![azure point to site vpn route-based policy-based azure point to site vpn route-based policy-based](https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/resources/4d801240-7ccc-11e9-81a4-00505692583a/images/5e1cf47056caa1.08621561_Topology.png)
Ikev2 local-authentication pre-shared-key MyVerySecureKey Name: AZURE-PROPOSAL (Or whatever matches your naming convention).Add a net proposal in the IKE v2 section.Navigate to Configuration -> Site-to-Site-VPN -> Advanced -> IPSEC Proposals (Transformation Sets).Shared key (PSK): Pick as suitably complex string and make a note of it for laterĬonnect to your ASA using ASDM.
![azure point to site vpn route-based policy-based azure point to site vpn route-based policy-based](https://www.cisco.com/c/dam/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/214230-configure-policy-based-and-route-based-v-05.png)
![azure point to site vpn route-based policy-based azure point to site vpn route-based policy-based](https://docs.microsoft.com/en-us/azure/vpn-gateway/media/vpn-gateway-3rdparty-device-config-cisco-asa/singletunnel.png)
If your Virtual Network already has a “Virtual network gateway” check your settings match then you can skip this section. You will need ASDM, I will be using 7.9.You ASA needs to be running at least 9.7 but 9.8 or higher is preferred.I am going to assume you are already using Azure and you already have a Virtual Network in place.
AZURE POINT TO SITE VPN ROUTE BASED POLICY BASED HOW TO
We are also going to focus on how to achieve this using ASDM. We will be creating a route-based connection using IKEv2 and a VTI interface. In this post, we are going to link an Azure Virtual Network to an on-premise network via a Cisco ASA.