My first post ever since I passed CCIE. I feel like I've been slacking.
This is a short post. It is treated more as my notepad for future configuration. I recently get contacted to create a Site-to-Site VPN tunnel to Azure Cloud. Just like VMware vCloud, Azure doesn't really display lots of technical detail, so creating the tunnel can be a bit challenging.
Here is the default in Azure:
IKE Mode: IKEv2
Phase 1
- Encryption: AES-256
- Hash: SHA1
- Lifetime: 28800 seconds
Phase 2
- Encryption: AES-256
- Hash: SHA1
- Lifetime: 3600 seconds
- PFS: disabled.
Note:
- if you're using Cisco ASA, use the same settings, but IKEv1, doesn't matter if you're running 8.4 or 9.1.