Vigor3900 supports IKEv2 since firmware version 1.3.0, now, we have the ability to connect Vigor3900 and Microsoft Azure Server by the IKEv2 tunnel.
This document introduces how to set up IPsec tunnel between Vigor3900 and Microsoft Azure Server in Dynamic Routing mode.
1. Create your virtual network. In the lower left corner of the screen, click New.
2. In the navigation panel, click Network Services >> Virtual Network >> Custom Create to begin the configuration wizard.
3. Name your virtual network, select the location and then click Next.
4. Check Configure a site-to-site VPN, select Specify a New Local Network and then click Next.
5. Name the local network (it is the local network of Vigor3900 in this example) and then input VPN Device IP Address (should be the IP address of the Vigor3900 used to create VPN to Azure). The VPN device CANNOT be located behind a NAT.
6. Create Virtual Network Address space for Azure. In this example, we will add two networks for Azure. One is 10.239.0.0/24 and the other is 10.239.1.0/24. Then click add gateway subnet.
7. Azure will specify the Gateway Subnet automatically, click Finish to save the Virtual Network Settings.
8. Virtual network "Vivian_Azure_Test" is now created.
9. Create Gateway and manage Keys.
a. Click Create Gateway, then select Dynamic Routing.
b. A message will appear asking Do you want to create a gateway for virtual network "Vivian_Azure_Test". Click Yes to begin creating the gateway. It might take around 15 minutes for the gateway to create. After that, we will see the Gateway IP address! It is the Internet IP that Azure will use to create VPN to Vigor3900.
10. Click Manage Key, then we can get the IPsec Pre-shared. Copy this key and paste this key to the VPN profile for Azure on Vigor3900.
11. Create IPsec VPN profile on Vigor3900 for Microsoft Azure.
a. Open VPN and Remote Access >> VPN profiles >> IPsec page and then click Add.
b. Enable this VPN profile.
c. Input Vigor3900's local IP in Local IP /Subnet Mask.
d. Input Azure Gateway IP as the Remote Host IP.
e. Input Azure Virtual Network Address Space as the Remote IP/ Subnet Mask. (in step 1e)
f. Select IKEv2 as IKE Protocol. (Azure Dynamic Routing uses IKEv2)
g. Paste the Pre-Shared Key we copied from step 10.
h. Apply the settings.
12. After configuring the VPN profile on Vigor3900, we can click CONNECT on Azure to create the IPsec tunnel.
13. IPsec tunnel is established.
14. We are able to ping Azure Virtual Network Gateway IP from a PC behind Vigor3900.
15. We may check the VPN status on VPN Connection Management page.
The scope of application of privacy protection policy
Personal data collection, processing and use
When you visit this website or use the functional services provided on this website, we will ask your necessary personal information and use it within that specific purpose; without your agreement in writing this website will not use your personal data for any other purpose.
When you use interactive features such as mailboxes and surveys, this site will retain your name, e-mail address, contact information and usage time.
In normal browsing, the server will record the relevant actions, including the IP address of the device you are using, the time of use, the browser you are using, the browsing and data logging, etc., as a reference for our website services. This record for internal applications will not be announced.
Statistics and analysis of collected questionnaires, statistics or descriptive text of the results will be provided for accurate service. In addition to internal research, statistical data and descriptive text will be published if it is necessary. The information published excludes information on specific individuals.
The protection of information
The website hosts are equipped with firewall, anti-virus system and other related information security equipment and the necessary security measures to protect the site and your personal information with strict protection measures. Only authorized personnel can access your Personal data. The relevant processing personnel are signed confidentiality contract, if there is breach of confidentiality obligations, will be subject to the relevant legal punishment.
In the event that it is necessary to entrust other units to provide services for business purposes, the Site will strictly require compliance with the confidentiality obligations and take the necessary inspection procedures to ensure that it will comply.
External links to the site
The policy of sharing personal information with the third party
This website will not provide, exchange, rent or sell any of your personal information to other individuals, groups, private enterprises or public agencies. However the legal basis or contractual obligations are excluded.
The foregoing proviso includes, but not limited to:
The use of Cookie
Please read this Term of Use Agreement ("Terms") carefully before you register to get the Firmware and Technical article Update Notice.
Acceptance of Terms
Privacy and Protection of Personal Information
Third Party Sites
The service may contain links to other Internet websites or online and mobile services provided by independent third parties.
These Terms shall be governed and construed in accordance with the laws of Taiwan, without regard to its conflict of law provisions.
If you have any questions about these Terms, please contact us.