@livestrong2109 said in Having issues with Azure IPSec Connection:
Jun 1 05:08:08 charon 14[CFG] <7> received proposals: ⬅ The other side
IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024,
IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024,
IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024,
IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024,
IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024,
IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024
Jun 1 05:08:08 charon 14[CFG] <7> configured proposals: ⬅ Your side
IKE:AES_GCM_16_256/PRF_HMAC_SHA1/MODP_1024
Jun 1 05:08:08 charon 14[IKE] <7> received proposals inacceptable
You are forcing AES GCM in the Phase 1 and the other side wants AES CBC (or 3DES).
Based on what the other side is presenting I would probably select AES 256 and SHA256.
0_1528272343163_Screen Shot 2018-06-06 at 1.04.44 AM.png
Jun 1 05:08:08 charon 14[CFG] <7> no acceptable ENCRYPTION_ALGORITHM found
Jun 1 05:08:08 charon 14[CFG] <7> selecting proposal:
Jun 1 05:08:08 charon 14[CFG] <7> no acceptable ENCRYPTION_ALGORITHM found
Jun 1 05:08:08 charon 14[CFG] <7> selecting proposal:
Jun 1 05:08:08 charon 14[CFG] <7> no acceptable ENCRYPTION_ALGORITHM found
Jun 1 05:08:08 charon 14[CFG] <7> selecting proposal:
Jun 1 05:08:08 charon 14[CFG] <7> no acceptable ENCRYPTION_ALGORITHM found
Jun 1 05:08:08 charon 14[CFG] <7> selecting proposal:
Jun 1 05:08:08 charon 14[CFG] <7> no acceptable ENCRYPTION_ALGORITHM found
Jun 1 05:08:08 charon 14[CFG] <7> selecting proposal:
Jun 1 05:08:08 charon 14[CFG] <7> no acceptable ENCRYPTION_ALGORITHM found
All of that is probably Azure attempting PFS groups you don't have defined. Probably more secure than PFS group 2.