Hi,
I implemented a resource-manager based azure site-to-site ipsec vpn with this tutorial:
https://blogs.technet.microsoft.com/keithmayer/2015/12/22/7-steps-to-building-site-to-site-vpn-connections-for-v2-vnets-using-azure-resource-manager-in-the-new-azure-portal/
I can see in Azure that the vpn connection status is "connected"; however, i can't ping from local both to azure gateway and subnets. And below are the logs from azure. About the "Main mode failure" I did reference some threads, and have made sure that the pre-shared key is the same on both sides, and the subnet settings corresponds to each other. Local router also logs that the ipsec tunnel is set up; however it still spits error from time to time like"Phase 1 negotiation failed due to time up". Any ideas?
Thanks.
Event Header:
Timestamp: 1601-01-01T00:00:00.000Z
Flags: 0x00000106
Local address field set
Remote address field set
IP version field set
IP version: IPv4
IP protocol: 0
Local address: 168.63.xxx.xxx
Remote address: 122.116.xxx.xxx
Local Port: 0
Remote Port: 0
Application ID:
User SID: <invalid>
Failure type: IKE/Authip Main Mode Failure
Type specific info:
Failure error code:0x00003616
Invalid cookie received.
Failure point: Local
Flags: 0x00000000
Keying module type: Ike
MM State: Initial state, no packets sent
MM SA role: Responder
MM auth method: Unknown
Cert hash:
0000000000000000000000000000000000000000
MM ID: 0x00000000000040bf
MM Filter ID: 0x0000000000000000
Local Principal Name:
Remote Principal Name:
Local Principal Group SIDs:
Remote Principal Group SIDs: