Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routed IPsec to Azure

    Scheduled Pinned Locked Moved
    IPsec
    ipsec azure vti phase 1 phase 2
    1
    1
    423
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DG_Kube
      last edited by

      Hello,

      Hoping someone here has came across the same issue as I have just now.
      I have setup a new Site to Site VPN between PFSense and Azure. It is an IKEv2 routed tunnel.
      Azure side is fully configured.
      PFSense Phase 1 is configured, Phase 2 is configured (With VTI Interface and static routes)
      Phase 1 of the tunnel comes up just fine. Phase 2 of the tunnel also comes up fine and I can route traffic between the Azure VNET and on-prem servers. However once the Phase 2 tunnel rekey timer runs out, Phase 2 is not re-established. It just stays down. No amount of interesting traffic will bring it up.
      To get the Phase 2 back up I need to manually disconnect Phase 1. Then Phase 2 comes up as expected, until its re-key timer expires again.

      Has anyone had this issue before? or have any insight into what the issue may be?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.