Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
T_Sonnberger
Participant

VPN Tunnel to Azure - Return traffic unencrypted / blocked as "Antispoofing" R80.30

Hello,

today we have tried to move a VPN tunnel to Azure from our old R77.30 gateway to a new 80.30 appliance. Basically all settings were copied 1:1 however, the connection will not work.

I see that the tunnel seems to be up and I see an "echo request" being routed into the VPN Domain. However, the "echo reply" is dropped on the public interface as "Antispoofing".

Every now and then, I also see an error message:

Informational exchange: Sending notification to peer: Invalid IKE SPI IKE SPIs: *****

 

I have tried to disable SecurXL and set the ike_supernatting thing in GuiDB already to true (was false) as it was true on the R77.30 as well...

Any ideas why the traffic is sent back "unencrypted" / bypassing the tunnel and being dropped as "antispoofing".

On the Azure end, nothing was changed besides the Gateway IP. Azure also tells, that the tunnel is up and running.

 

Thanks in advance!

 

BR,

Thomas

0 Kudos
3 Replies
This widget could not be displayed.