Since our QNO router wasn't supported we got a brand new Juniper SSG 5 router
i downloaded the config from the azure portal (and changed the wan interface name in it )
after importing there was a new vpn connection but it didn't work
i checked the settings and saw nat-t disbaled and wrong encryption
so i found the config file
set interface tunnel.1 zone untrust set interface tunnel.1 ip unnumbered interface ethernet0/0 set route 192.168.11.0/24 interface tunnel.1 set ike gateway ikev2 azure-gateway address AZURE-Gateway-IP outgoing-interface ethernet0/0 preshare KEY-REMOVED sec-level compatible set ike gateway azure-gateway dpd-liveness interval 10 set vpn azure-ipsec-vpn gateway azure-gateway tunnel idletime 0 sec-level compatible set vpn azure-ipsec-vpn bind interface tunnel.1 set address trust onprem-networks-1 192.168.14.0/24 set address untrust azure-networks-2 192.168.11.0/24 set policy top from trust to untrust onprem-networks-1 azure-networks-1 any permit set policy top from untrust to trust azure-networks-1 onprem-networks-1 any permit set policy top from trust to untrust onprem-networks-1 azure-networks-2 any permit set policy top from untrust to trust azure-networks-2 onprem-networks-1 any permit set flow vpn-tcp-mss 1350 save
still not working
the Juniper is direct attached to the WAN connection (it got a public ip)
Does anybody know whats wrong with this config?