Friday, October 7, 2016

Site-to-Site VPN tunnel to Azure

My first post ever since I passed CCIE. I feel like I've been slacking.

This is a short post. It is treated more as my notepad for future configuration. I recently get contacted to create a Site-to-Site VPN tunnel to Azure Cloud. Just like VMware vCloud, Azure doesn't really display lots of technical detail, so creating the tunnel can be a bit challenging.

Here is the default in Azure:

IKE Mode:  IKEv2
Phase 1
    - Encryption: AES-256
    - Hash: SHA1
    - Lifetime: 28800 seconds
Phase 2
    - Encryption: AES-256
    - Hash: SHA1
    - Lifetime: 3600 seconds
    - PFS: disabled.

- if you're using Cisco ASA, use the same settings, but IKEv1, doesn't matter if you're running 8.4 or 9.1.


  1. This type of message always inspiring and I prefer to read quality content, so happy to find good place to many here in the post, the writing is just great, thanks for the post.

  2. i really like this article please keep it up. vpn services

  3. There are many advantages using a VPN services. It is commonly used to workplace and homes. i have used this VPN: for tunneling and it works great.