![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 52%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEW%3C/text%3E%3C/svg%3E)
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,803 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 15%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPB%3C/text%3E%3C/svg%3E)
Hello Emmanuel Watts
It looks like you're experiencing some issues connecting your Meraki firewall to Azure after switching from SonicWall. Since this connection is essential for your users to access the server remotely, let’s work together to get everything running smoothly.
- Share the error screen shot what you are getting while connecting Meraki to Azure.
- Ensure that both the Azure Virtual Network Gateway and the Meraki device are configured for IPSec (IKEv2). Azure’s policy supports route-based configurations, so confirm that your setup is not using policy-based (IKEv1).
- Share the parameters for both phase 1 and phase 2 of your Azure and on-prem VPN configurations screen shot.
- Please ensure that the on-prem firewall public IP and private address prefixes are properly configured on the LNG.
- Ensure that any firewall rules in your Meraki device allow traffic to and from the Azure IP ranges.
- Ensure that both your Azure VPN Gateway and Meraki are listed as validated VPN devices. Check if there might be a compatibility issue with the specific version you're using https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpn-devices#devicetable
- If you're using default parameters, the on-prem parameters should be listed as below. Please check the reference document for Default IPsec/IKE parameters
- And also, from your local on-prem machine, run a continuous
pspingtest to the azure VM private IP address and share the result. psping command: ( psping -t privateip:portno ) Reference document for PsPing - Provide the IP ranges of your on-premises network and azure that connects via Site-to-Site VPN.
- Microsoft Azure requires IKEv2 for dynamic routing (route-based VPN). If you're using IKEv1, it is restricted to static routing only. Ensuring that your Proxy IDs match the expected traffic selectors might help resolve the issue https://documentation.meraki.com/MX/Site-to-site_VPN/Configuring_Site_to_Site_VPN_tunnels_to_Azure_VPN_Gateway
Hope the above answer helps! Please let us know do you have any further queries. Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.