Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 38 replies
  • Answers 1 answer
  • Subscribers 5 subscribers
  • Views 107088 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site-to-Site VPN to Windows Azure

dsidler
Hi all

Wondering if anyone successfully created a site-to-site VPN to Azure's new Virtual Network. 

Tried several options based on the Cisco and Juniper configs provided by MSFT, but to no avail. Usually stuck with a "no connection has been authorized with policy=PSK" message.

Running 8.3 on a UTM-120. 

Cheers,
Dan


This thread was automatically locked due to age.
Parents
  • 0
    Hi,

    I'm having the same issue that was posted initially:

    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: ignoring Vendor ID payload [RFC 3947]
    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: ignoring Vendor ID payload [FRAGMENTATION]
    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: ignoring Vendor ID payload [Vid-Initial-Contact]
    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: ignoring Vendor ID payload [IKE CGA version 1]
    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: initial Main Mode message received on xx.xx.xx.xx:500 but no connection has been authorized with policy=PSK
    2012:07:13-17:32:43 asg-mtl pluto[24404]: packet from 72.21.209.225:500: received Vendor ID payload [Dead Peer Detection]

    Any ideas?

    IKE encryption: AES 128
    IKE authentication:SHA1
    IKE SA: 28800
    IKE DH: Group 2: MODP 1024

    IPSec encryption: AES 128
    IPSec authentication:SHA1
    IPSec SA: 3600
    IPSec PFS: Group 2: MODP 1024
Reply
  • 0
    Hi,

    I'm having the same issue that was posted initially:

    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: ignoring Vendor ID payload [RFC 3947]
    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: ignoring Vendor ID payload [FRAGMENTATION]
    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: ignoring Vendor ID payload [Vid-Initial-Contact]
    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: ignoring Vendor ID payload [IKE CGA version 1]
    2012:07:13-17:32:42 asg-mtl pluto[24404]: packet from 168.62.36.83:1032: initial Main Mode message received on xx.xx.xx.xx:500 but no connection has been authorized with policy=PSK
    2012:07:13-17:32:43 asg-mtl pluto[24404]: packet from 72.21.209.225:500: received Vendor ID payload [Dead Peer Detection]

    Any ideas?

    IKE encryption: AES 128
    IKE authentication:SHA1
    IKE SA: 28800
    IKE DH: Group 2: MODP 1024

    IPSec encryption: AES 128
    IPSec authentication:SHA1
    IPSec SA: 3600
    IPSec PFS: Group 2: MODP 1024
Children
No Data
Unfiltered HTML