cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

325
Views
0
Helpful
5
Replies
Beginner

VPN Creation Cisco ASA to Azure with Multiple subnets

Hi There, I tried to create IPSEC Site to Site VPN tunnel between Cisco ASA to Azure Side with multiple subnet. Cisco ASA side one subnet and Azure Side two subnets. IPSEC SA is creating for Cisco ASA one subnet to Azure first subnet and No SA is creating for the Second subnet. Below is the url i followed to configure VPN, any idea https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-3rdparty-device-config-cisco-asa https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpn-devices Thanks for your faster response.
Everyone's tags (1)
5 REPLIES 5
VIP Advisor

Re: VPN Creation Cisco ASA to Azure with Multiple subnets

Can you post the logs and enable debug both the side and see what is wrong. Logs provide more information, why failing.

 

 

BB
*** Rate All Helpful Responses ***
Beginner

Re: VPN Creation Cisco ASA to Azure with Multiple subnets

Hi there, can you share me the debug command outputs needed. Debug crypto ikev2 and debug crypto ipsec peer x.x.x. Enough
VIP Advisor

Re: VPN Creation Cisco ASA to Azure with Multiple subnets

Hi,

On Azure you can use its configuration utility to generate configuration
file for ASA. This can be copy past. The main problem with Azure is
proxy-id mismatch where one is wider than the other.
VIP Advisor

Re: VPN Creation Cisco ASA to Azure with Multiple subnets

can you post the crypto ipsec sa output.

 

also are you generating interesting traffic for both subnets?

Please remember to rate useful posts, by clicking on the stars below.

Beginner

Re: VPN Creation Cisco ASA to Azure with Multiple subnets

Hi There, Please find the attached output of crypto ikev2 and IPSec. Thank You.