to-site {
peer 4.4.4.4 {
authentication {
mode pre-shared-secret
pre-shared-secret ~~~~~~~
}
connection-type initiate
default-esp-group ESP-group
description AzureTest
ike-group IKE-group
ikev2-reauth inherit
local-address x.x.x.x
tunnel 1 {
allow-nat-networks disable
allow-public-networks disable
esp-group ESP-group
local {
prefix 172.20.130.0/27
}
remote {
prefix 10.0.0.0/16
}
}
please provide any suggestion/sollution or debug commnand which much appriciated.