Configuration Procedure



Similar documents
Configuring IPsec VPN between a FortiGate and Microsoft Azure

TechNote. Configuring SonicOS for MS Windows Azure

Configuring SonicOS for Microsoft Azure

How To Establish IPSec VPN between Cyberoam and Microsoft Azure

Configuring TheGreenBow VPN Client with a TP-LINK VPN Router

Title: Setting Up A Site to Site VPN Between Microsoft Azure and the Corporate Network

ZyWALL USG-Series. How to setup a Site-to-site VPN connection between two ZyWALL USG series.

Configuring IPsec VPN with a FortiGate and a Cisco ASA

Configuring a FortiGate unit as an L2TP/IPsec server

TechNote. Configuring SonicOS for Amazon VPC

ISG50 Application Note Version 1.0 June, 2011

UTM - VPN: Configuring a Site to Site VPN Policy using Main Mode (Static IP address on both sites) i...

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC

Connecting Remote Offices by Setting Up VPN Tunnels

VNS3 to Cisco ASA Instructions. ASDM 9.2 IPsec Configuration Guide

Configuring Windows 2000/XP IPsec for Site-to-Site VPN

Virtual Data Centre. User Guide

Microsoft Azure Configuration

VPN Configuration Guide. ZyWALL USG Series / ZyWALL 1050

Dell One Identity Cloud Access Manager How To Deploy Cloud Access Manager in a Virtual Private Cloud

Scenario: Remote-Access VPN Configuration

How To Industrial Networking

Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM

VMware vcloud Air Networking Guide

Workflow Guide. Establish Site-to-Site VPN Connection using RSA Keys. For Customers with Sophos Firewall Document Date: November 2015

How To - Setup Cyberoam VPN Client to connect to a Cyberoam for the remote access using preshared key

Scenario: IPsec Remote-Access VPN Configuration

Configuring a VPN for Dynamic IP Address Connections

Configuring an IPsec VPN to provide ios devices with secure, remote access to the network

VPN Consortium Scenario 1: Gateway-to-Gateway with Preshared Secrets

VPN Consortium Scenario 1: Gateway-to-Gateway with Preshared Secrets

How To Setup Cyberoam VPN Client to connect a Cyberoam for remote access using preshared key

Fireware How To VPN. Introduction. Is there anything I need to know before I start? Configuring a BOVPN Gateway

Configure IPSec VPN Tunnels With the Wizard

Virtual Private Network VPN IPSec Testing: Functionality Interoperability and Performance

Interconnection between the Windows Azure

SingTel VPN as a Service. Quick Start Guide

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Cisco Firewall. Overview

How To Establish IPSec VPN connection between Cyberoam and Mikrotik router

Initial Access and Basic IPv4 Internet Configuration

Windows XP VPN Client Example

Viewing VPN Status, page 335. Configuring a Site-to-Site VPN, page 340. Configuring IPsec Remote Access, page 355

vcloud Air - Virtual Private Cloud OnDemand Networking Guide

How to configure VPN function on TP-LINK Routers

Chapter 4 Virtual Private Networking

This is a guide on how to create an IPsec VPN tunnel from a local client running Shrew Soft VPN Client to an Opengear device.

This chapter describes how to set up and manage VPN service in Mac OS X Server.

DI-804HV with Windows 2000/XP IPsec VPN Client Configuration Guide

VPN Configuration Guide. Linksys (Belkin) LRT214 / LRT224 Gigabit VPN Router

V310 Support Note Version 1.0 November, 2011

How To Configure Syslog over VPN

Creating a VPN with overlapping subnets

Nokia Mobile VPN How to configure Nokia Mobile VPN for Cisco ASA with PSK/xAuth authentication

How to Configure a High Availability Cluster in Azure via Web Portal and ASM

MATLAB Distributed Computing Server with HPC Cluster in Microsoft Azure

vcloud Director User's Guide

Netgear ProSafe VPN firewall (FVS318 or FVM318) to Cisco PIX firewall

Chapter 8 Virtual Private Networking

This topic discusses Cisco Easy VPN, its two components, and its modes of operation. Cisco VPN Client > 3.x

How to configure VPN function on TP-LINK Routers

AppLoader 7.7. Load Testing On Windows Azure

VPN Configuration Guide. Cisco Small Business (Linksys) WRV210

VPN. VPN For BIPAC 741/743GE

How to Guide: StorageCraft Cloud Services VPN

Creating a Client-To-Site VPN. BT Cloud Compute. The power to build your own cloud solutions to serve your specific business needs.

Create a VPN on your ipad, iphone or ipod Touch and SonicWALL NSA UTM firewall - Part 1: SonicWALL NSA Appliance

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Sonicwall Firewall.

SHAREPOINT 2013 IN INFRASTRUCTURE AS A SERVICE

Using a VPN with CentraLine AX Systems

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

VPN Configuration of ProSafe VPN Lite software and NETGEAR ProSafe Router:

VPN Wizard Default Settings and General Information

Using a VPN with Niagara Systems. v0.3 6, July 2013

How To Create A Virtual Private Cloud On Amazon.Com

Connecting an Android to a FortiGate with SSL VPN

Basic ViPNet VPN Deployment Schemes. Supplement to ViPNet Documentation

VPN Solution Guide Peplink Balance Series. Peplink Balance. VPN Solution Guide Copyright 2015 Peplink

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

The VPNaaS Plugin for Fuel Documentation

WINDOWS AZURE NETWORKING

Enable VPN PPTP Server Function

Using Cisco UC320W with Windows Small Business Server

Use Shrew Soft VPN Client to connect with IPSec VPN Server on RV130 and RV130W

How To Install Sedar On A Workstation

How To Establish Site-to-Site VPN Connection. using Preshared Key. Applicable Version: onwards. Overview. Scenario. Site A Configuration

How To Configure An Ipsec Tunnel On A Network With A Network Gateways (Dfl-800) On A Pnet 2.5V2.5 (Dlf-600) On An Ipse Vpn

FortiOS Handbook - IPsec VPN VERSION 5.2.4

Biznet GIO Cloud Connecting VM via Windows Remote Desktop

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

IPSec Pass through via Gateway to Gateway VPN Connection

IPsec VPN Application Guide REV:

VPN Configuration Guide DrayTek Vigor / VigorPro

Chapter 8 Lab B: Configuring a Remote Access VPN Server and Client

MacroLan Azure cloud tutorial.

