问题描述
1。我们正在尝试在本地网络和Azure之间建立站点到站点的连接。
2.我们在办公室使用LINKSYS 224路由器。其中一个支持链接建议创建"基于策略"的链接。 Azure中的VPN
https://community.linksys.com/t5/Linksys-Small-Business/LRT224-AZURE-VPN-Gateway-2-Gateway-not -working / td-p / 1037740
3.我们能够在路由器日志中看到隧道,但我们没有与Azure建立连接。
4.我们的路由器日志说"ERR:GROUP DESCRIPTION与之前的IPSec SA转换不一致"
¥ b $ b 5.我们尝试创建IPSec策略,并尝试将策略分配给PowerShell的VPN连接。但我们收到以下消息,即Ipsec政策只能分配给标准或更高("基于路线")
来自PowerShell的消息:
Set-AzVirtualNetworkGatewayConnection:标准的虚拟网络网关SKU或更高的安全
政策支持虚拟网络网关/订阅/ 56a28245-4f39-48c2-933d-258d211bbcb1 / resourceGroups / TUImageA
PP /供应商/微软。网络/ virtualNetworkGateways / TUVNetGateway
的StatusCode:400
ReasonPhrase:坏请求
OperationID: '20f61920-783c-4930-8748-7816e0410ef6'
行:1字符:1
+ Set-AzVirtualNetworkGatewayConnection -VirtualNetworkGatewayConnectio ...
$
+ ~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~
  + CategoryInfo         :CloseError:(:) [Set-AzVirtualNetworkGatewayConnection],NetworkCloudException
  + FullyQualifiedErrorId:Microsoft.Azure.Commands.Network.SetAzureVirtualNetworkGatewayConnectionCommand
Hi,
1. We are trying to create a Site to Site connection between our local network and Azure.
2. As we are using LINKSYS 224 router in our Office. And one of the support link suggests to create "Policy based" VPN in Azure
https://community.linksys.com/t5/Linksys-Small-Business/LRT224-AZURE-VPN-Gateway-2-Gateway-not-working/td-p/1037740
3. We were able to see the Tunnel established in our router log but we not are getting connected with Azure.
4. Our router log says, "ERR: GROUP DESCRIPTION inconsistent with that of A previous Transform in IPSec SA"
5. We tried to create an IPSec policy and tried to assign the policy to the VPN connection from PowerShell. But we are getting the below message that Ipsec policy can be assigned only for Standard or higher ("Route Based")
Message from PowerShell :
Set-AzVirtualNetworkGatewayConnection : A virtual network gateway SKU of Standard or higher is required for Ipsec
Policies support on virtual network gateway /subscriptions/56a28245-4f39-48c2-933d-258d211bbcb1/resourceGroups/TUImageA
pp/providers/Microsoft.Network/virtualNetworkGateways/TUVNetGateway
StatusCode: 400
ReasonPhrase: Bad Request
OperationID : '20f61920-783c-4930-8748-7816e0410ef6'
At line:1 char:1
+ Set-AzVirtualNetworkGatewayConnection -VirtualNetworkGatewayConnectio ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Set-AzVirtualNetworkGatewayConnection], NetworkCloudException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Network.SetAzureVirtualNetworkGatewayConnectionCommand
这篇关于无法为基于策略的VPN类型分配IPSec策略的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!