Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,127 questions
Site-to-Site Connection Status Unknown
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 60%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKS%3C/text%3E%3C/svg%3E)
Kaitlyn Spaeth
21
Reputation points
Recently, I tried setting up a VPN between Azure and AWS for a company following these instructions:
However, once I got to Step 11 on the Azure side I notice that the gateway says "Unknown". I am not able to access the AWS system in question directly (I'm working on a specific project) but I'm also not finding anything in my documentation that could point me to the issue. All I am seeing on Microsoft documentation thus far, I've already checked and seems to only be small blurbs not directly related to the "Unknown" status. I've been trying to see what exactly causes the Unknown status to appear with little success.
I've also tried resetting the gateway, ensuring the subnets do not conflict, making sure the IP addresses are correct, etc. When I try to run the Diagnostics I don't get any indication that something is wrong with the network. I've been configuring the gateway in Azure, using the configuration profile sent to me by the person on the AWS side.
This isn't something I've done before so any education or links to documents that might assist would be helpful. I don't want to instruct the AWS user to make any changes until I'm sure that they are what is causing the issue, although I have already asked them to make changes before.
Thanks in advance.
{count} votes
-
GitaraniSharma-MSFT 47,416 Reputation points Microsoft Employee2021-12-16T11:34:36.007+00:00 Hello @Kaitlyn Spaeth ,
Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.
Could you please share some more details about the configuration such as what is the Azure VPN gateway SKU used, route/policy based gateway, IKEv1/IKEv2 protocol used? Also did you check all the troubleshooting steps from the below doc:
https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-troubleshoot-site-to-site-cannot-connectVPN connection status "Unknown" may be due to various configuration issues. Did you specify the VPC CIDR prefix in the Azure local network gateway?
Also, did you try to reset the Azure VPN gateway twice as recommended?
Refer : https://learn.microsoft.com/en-us/azure/vpn-gateway/reset-gatewayRegards,
Gita -
Kaitlyn Spaeth 21 Reputation points
2021-12-17T16:23:17.577+00:00 this is a vpngwy1 sku, route based, IKEv2 protocol. To reiterate, this is not technically an on premises device, but a connection between AWS and Azure that I was trying to implement using the guide I referenced in my original post. I have followed all steps, up to Step 11.
This virtual network is brand new and there is nothing on it except the resource that I created. As far as I can tell, everything in the troubleshooting guide I have checked and don't have any issues. I have reset the gateway, probably more than twice at this point. When I check the probe it tells me the gateway is healthy.
-
GitaraniSharma-MSFT 47,416 Reputation points Microsoft Employee
2021-12-20T13:14:02.933+00:00 Hello @Kaitlyn Spaeth ,
Thank you for the update.
It is difficult to troubleshoot this issue without looking into the actual configuration. I would request you to send us an email as requested in the private message to investigate this issue further.
Regards,
Gita -
GitaraniSharma-MSFT 47,416 Reputation points Microsoft Employee
2021-12-22T10:16:08.343+00:00 Hello @Kaitlyn Spaeth , any further updates on this issue? If not, request you to send us an email as requested.
Sign in to comment