Cloud

VPN IPESec Fortinet for Azure

How to VPN IPESec Fortinet for Azure Cloud.

 

ISO 5.4

http://cookbook.fortinet.com/ipsec-vpn-microsoft-azure-54/

Gateway

Nat Traversal “Disable”
Dead Peer Detection “On idle”
IKE “V2”

Phase1

Encryption “AES128”
Authentication “SHA256”
Diffie-Hellman Group “2”
Key Lifetime (seconds) “28800”

Phase2

Encryption “AES128”
Authenticaton “SHA256”
(PFS) “Disable”
Local Port “Enable”
Remote Port “Enable”
Protocol “Enable”
Auto-negotiate “Disable”
Auto Keep Alive “Disable”
Key Lifetime “seconds”
Seconds “27000”

 

IOS 5.2

http://cookbook.fortinet.com/download/3127

Gateway

Nat Traversal “Disable”
Dead Peer Detection “Disable”

IKE “V2”

Phase1

Encryption “AES128”
Authentication “SHA1”
Encryption “AES256”
Authentication “SHA256”

Diffie-Hellman Group “2”
Key Lifetime (seconds) “56600”

Phase2

Encryption “AES128”
Authentication “SHA1”
Encryption “AES256”
Authentication “SHA256”
Enable replay Detaction “Disable”
(PFS) “Disable”
Local Port “Enable”
Remote Port “Enable”
Protocol “Enable”
Auto-negotiate “Disable”
Auto Keep Alive “Disable”
Key Lifetime “seconds”
Seconds “2900” “Segunda suporte Microsoft esses valores devem ser maiores que do Azure”

Best Regards.

ICMP Windows Azure

No Windows Azure o ICMP ou PING não é liberado por padrão.

Mas podemos usar o Sysinternals para resolver isso.

1º Baixe a ferramente SysInternals.

http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx

Após descompacte, abra o prompt como administrator, abra o diretório PSTools e execute o comando.

Em sua maquina por exemplo.

Psping 191.237.251.23:80 (IP ou nome dois pontos e a porta)

C:\BKP-CHARLES\Downloads\PSTools>psping.exe 191.237.251.23:80

PsPing v2.01 – PsPing – ping, latency, bandwidth measurement utility
Copyright (C) 2012-2014 Mark Russinovich
Sysinternals – http://www.sysinternals.com

TCP connect to 191.237.251.23:80:
5 iterations (warmup 1) connecting test:
Connecting to 191.237.251.23:80 (warmup): 5.69ms
Connecting to 191.237.251.23:80: 5.63ms
Connecting to 191.237.251.23:80: 6.67ms
Connecting to 191.237.251.23:80: 5.54ms
Connecting to 191.237.251.23:80: 6.13ms

TCP connect statistics for 191.237.251.23:80:
Sent = 4, Received = 4, Lost = 0 (0% loss),
Minimum = 5.54ms, Maximum = 6.67ms, Average = 5.99ms

C:\BKP-CHARLES\Downloads\PSTools>

==============================================================================================

Agora de dentro da VM no Windows Azure

C:\Users\admin.azure>cd..

C:\Users>cd..

C:\>cd PSTools

C:\PSTools>psping.exe yahoo.com:80

PsPing v2.01 – PsPing – ping, latency, bandwidth measurement utility
Copyright (C) 2012-2014 Mark Russinovich
Sysinternals – http://www.sysinternals.com

TCP connect to 206.190.36.45:80:
5 iterations (warmup 1) connecting test:
Connecting to 206.190.36.45:80 (warmup): 201.09ms
Connecting to 206.190.36.45:80: 198.17ms
Connecting to 206.190.36.45:80: 196.82ms
Connecting to 206.190.36.45:80: 196.81ms
Connecting to 206.190.36.45:80: 197.10ms

TCP connect statistics for 206.190.36.45:80:
Sent = 4, Received = 4, Lost = 0 (0% loss),
Minimum = 196.81ms, Maximum = 198.17ms, Average = 197.22ms

C:\PSTools>

===============================================================================================

icmp_azure

Seja Feliz!!!!