I set up a site to site VPN between Azure and my local network utilizing a Fortigate 60B router/firewall.
I can get the tunnel up and am able to ping from my side to Azure, but cannot ping from Azure to my side and Azure always shows the tunnel as being down.
Furthermore, there's been quite a few times that the tunnel stays up on both sides for up to an hour and then drops randomly and again starts giving the same issues, all with no configuration changes.
I debugged the firewall and found the errors below. I have tried every possible combination of Phase1 and Phase2 configurations. Can anyone point me in the right direction?
0: comes 137.135.73.109:500->XXX.XX.XX.146:500,ifindex=2....
0: Exchange=32 Message=0x00000001 len=380
0: checking Azure XXX.XX.XX.146 2 -> 137.135.73.109:500
0:Azure: phase1 found
0:Azure:13038: received payloads HASH SA NONCE ID ID
0:Azure:13038: responder received first quick-mode message
0:Azure:13040: peer proposal is: peer:10.10.0.0-10.10.255.255, me:192.168.1.0-192.168.1.255, ports=0/0, protocol=0/0
0:Azure:13040: trying Azure_P2
0:Azure:13040: matched phase2 Azure_P2
0:Azure:13040: autokey Azure_P2
Can not get attribute header. 972
Negotiate SA Error: Invalid SA payload. [2008]
0:Azure:13040: negotiation error
0:Azure:13038: sending INFO message NO_PROPOSAL_CHOSEN to peer
0:Azure:13038: sent IKE Packet(Info Mode):XXX.XX.XX.146:500->137.135.73.109:500, len=76
0:Azure:13038: transmitted 76 bytes
Azure: Responder: parsed 137.135.73.109 quick mode message #1 (ERROR)
0:Azure:13040: delete state
And here are my current settings: