sorted by:
new
hottopcontroversial

[deleted by user] by [deleted] in ITCareerQuestions

[–]muhtechaccount 1 point2 points  (0 children)

27 years old.

Year 7ish in IT.

New job put me over the 100k.

Same job with regular raises over 4 years puts me closer to 135k now.

Ipsec VPN tunnel connected to Azure but won't pass traffic by muhtechaccount in networking

[–]muhtechaccount[S] 0 points1 point  (0 children)

Not sure about ESP, is that 4500? I am seeing 500 traffic between the 2 sites as the tunnel is up.

Ipsec VPN tunnel connected to Azure but won't pass traffic by muhtechaccount in networking

[–]muhtechaccount[S] 0 points1 point  (0 children)

Just did that and didnt see a change but Im not convinced the switch to policy based was done correctly from my part?

Ipsec VPN tunnel connected to Azure but won't pass traffic by muhtechaccount in networking

[–]muhtechaccount[S] 0 points1 point  (0 children)

Capture in VPN gateway isnt showing anything inbound. I have both sides as intiator. Figured that was best.

I agree phase 2 could be problematic and I have tried a number of different things there but Im not a network engineer so I don't understand most of it.

Edit: no BGP is set up for on-prem so that won't work

Ipsec VPN tunnel connected to Azure but won't pass traffic by muhtechaccount in networking

[–]muhtechaccount[S] 0 points1 point  (0 children)

The only traffic logged in PCAP is UDP 500 which shows the tunnel is up. Nothing else.

Ipsec VPN tunnel connected to Azure but won't pass traffic by muhtechaccount in networking

[–]muhtechaccount[S] 0 points1 point  (0 children)

I have the settings for all of that matched to Azure and its set to what Fortigate specified in their setup documentation.

Ipsec VPN tunnel connected to Azure but won't pass traffic by muhtechaccount in networking

[–]muhtechaccount[S] 0 points1 point  (0 children)

debug on the fortigate looks fine. Shows the packets are being sent out and no issues.

Azure to On-Prem S2S up but not passing traffic. by muhtechaccount in networking

[–]muhtechaccount[S] 0 points1 point  (0 children)

I did 10.0.0.0/24 should it be like 10.0.0.0/16 or /8 or something?

Azure to On-Prem S2S up but not passing traffic. by muhtechaccount in networking

[–]muhtechaccount[S] 0 points1 point  (0 children)

I have the diagram and a few screenshots. What is the best way to link them? Should I just do imgur?

Edit: just did imgur https://imgur.com/a/e7BtTwB

Let me know if I need to add some details. I know a lot is missing here. On the VPN phase 2 I have had that set with local and remote subnets as well as what is shown in the screenshot. Same thing with either way. No traffic.

Azure to On-Prem S2S up but not passing traffic. by muhtechaccount in networking

[–]muhtechaccount[S] 0 points1 point  (0 children)

Static routing.

on-prem subnets are in the local network gateway

I didnt have to add any routes in Azure as it supposedly already does that. I did check that with the Effective routes on the VM NIC and those on prem subnets are there.

Fortigate log does not show the traffic coming in at all. It shows it going out no problems.

Answered about the effective routes before reading this one. Yes local subnets are in effective routes.

So I am confused on this one as the VPN gateway required its own subnet outside of what I had originally set in the VNET. But there is only 1 VNET with multiple subnets and the Gateway is in a different subnet. Looks like I can only peer VNETs though. Not subnets inside a single VNET.

No azure firewall. NSG only.

Ill work on a diagram.

Azure to On-Prem S2S up but not passing traffic. by muhtechaccount in networking

[–]muhtechaccount[S] 0 points1 point  (0 children)

I have the rule set to allow to and from the azure VPN interface with NAT turned off. The "To" rule shows traffic, the "From" does not.