Hello anonymous user ,
All of the below Encryption & Hashing Algorithms are available by default (as individual sets) when creating a Policy based VPN gateway in Azure:
- AES256, SHA256
- AES256, SHA1
- AES128, SHA1
- 3DES, SHA1
These algorithms are present in form of proposals and are matched against your on-prem configuration.
You need to make sure that one of the above 4 sets is configured in your on-prem VPN device. So that when a connection is initiated, Azure will start matching it's default sets against your configured algorithm set and once it's matched, it will accept that particular proposal for VPN connection.
Custom IPsec/IKE policy is not supported for the Basic SKU VPN gateway but is supported in all other SKUs.
Please refer : https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-compliance-crypto#is-custom-ipsecike-policy-supported-on-all-azure-vpn-gateway-skus
Kindly let us know if the above helps or you need further assistance on this issue.
----------------------------------------------------------------------------------------------------------------
Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.