Cannot Connect Site-to-site VPN between Azure vWAN and On-premise Zyxel SBG3300-N​

Padtawee Srisan-ngam 60 Reputation points
2023-07-23T08:00:37.0233333+00:00

I have created Azure virtual WAN then create virtual hub and the create site-to-tie VPN inside the Azure virtual hub. For VPN connection, I am setting IPsec to default but cannot connect to on-premise VPN device Zyxel SBG3300-N. I try to change IPsec setting to custom to configure IKE Phase 1 Encryption, but at the Zyxel SBG3300-N don't have DH Group match to Azure. Anyone can suggest solution or IPSec setting for Azure vWAN and on-premise VPN device Zyxel SBG3300-N. Thank you so much.

Azure Virtual WAN
Azure Virtual WAN
An Azure virtual networking service that provides optimized and automated branch-to-branch connectivity.
189 questions
Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,389 questions
Accepted answer
  1. KapilAnanth-MSFT 35,336 Reputation points Microsoft Employee
    2023-07-24T09:02:57.0333333+00:00

    @Padtawee Srisan-ngam

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    Please find a list of IPsec connectivity partners here: https://learn.microsoft.com/en-us/azure/virtual-wan/virtual-wan-locations-partners#partners

    The below list provides a list of supported IPSEC Policies, both Default and Custom: https://learn.microsoft.com/en-us/azure/virtual-wan/virtual-wan-ipsec

    You should make sure that your Onprem device matches the IPSEC Polices supported in the vWAN S2S to establish the connection.

    I am afraid we will not be able to add or modify a policy to the vWAN connection.

    Cheers,

    Kapil

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest