Currently we managed to deploy and connect our Route based gateway between azure and Cisco ASA, which works fine for only one of the subnets defined on trafficSelectorPolicies. Which means that currently, we are only able to test connection from resources from of 10.0.1.0/24 local subnet.
{
"name": "Connection",
"id": "*****",
"etag": "***",
"type": "Microsoft.Network/connections",
"location": "northeurope",
"tags": {},
"properties": {
"provisioningState": "Succeeded",
"resourceGuid": "***",
"virtualNetworkGateway1": {
"id": "***"
},
"localNetworkGateway2": {
"id": "***"
},
"connectionType": "IPsec",
"connectionProtocol": "IKEv2",
"routingWeight": 3,
"sharedKey": "***",
"enableBgp": false,
"useLocalAzureIpAddress": false,
"usePolicyBasedTrafficSelectors": true,
"ipsecPolicies": [
{
"saLifeTimeSeconds": 3600,
"saDataSizeKilobytes": 102400000,
"ipsecEncryption": "AES256",
"ipsecIntegrity": "SHA256",
"ikeEncryption": "AES256",
"ikeIntegrity": "SHA256",
"dhGroup": "DHGroup2",
"pfsGroup": "PFS2"
}
],
"trafficSelectorPolicies": [
{
"localAddressRanges": [
"10.0.1.0/24",
"10.0.2.0/24"
],
"remoteAddressRanges": [
"30.**.**.0/23"
]
}
],
"connectionStatus": "Connected",
"ingressBytesTransferred": 15800,
"egressBytesTransferred": 25908,
"dpdTimeoutSeconds": 0,
"connectionMode": "Default"
}
}
Does anyone had a similar issue and cross around a solution for this case?
