1. Configure the virtual network.
   1. Login to your Azure account.
   2. Click Create a resource.

      

   3. Search for Virtual Network and click Create.

      

   4. Fill out the information needed on the virtual network creation page, then click Create.

      

      ​​
       

      Free trial was used for this testing.
2. Configure the virtual network gateway.
   1. In the Azure dashboard, click Create a resource.
   2. Search for Virtual network gateway and click Create.

      

   3. Enter the settings for your virtual network gateway.
      • VPN type: Policy-based
      • Virtual network: Select the network created on Step 1.
      • Public IP address: Create a new public IP address if not available

      

   4. Click Next: Tags and enter the settings in Tags page.

      

   5. Click Next: Review + create.
   6. Click Create to start creating a virtual network gateway.

      

1. In the Azure Dashboard, click Create a resource.
2. Search for Local network gateway and click Create.

   

3. Enter the settings for your virtual network gateway.
   • IP address: Public IP used by Cloud Edge appliance
   • Address space: Local subnet under Cloud Edge appliance

   

4. Click Create.

1. In the Azure dashboard, locate and select the created Local Network Gateway.
2. Under Settings, go to Connection and click Add.

   

3. Input the settings for the new IP security (IPSec) site-to-site connection. For the following fields, select the network gateway created on the previous steps:
   • Virtual Network Gateway
   • Local Network Gateway

   

4. Click Create to build the IPSec site-to-site connection.

1. Login to Cloud Edge Cloud Console (CECC).
2. Select the Policies tab and click IP Addresses/FQDNs.
3. Click Add and create two (2) IP Address objects:
   • IP address for local network protected by Cloud Edge appliance
   • IP address for Azure virtual network

   

4. Click the Gateways tab and select the registered Cloud Edge Appliance.

   

5. Access Site-to-Site VPN.
6. Go to Policies tab and click Add.
7. Configure the following for the IPSec Policy:
   • IKE encryption algorithm: Change from AES 128 to AES 256
   • IPSec encryption algorithm: Change from AES 128 to AES 256

   

8. Click Save.
9. Go to Connections tab and click Add.
10. Configure the following settings:
    • Gateway: Input the Public IP address used by Azure Virtual Network Gateway
    • Remote ID: Input the Public IP address used by Azure Virtual Network Gateway
    • Local Networks: Select IP address object for local network protected by Cloud Edge appliance (Step 3)
    • Remote Networks: Select IP address object for local network protected by Azure virtual network (Step 3)
    • Key and Confirm Key: Input same shared key used by Azure Site-to-site IPSec connection.
    • Policy Name: Select policy created on Step 6

    

Cloud Edge Cloud Console

1. Access Gateways and select the registered Cloud Edge appliance.
2. Go to Site-to-Site VPN and click Status.
3. Check for "ESTABLISHED" and "INSTALLED" to confirm the successful tunnel.

   

Azure

1. Open the Azure portal dashboard.
2. Click All Resources, then locate your virtual network gateway.
3. Click Connections. Status should show as connected for successful connection.