Hello,
We have been running a VPN from an Asa 5510 running ASA8.2 successfully between our on-prem network and a VNET in Azure. I now wanted to setup a VNET1 to VNET 2VPN, as well as on-prem to VNET1 and VNET2. I built this via the XML config, uploaded it to Azure and got the VNET to VNET working by changing the preshared key. I'm now having difficulty getting the VNET to Onprem VPN's up and running. I have configured our ASA and run some debugging and are getting these errors:
Jun 18 14:53:48 [IKEv1]: IP = 23.100.xx.xx, Received an un-encrypted NO_PROPOSAL_CHOSEN notify message, dropping
Jun 18 14:53:48 [IKEv1]: IP = 23.100.xx.xx, Information Exchange processing failed
It looks like a Phase1/Isakmp issue however the config our end is all still the same (ie the same as when I had it working fine on-prem to one VNET). I don't know why changing the config on the Azure end has broken this but I am a bit stumped. One pertinent change during this is changing from Static routing to dynamic routing - it needs to be dynamic for this scenario to work though.
Technically only ASA 8.3 is supported however it was working fine before, so I dont think this is an issue. Is there anyway to see the logs from the Azure end?
Cheers,
Stewart
