Azure
Plateforme et infrastructure de cloud computing pour la génération, le déploiement et la gestion d’applications et de services à travers un réseau mondial de centres de données gérés par Microsoft.
Connection not established
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 88%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMR%3C/text%3E%3C/svg%3E)
Meher Raddadi
0
Points de réputation
Bonjour
J’ai un problème de connectivité entre notre VPN Azure et le VPN on-premise PfSense côté client.
Si possible, j’aimerais avoir plus de logs côté Azure VPN, car nous sommes bloqués.
Voici les logs côté PfSense
<30>1 2025-04-08T10:32:08.750005+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <4852> candidate "con7", match: 1/1/3100 (me/other/ike)
<30>1 2025-04-08T10:32:08.750023+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> selected peer config 'con7'
<30>1 2025-04-08T10:32:08.750070+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[IKE] <con7|4852> authentication of '20.199.113.58' with pre-shared key successful
<30>1 2025-04-08T10:32:08.750107+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[IKE] <con7|4852> authentication of '81.252.250.85' (myself) with pre-shared key
<30>1 2025-04-08T10:32:08.750151+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[IKE] <con7|4852> successfully created shared key MAC
<30>1 2025-04-08T10:32:08.750184+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[IKE] <con7|4852> IKE_SA con7[4852] established between 81.252.250.85[81.252.250.85]...20.199.113.58[20.199.113.58]
<30>1 2025-04-08T10:32:08.750190+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[IKE] <con7|4852> IKE_SA con7[4852] state change: CONNECTING => ESTABLISHED
<30>1 2025-04-08T10:32:08.750207+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[IKE] <con7|4852> scheduling rekeying in 23563s
<30>1 2025-04-08T10:32:08.750214+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[IKE] <con7|4852> maximum IKE_SA lifetime 26443s
<30>1 2025-04-08T10:32:08.750230+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> looking for a child config for 0.0.0.0/0|/0 === 0.0.0.0/0|/0
<30>1 2025-04-08T10:32:08.750245+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> proposing traffic selectors for us:
<30>1 2025-04-08T10:32:08.750251+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> 64.126.252.0/23|/0
<30>1 2025-04-08T10:32:08.750256+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> 90.85.60.0/24|/0
<30>1 2025-04-08T10:32:08.750261+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> 80.94.190.0/25|/0
<30>1 2025-04-08T10:32:08.750272+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> proposing traffic selectors for other:
<30>1 2025-04-08T10:32:08.750277+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> 10.22.106.80/28|/0
<30>1 2025-04-08T10:32:08.750283+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> 10.22.106.80/28|/0
<30>1 2025-04-08T10:32:08.750287+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> 10.22.106.80/28|/0
<30>1 2025-04-08T10:32:08.750295+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> candidate "con7" with prio 3+1
<30>1 2025-04-08T10:32:08.750300+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> found matching child config "con7" with prio 4
<30>1 2025-04-08T10:32:08.750313+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> selecting proposal:
<30>1 2025-04-08T10:32:08.750325+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> proposal matches
<30>1 2025-04-08T10:32:08.750335+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> received proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
<30>1 2025-04-08T10:32:08.750342+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
<30>1 2025-04-08T10:32:08.750349+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
<30>1 2025-04-08T10:32:08.750384+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> selecting traffic selectors for us:
<30>1 2025-04-08T10:32:08.750393+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> config: 64.126.252.0/23|/0, received: 0.0.0.0/0|/0 => match: 64.126.252.0/23|/0
<30>1 2025-04-08T10:32:08.750400+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> config: 90.85.60.0/24|/0, received: 0.0.0.0/0|/0 => match: 90.85.60.0/24|/0
