{"id":4240,"date":"2018-01-20T14:02:12","date_gmt":"2018-01-20T05:02:12","guid":{"rendered":"https:\/\/www.syuheiuda.com\/?p=4240"},"modified":"2019-10-28T13:37:47","modified_gmt":"2019-10-28T04:37:47","slug":"azure-vpn-gateway-%e3%81%a8-srx-%e3%81%a7-vpn-%e3%81%8c%e3%81%a4%e3%81%aa%e3%81%8c%e3%82%89%e3%81%aa%e3%81%84%e5%a0%b4%e5%90%88%e3%81%ae%e3%83%88%e3%83%a9%e3%83%96%e3%83%ab%e3%82%b7%e3%83%a5%e3%83%bc","status":"publish","type":"post","link":"https:\/\/www.syuheiuda.com\/?p=4240","title":{"rendered":"Azure VPN Gateway \u3068 SRX \u3067 VPN \u304c\u3064\u306a\u304c\u3089\u306a\u3044\u5834\u5408\u306e\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u65b9\u6cd5"},"content":{"rendered":"<p>\u5148\u65e5\u306e <a href=\"https:\/\/www.syuheiuda.com\/?p=4217\">Fortigate<\/a> \u7de8 \u306b\u7d9a\u3044\u3066\u3001\u4eca\u5ea6\u306f @kazubu \u5148\u751f\u306b\u3054\u63d0\u4f9b\u3044\u305f\u3060\u3044\u305f SRX \u3067 VPN \u306e\u30c8\u30e9\u30b7\u30e5\u30fc\u306e\u30e1\u30e2\u3092\u3002<br \/>JUNOS \u306f\u307e\u3060\u5168\u304f\u6163\u308c\u3066\u306a\u3044\u306e\u3067\u3001\u3060\u3044\u3076\u96d1\u3067\u3059\u304c\u3054\u5bb9\u8d66\u3092\u2026\u3002<\/p>\n<h2>\u5404\u7a2e\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8<\/h2>\n<ul>\n<li>\u30b5\u30a4\u30c8\u9593 VPN \u30b2\u30fc\u30c8\u30a6\u30a7\u30a4\u63a5\u7d9a\u7528\u306e VPN \u30c7\u30d0\u30a4\u30b9\u3068 IPsec\/IKE \u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u306b\u3064\u3044\u3066<br \/><a href=\"https:\/\/docs.microsoft.com\/ja-jp\/azure\/vpn-gateway\/vpn-gateway-about-vpn-devices\">https:\/\/docs.microsoft.com\/ja-jp\/azure\/vpn-gateway\/vpn-gateway-about-vpn-devices<\/a><\/li>\n<li>Juniper SRX \u3068 Microsoft Azure \u4eee\u60f3\u30cd\u30c3\u30c8 \u30ef\u30fc\u30af\u3068\u306e\u30b5\u30a4\u30c8\u9593 VPN \u63a5\u7d9a\u306e\u69cb\u6210<br \/><a href=\"https:\/\/www.juniper.net\/jp\/jp\/local\/pdf\/implementation-guides\/SRX-AzureVPN-v3.pdf\">https:\/\/www.juniper.net\/jp\/jp\/local\/pdf\/implementation-guides\/SRX-AzureVPN-v3.pdf<\/a><\/li>\n<li>IPSEC VPN<br \/><a href=\"https:\/\/www.juniper.net\/assets\/jp\/jp\/local\/pdf\/others\/ipsec-vpn.pdf\"> https:\/\/www.juniper.net\/assets\/jp\/jp\/local\/pdf\/others\/ipsec-vpn.pdf<\/a><\/li>\n<\/ul>\n<h2>\u69cb\u6210\u624b\u9806<\/h2>\n<p>\u307b\u307c\u65e5\u672c\u8a9e PDF \u306e\u624b\u9806\u901a\u308a\u3067\u3064\u306a\u304c\u3063\u305f\u306e\u3067\u5272\u611b\u3002(\u4e00\u304b\u6240 typo \u304c\u3042\u3063\u305f\u6c17\u304c\u3059\u308b\u3051\u3069\u5fd8\u308c\u305f\u3002)<br \/>Azure \u5074\u306e\u624b\u9806\u306f\u65e7\u30dd\u30fc\u30bf\u30eb\u3067\u306e\u8a18\u8f09\u306b\u306a\u3063\u3066\u308b\u306e\u3067\u3001\u4ed4\u7d30\u306f MS \u306e\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u53c2\u7167\u3002<\/p>\n<h2>VPN \u30c8\u30f3\u30cd\u30eb\u3092\u30af\u30ea\u30a2<\/h2>\n<pre>\/\/peer-address \u3092\u672a\u6307\u5b9a\u306b\u3059\u308b\u3068\u3059\u3079\u3066\u306e SA \u304c\u30af\u30ea\u30a2\u3055\u308c\u308b (\u4ed6\u62e0\u70b9\u3068\u306e\u63a5\u7d9a\u3082\u5207\u308c\u308b) \u306e\u3067\u6ce8\u610f\nclear