Skip to content

Instantly share code, notes, and snippets.

@chgeuer

chgeuer/pfsense-azure-vpn.md

Created October 10, 2012 10:06
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save chgeuer/3864522 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save chgeuer/3864522 to your computer and use it in GitHub Desktop.
Download ZIP
PfSense and Windows Azure Virtual Network
Raw
pfsense-azure-vpn.md

http://www.windowsazure.com/en-us/manage/services/networking/cross-premises-connectivity/

http://forum.pfsense.org/index.php?topic=50885.0

http://social.msdn.microsoft.com/Forums/en/WAVirtualMachinesVirtualNetwork/thread/4145db7e-6a26-4a22-ac94-215be15ecdf5

NAT-T

Azure "About VPN Devices for Virtual Network" sagt

In order for a network device to work with Windows Azure Virtual Network, it must support the following:

  • VPN device must have a public facing IPv4 address
  • VPN device must support IKEv1
  • Establish IPsec Security Associations in Tunnel mode
  • VPN device must support NAT-T
  • VPN device must support AES 128-bit encryption function, SHA-1 hashing function, and Diffie-Hellman Perfect Forward Secrecy in "Group 2" mode
  • VPN device must fragment packets before encapsulating with the VPN headers

aber das PfSense Forum (Stand März 2010) sagt:

"If the connection required NAT-T, it just plain wouldn't work. NAT-T isn't compiled in at all, it'll be refused if proposed or attempted, there is nothing "partial" about the support (see snippet posted by Vorkbaard above)."

http://blog.kloud.com.au/2012/07/25/windows-azure-virtual-network-vpn-with-tmg-2010/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment