Hello,
I am trying to bring up an IKEv2 client connection from a linux strongswan machine to a point-to-site configured azure virtual gateway. I followed all the instructions to setup the network resources and the virtual gateway with P2S azure cert auth, but I see that the gateway does not respond to the client at all. The client keeps sending ISAKMP packets to the gateway, but the gateway does not respond.
Can anyone please let me know what I maybe missing? Could it be some ports are blocked on the Azure side ? I did a health check on the gateway and it seemed to pass with no issues.
Thanks! Rakesh
root@ubuntu:~# ipsec up azure
initiating IKE_SA azure[1] to 52.xxx.xxx.xxx
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
sending packet: from 10.0.0.225[500] to 52.xxx.xxx.xxx[500] (1128 bytes)
retransmit 1 of request with message ID 0
sending packet: from 10.0.0.225[500] to 52.xxx.xxx.xxx[500] (1128 bytes)
retransmit 2 of request with message ID 0
sending packet: from 10.0.0.225[500] to 52.xxx.xxx.xxx[500] (1128 bytes)
retransmit 3 of request with message ID 0
sending packet: from 10.0.0.225[500] to 52.xxx.xxx.xxx[500] (1128 bytes)
retransmit 4 of request with message ID 0
sending packet: from 10.0.0.225[500] to 52.xxx.xxx.xxx[500] (1128 bytes)
retransmit 5 of request with message ID 0
sending packet: from 10.0.0.225[500] to 52.xxx.xxx.xxx[500] (1128 bytes)
giving up after 5 retransmits
establishing IKE_SA failed, peer not responding
establishing connection 'azure' failed