security ipsec security-associations aa.aa.aa.aa\nclear security ike security-associations aa.aa.aa.aa<\/pre>\n<h2>\u30d1\u30b1\u30c3\u30c8\u63a1\u53d6<\/h2>\n<p>\u5f8c\u3067\u78ba\u8a8d\u3002<\/p>\n<h2>VPN \u30c8\u30f3\u30cd\u30eb\u3092\u78ba\u8a8d<\/h2>\n<p>SA \u304c\u78ba\u7acb\u3055\u308c\u3066\u3044\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u307e\u3059<\/p>\n<pre><strong>&gt; show security ipsec statistics<\/strong>\nESP Statistics: \/\/\u63a5\u7d9a\u6e08\u307f\u3067\u3042\u308c\u3070\u30d1\u30b1\u30c3\u30c8\u304c\u30ab\u30a6\u30f3\u30c8\u3055\u308c\u3066\u3044\u307e\u3059\n  Encrypted bytes:             1976\n  Decrypted bytes:          1924704\n  Encrypted packets:             13\n  Decrypted packets:          60147\nAH Statistics:\n  Input bytes:                    0\n  Output bytes:                   0\n  Input packets:                  0\n  Output packets:                 0\nErrors:\n  AH authentication failures: 0, Replay errors: 0\n  ESP authentication failures: 0, ESP decryption failures: 0\n  Bad headers: 0, Bad trailers: 0\n\n<strong>&gt; show security ike security-associations<\/strong>\nIndex <span style=\"color: #008000;\"><strong>State<\/strong><\/span> Initiator cookie Responder cookie Mode Remote Address\n5870219 <span style=\"color: #008000;\"><strong>UP<\/strong><\/span> a2a4867ce688050e 162df6175e622dbc IKEv2 aa.aa.aa.aa\n\n<strong>&gt; show security ike security-associations detail<\/strong>\nIKE peer aa.aa.aa.aa, Index 5870219, Gateway Name: azure-gw\n  Role: Responder, <strong><span style=\"color: #008000;\">State: UP<\/span><\/strong>\n  Initiator cookie: a2a4867ce688050e, Responder cookie: 162df6175e622dbc\n  Exchange type: IKEv2, Authentication method: Pre-shared-keys\n  Local: jj.jj.jj.jj:500, Remote: aa.aa.aa.aa:500\n  Lifetime: Expires in 8440 seconds\n  Peer ike-id: aa.aa.aa.aa\n  Xauth assigned IP: 0.0.0.0\n  Algorithms:\n   Authentication        : hmac-sha1-96\n   Encryption            : aes256-cbc\n   Pseudo random function: hmac-sha1\n   Diffie-Hellman group  : DH-group-2\n  Traffic statistics:\n   Input  bytes  :               771724\n   Output bytes  :               771612\n   Input  packets:                10141\n   Output packets:                10141\n  IPSec security associations: 14 created, 7 deleted\n  Phase 2 negotiations in progress: 1\n\n    Negotiation type: Quick mode, Role: Responder, Message ID: 0\n    Local: jj.jj.jj.jj:500, Remote: aa.aa.aa.aa:500\n    Local identity: jj.jj.jj.jj\n    Remote identity: aa.aa.aa.aa\n    Flags: IKE SA is created\n\n<strong>&gt; show security ipsec security-associations<\/strong>\n Total active tunnels: 1\n ID Algorithm SPI Life:sec\/kb Mon lsys Port Gateway\n &lt;131073 ESP:aes-cbc-256\/sha1 88bad682 3186\/ unlim - root 500 aa.aa.aa.aa\n &gt;131073 ESP:aes-cbc-256\/sha1 eaaf6166 3186\/ unlim - root 500 aa.aa.aa.aa\n\n<strong>&gt; show security ipsec security-associations detail<\/strong>\n\nID: 131073 Virtual-system: root, VPN Name: azure-vpn\n  Local Gateway: jj.jj.jj.jj, Remote Gateway: aa.aa.aa.aa\n  Local Identity: ipv4_subnet(any:0,[0..7]=0.0.0.0\/0)\n  