<30>1 2025-04-08T10:32:08.750407+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> config: 80.94.190.0/25|/0, received: 0.0.0.0/0|/0 => match: 80.94.190.0/25|/0
<30>1 2025-04-08T10:32:08.750415+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> selecting traffic selectors for other:
<30>1 2025-04-08T10:32:08.750422+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> config: 10.22.106.80/28|/0, received: 0.0.0.0/0|/0 => match: 10.22.106.80/28|/0
<30>1 2025-04-08T10:32:08.750430+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> config: 10.22.106.80/28|/0, received: 0.0.0.0/0|/0 => match: 10.22.106.80/28|/0
<30>1 2025-04-08T10:32:08.750437+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CFG] <con7|4852> config: 10.22.106.80/28|/0, received: 0.0.0.0/0|/0 => match: 10.22.106.80/28|/0
<30>1 2025-04-08T10:32:08.750449+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CHD] <con7|4852> CHILD_SA con7{122724} state change: CREATED => INSTALLING
<30>1 2025-04-08T10:32:08.750458+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CHD] <con7|4852> using AES_CBC for encryption
<30>1 2025-04-08T10:32:08.750464+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CHD] <con7|4852> using HMAC_SHA2_256_128 for integrity
<30>1 2025-04-08T10:32:08.750510+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CHD] <con7|4852> adding inbound ESP SA
<30>1 2025-04-08T10:32:08.750516+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CHD] <con7|4852> SPI 0xc7af4cb4, src 20.199.113.58 dst 81.252.250.85
<30>1 2025-04-08T10:32:08.750573+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CHD] <con7|4852> adding outbound ESP SA
<30>1 2025-04-08T10:32:08.750584+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CHD] <con7|4852> SPI 0xef78a794, src 81.252.250.85 dst 20.199.113.58
<30>1 2025-04-08T10:32:08.750731+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[IKE] <con7|4852> CHILD_SA con7{122724} established with SPIs c7af4cb4_i ef78a794_o and TS 64.126.252.0/23|/0 80.94.190.0/25|/0 90.85.60.0/24|/0 === 10.22.106.80/28|/0
<30>1 2025-04-08T10:32:08.750742+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CHD] <con7|4852> CHILD_SA con7{122724} state change: INSTALLING => INSTALLED
<30>1 2025-04-08T10:32:08.750814+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[ENC] <con7|4852> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
<30>1 2025-04-08T10:32:08.750902+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[NET] <con7|4852> sending packet: from 81.252.250.85[4500] to 20.199.113.58[4500] (256 bytes)
<30>1 2025-04-08T10:32:08.765108+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[NET] <con7|4852> received packet: from 20.199.113.58[4500] to 81.252.250.85[4500] (80 bytes)
<30>1 2025-04-08T10:32:08.765195+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[ENC] <con7|4852> parsed INFORMATIONAL request 2 [ D ]
<30>1 2025-04-08T10:32:08.765216+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[IKE] <con7|4852> received DELETE for IKE_SA con7[4852]
<30>1 2025-04-08T10:32:08.765226+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[IKE] <con7|4852> deleting IKE_SA con7[4852] between 81.252.250.85[81.252.250.85]...20.199.113.58[20.199.113.58]
<30>1 2025-04-08T10:32:08.765234+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[IKE] <con7|4852> IKE_SA con7[4852] state change: ESTABLISHED => DELETING
<30>1 2025-04-08T10:32:08.765245+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[IKE] <con7|4852> IKE_SA deleted
<30>1 2025-04-08T10:32:08.765264+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[ENC] <con7|4852> generating INFORMATIONAL response 2 [ ]
<30>1 2025-04-08T10:32:08.765322+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[NET] <con7|4852> sending packet: from 81.252.250.85[4500] to 20.199.113.58[4500] (80 bytes)
<30>1 2025-04-08T10:32:08.765506+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[IKE] <con7|4852> IKE_SA con7[4852] state change: DELETING => DESTROYING
<30>1 2025-04-08T10:32:08.765537+02:00 F-ET1-VPNCLI-02.X.X.X charon 71960 - - 13[CHD] <con7|4852> CHILD_SA con7{122724} state change: INSTALLED => DESTROYING
Azure
Se connecter pour répondre