Using IPsec VPN to provide communication between offices

FortiOS Handbook - IPsec VPN VERSION 5.2.2

Configuring IPSec VPN Tunnel between NetScreen Remote Client and RN300

OvisLink 8000VPN VPN Guide WL/IP-8000VPN. Version 0.6

How To Create A Virtual Private Cloud In A Lab On Ec2 (Vpn)

Transcription:

How to Establish Site-to-Site VPN between USG and MS Azure

Background Microsoft (MS) Azure is an open and flexible cloud platform that enables users to quickly build, deploy, scale and manage applications across a global network of MS datacenters. ZyWALLs/USGs support static routing VPN (i.e., Policy-based VPN) to an MS Azure virtual network. Administrators can easily create a secure IP connection between MS Azure services and the on-site IT network.

Configuration Procedure Task 1. Create a Virtual Network on MS Azure Step 1. Sign into the Windows Azure Management Portal In the lower left-hand corner of the screen, click New. Step 2. In the navigation pane, click Network Services > Virtual Network. Click Custom Create to begin the configuration wizard. Step 3. On the Virtual Network Details page, enter the required information. Then click the Next button located at the lower right-hand corner of the screen to go to the next page. Name Create a name for the virtual network. For example, EastASVNet Location The location is directly related to the physical location (region) where the resources (VMs) reside. For example, the user wants the VMs deployed on this virtual network to be physically located in East Asia. Therefore, that location (East Asia) should be selected. The region associated with the virtual network cannot be changed after it has been created

Step 4. On the DNS Servers and VPN Connectivity page, enter the following information, and click the Next button. Configure Site-to-Site VPN Select the checkbox for Configure a site-to-site VPN Local Network A local network represents the physical on-site location. Users can select a local network that has been previously created, or create a New Local Network

Step 5. If creating a new local network, users are directed to the Site-to-Site Connectivity page. Enter the following information, and click the Next button. Name The name for the local (on-site) network behind the ZyWALL/USG VPN Device IP Address This is the public IPv4 address of the ZyWALL/USG WAN interface. The ZyWALL/USG cannot be located behind a NAT Address Space includes Starting IP and CIDR (Address Count). This indicates the address range(s) of the network behind the ZyWALL/USG Step 6. On the Virtual Network Address Spaces page, specify the address range of the Windows Azure virtual network. Enter the following information, and then click the checkmark on the lower right section of the screen to apply the configuration. Address Space includes the Starting IP and CIDR (Address Count). This indicates the address range(s) of the Windows Azure virtual network Note: The Windows Azure virtual network address space and the network behind the ZyWALL/USG should not overlap Add gateway subnet Click this to add a gateway subnet. The gateway subnet is used only for the virtual network gateway and is required for this configuration

Step 7. When the configuration has been completed, users can see the text Created under Status on the Networks page of the management portal.

Task 2. Create a Virtual Network Gateway on MS Azure Step 1. On the Networks page, click the name of the virtual network. Step 2. On the Dashboard page, at the bottom of the screen, click Create Gateway. Then select Static Routing.

Step 3. When the system prompts for confirmation that the user wants a gateway created, click Yes. While the gateway is being created, notice that the gateway graphic on the page changes to yellow, and the status indicator says Creating Gateway. The creation of the gateway may take up to 15 minutes. Users have to wait until the process is completed before moving forward and configuring other settings. After the gateway has been created, users can get the public IPv4 address of the VPN gateway for the Windows Azure virtual network. This is the peer gateway address needed for configuring the IPSec VPN Gateway rule on the ZyWALL/USG.

Task 3. Create an Address object for the VPN on USG Step 1. Go to CONFIGURATION > Object > Address, and create an address object named NET192_168 Step 2. Go to CONFIGURATION > Object > Address, and create an address object named Azure_VNET

Task 4. Create IPSec Site-to-Site VPN Step 1. Go to CONFIGURATION > VPN > IPSec VPN > VPN Gateway, and create a VPN Gateway. Phase 1 IKE version: IKEv1 Proposal: AES256-SHA1 Key Group: DH2 SA Life Time: 28800 Disable DPD Pre-Shared Key: This is auto-generated by MS Azure. Copy it from the Windows Azure Virtual Network dashboard, under Manage Key.

Step 2. Go to CONFIGURATION > VPN > IPSec VPN > VPN Connection, and create a VPN Connection. Phase 2 MSS: 1350 Bytes Encapsulation: Tunnel Active Protocol / Proposal: ESP / AES128-SHA1 SA Life Time: 3600

Enable Connectivity Check on one of the VM instances in MS Azure as seen above. When there is no traffic between peers, MS Azure sends an SA DEL message (to disconnect the VPN) every 5 minutes. Task 5. Check VPN connection

On MS Azure Go to Networks > EastASVNET > Dashboard. The connection is up. On USG Go to Monitor > VPN Monitor > IPSec. The tunnel is in the list.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information