Remote Identity: ipv4_subnet(any:0,[0..7]=0.0.0.0\/0)\n  Version: IKEv2\n  DF-bit: clear, Bind-interface: st0.0\n  Port: 500, Nego#: 415, Fail#: 0, Def-Del#: 0 Flag: 0x600a29\n  Tunnel events:\n    Fri Jan 19 2018 07:50:57: IPSec SA rekey successfully completed (25 times)\n    Fri Jan 19 2018 02:21:10: IKE SA rekey successfully completed (2 times)\n    Thu Jan 18 2018 11:09:06: IPSec SA negotiation successfully completed (1 times)\n    Thu Jan 18 2018 11:09:06: IKE SA negotiation successfully completed (1 times)\n    Thu Jan 18 2018 11:08:37: IPSec SAs cleared as corresponding IKE SA deleted (1 times)\n    Thu Jan 18 2018 10:27:52: IPSec SA rekey successfully completed (31 times)\n    Thu Jan 18 2018 07:36:23: IKE SA rekey successfully completed (3 times)\n    Wed Jan 17 2018 08:48:20: IPSec SA negotiation successfully completed (1 times)\n    Wed Jan 17 2018 08:48:20: IKE SA negotiation successfully completed (1 times)\n    Wed Jan 17 2018 08:48:17: IPSec SA delete payload received from peer, corresponding IPSec SAs cleared (1 times)\n    Wed Jan 17 2018 08:15:29: IPSec SA rekey successfully completed (72 times)\n    Wed Jan 17 2018 01:53:22: IKE SA rekey successfully completed (7 times)\n    Sun Jan 14 2018 20:41:14: IPSec SA negotiation successfully completed (1 times)\n    Sun Jan 14 2018 20:41:14: IKE SA negotiation successfully completed (1 times)\n    Sun Jan 14 2018 19:10:02: IKE SA rekey successfully completed (2 times)\n    Sun Jan 14 2018 03:58:00: IKE SA negotiation successfully completed (1 times)\n  Direction: inbound, SPI: 72332189, AUX-SPI: 0\n    Hard lifetime: Expires in 2815 seconds\n    Lifesize Remaining:  Unlimited\n    Soft lifetime: Expires in 2204 seconds\n    Mode: Tunnel(0 0), Type: dynamic, State: installed\n    Protocol: ESP, Authentication: hmac-sha1-96, Encryption: aes-cbc (256 bits)\n    Anti-replay service: counter-based enabled, Replay window size: 64\n  Direction: outbound, SPI: e7bae17a, AUX-SPI: 0\n    Hard lifetime: Expires in 2815 seconds\n    Lifesize Remaining:  Unlimited\n    Soft lifetime: Expires in 2204 seconds\n    Mode: Tunnel(0 0), Type: dynamic, State: installed\n    Protocol: ESP, Authentication: hmac-sha1-96, Encryption: aes-cbc (256 bits)\n    Anti-replay service: counter-based enabled, Replay window size: 64\n<\/pre>\n<h2>\u30c7\u30d0\u30c3\u30b0\u30ed\u30b0\u306e\u6709\u52b9\u5316<\/h2>\n<pre>monitor start kmd\nmonitor stop kmd\nshow log kmd \/\/\u30ed\u30b0\u306e\u5b9f\u4f53\u306f \/var\/log\/kmd \u306b\u51fa\u529b\u3055\u308c\u308b\u6a21\u69d8<\/pre>\n<h2>PSK \u306e\u4e0d\u4e00\u81f4<\/h2>\n<pre>[Jan 19 09:11:49]---------&gt; Received from aa.aa.aa.aa:500 to jj.jj.jj.jj:0, VR 0, length 380 on IF\n[Jan 19 09:11:49]ikev2_decode_packet: [101cc00\/1094c00] Received packet: HDR, IDi, AUTH, SA, TSi, TSr\n[Jan 19 09:11:49]ikev2_state_dispatch: [101cc00\/1094c00] Responder side IKE_AUTH\n[Jan 19 09:11:49]ikev2_reply_cb_shared_key_auth_verify: [101cc00\/1094c00] <span style=\"color: #ff0000;\"><strong>Error: Auth payload contents does not match<\/strong><\/span>\n[Jan 19 09:11:49]ikev2_state_error: [101cc00\/1094c00] <span style=\"color: #ff0000;\"><strong>Negotiation failed because of error Authentication failed (24)<\/strong><\/span>\n[Jan 19 09:11:49]IKE negotiation fail for local:jj.jj.jj.jj, remote:aa.aa.aa.aa IKEv2 with status: <span style=\"color: #ff0000;\"><strong>Authentication failed<\/strong><\/span>\n[Jan 19 09:11:49]IPSec negotiation failed for SA-CFG azure-vpn for local:jj.jj.jj.jj, remote:aa.aa.aa.aa IKEv2. status: <span style=\"color: #ff0000;\"><strong>Authentication failed<\/strong><\/span><\/pre>\n<p>\u6b63\u5e38\u6642\u306e\u30ed\u30b0\u304c\u4ee5\u4e0b\u3002IKE_AUTH \u4ed8\u8fd1\u306b\u30a8\u30e9\u30fc\u304c\u306a\u3044\u304b\u3089\u826f\u3044\u306e\u304b\u306a\u2026\uff1f<\/p>\n<pre>[Jan 20 04:03:02]---------&gt; Received from aa.aa.aa.aa:500 to jj.jj.jj.jj:0, VR 0, length 380 on IF\n[Jan 20 04:03:02]ikev2_decode_packet: [ffd000\/1094c00] Received packet: HDR, IDi, AUTH, SA, TSi, TSr\n[Jan 20 04:03:02]ikev2_state_dispatch: [ffd000\/1094c00] Responder side IKE_AUTH\n[Jan 20 04:03:02]ikev2_select_sa_reply: [1034400\/1094c00] SA selected successfully<\/pre>\n<h2>Proposal Mismatch<\/h2>\n<pre><strong>\/\/Azure \u304b\u3089\u5fdc\u7b54\u3092\u53d7\u4fe1<\/strong>\n[Jan 20 03:18:03]---------&gt; Received from aa.aa.aa.aa:500 to jj.jj.jj.jj:0, VR 0, length 620 on IF\n[Jan 20 03:18:03]ikev2_packet_st_input_get_or_create_sa: [fff400\/0] No IKE SA for packet; requesting permission to create one.\n[Jan 20 03:18:03]ikev2_decode_packet: [fff400\/1094c00] Received packet: HDR, SA, KE, Nonce, N(NAT_DETECTION_SOURCE_IP), N(NAT_DETECTION_DESTINATION_IP), Vid, Vid, Vid, Vid\n[Jan 20 03:18:03]ikev2_state_dispatch: [fff400\/1094c00] Responder side IKE_SA_INIT\n\n<strong>\/\/Azure \u5074\u304b\u3089\u53d7\u3051\u53d6\u3063\u305f proposal<\/strong>\n[Jan 20 03:18:03]Peer's proposed IKE SA payload is SA([0](id = 1) protocol = IKE (1), AES CBC key len = 256, HMAC-SHA1-96, HMAC-SHA1 PRF, 1024 bit MODP; [1](id = 2) protocol = IKE (1), AES CBC key len = 256, HMAC-SHA256-128, HMAC-SHA256 PRF\n\n<strong>\/\/SRX \u5074\u306e proposal<\/strong>\n[Jan 20 03:18:03]Configured proposal is SA([0](id = 1) protocol = IKE (1), 3DES, HMAC-MD5-96, 1024 bit MODP, HMAC-MD5 PRF; )\n\n<strong>\/\/No proposal chosen \u3067 SRX \u3068 Azure \u306e proposal \u304c\u4e00\u81f4\u3057\u306a\u3044\u305f\u3081\u30a8\u30e9\u30fc\u306b\u306a\u3063\u3066\u3044\u308b<\/strong>\n[Jan 20 03:18:03]<span style=\"color: #ff0000;\"><strong>P1 SA payload match failed for sa-cfg azure-vpn.<\/strong><\/span> Aborting negotiation local:jj.jj.jj.jj remote:aa.aa.aa.aa IKEv2.\n[Jan 20 03:18:03]iked_pm_ike_spd_select_ike_sa failed. rc 1, error_code: <span style=\"color: #ff0000;\"><strong>No proposal chosen<\/strong><\/span>\n[Jan 20 03:18:03]ikev2_select_sa_reply: [fff400\/1094c00] <span style=\"color: #ff0000;\"><strong>Error: SA select failed: 14<\/strong><\/span>\n[Jan 20 03:18:03]ikev2_state_error: [fff400\/1094c00] <span style=\"color: #ff0000;\"><strong>Negotiation failed because of error No proposal chosen (14)<\/strong><\/span>\n[Jan 20 03:18:03]<span style=\"color: #ff0000;\"><strong>IKE negotiation fail for local:jj.jj.jj.jj, remote:aa.aa.aa.aa IKEv2 with status: No proposal chosen<\/strong><\/span>\n[Jan 20 03:18:03]IKE SA delete called for p1 sa 5870294 (ref cnt 1) local:jj.jj.jj.jj, remote:aa.aa.aa.aa, IKEv2\n[Jan 20 03:18:03]iked_pm_p1_sa_destroy: p1 sa 5870294 (ref cnt 0), waiting_for_del 0x0<\/pre>\n<p>\u6b63\u5e38\u6642\u306e\u30ed\u30b0\u306f\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u611f\u3058\u3067\u3057\u305f\u3002<\/p>\n<pre><strong>\/\/SRX \u304b\u3089 Azure \u3078\u63a5\u7d9a\u8981\u6c42 (SA_INIT) \u3092\u9001\u4ed8<\/strong>\n[Jan 20 04:02:37]ikev2_udp_send_packet: [1023400\/1094c00] &lt;-------- Sending packet - length = 76 VR id 0 [Jan 20 04:02:37]---------&gt; Received from aa.aa.aa.aa:500 to jj.jj.jj.jj:0, VR 0, length 76 on IF\n[Jan 20 04:02:37]ikev2_decode_packet: [1022c00\/1094c00] Received packet: HDR\n[Jan 20 04:02:37]ikev2_state_dispatch: [1022c00\/1094c00] Initiator side INFORMATIONAL\n[Jan 20 04:02:37]iked_pm_ike_sa_delete_notify_done_cb: For p1 sa index 5870425, ref cnt 2, status: Error ok\n[Jan 20 04:02:37]iked_pm_p1_sa_destroy:  p1 sa 5870425 (ref cnt 0), waiting_for_del 0xd365a0\n[Jan 20 04:02:37]iked_deferred_free_inactive_peer_entry: Free 1 peer_entry(s)\n[Jan 20 04:03:02]---------&gt; Received from aa.aa.aa.aa:500 to jj.jj.jj.jj:0, VR 0, length 620 on IF\n[Jan 20 04:03:02]ikev2_packet_st_input_get_or_create_sa: [1029800\/0] No IKE SA for packet; requesting permission to create one.\n[Jan 20 04:03:02]ikev2_decode_packet: [1029800\/1094c00] Received packet: HDR, SA, KE, Nonce, N(NAT_DETECTION_SOURCE_IP), N(NAT_DETECTION_DESTINATION_IP), Vid, Vid, Vid, Vid\n[Jan 20 04:03:02]ikev2_state_dispatch: [1029800\/1094c00] Responder side IKE_SA_INIT\n\n<strong>\/\/Azure \u5074\u304b\u3089\u53d7\u3051\u53d6\u3063\u305f proposal<\/strong> \n[Jan 20 04:03:02]Peer's proposed IKE SA payload is SA([0](id = 1) protocol = IKE (1), AES CBC key len = 256, HMAC-SHA1-96, HMAC-SHA1 PRF, 1024 bit MODP; [1](id = 2) protocol = IKE (1), AES CBC key len = 256, HMAC-SHA256-128, HMAC-SHA256 PRF\n\n<strong>\/\/SRX \u5074\u306e proposal<\/strong> \n[Jan 20 04:03:02]Configured proposal is SA([0](id = 1) protocol = IKE (1), AES CBC key len = 256, HMAC-SHA1-96, 1024 bit MODP, HMAC-SHA1 PRF; )\n\n<strong>\/\/proposal \u304c\u4e00\u81f4\n<\/strong>[Jan 20 04:03:02]ikev2_select_sa_reply: [1029800\/1094c00] <span style=\"color: #008000;\"><strong>SA selected successfully<\/strong><\/span>\n[Jan 20 04:03:02]ikev2_state_init_responder_in_end: [1029800\/0] Send reply IKE_SA_INIT packet\n[Jan 20 04:03:02]ikev2_udp_send_packet: [1031800\/0] &lt;-------- Sending packet - length = 346 VR id 0 [Jan 20 04:03:02]---------&gt; Received from aa.aa.aa.aa:500 to jj.jj.jj.jj:0, VR 0, length 380 on IF\n[Jan 20 04:03:02]ikev2_decode_packet: [ffd000\/1094c00] Received packet: HDR, IDi, AUTH, SA, TSi, TSr\n[Jan 20 04:03:02]ikev2_state_dispatch: [ffd000\/1094c00] Responder side IKE_AUTH\n[Jan 20 04:03:02]ikev2_select_sa_reply: [1034400\/1094c00] <span style=\"color: #008000;\"><strong>SA selected successfully<\/strong><\/span>\n[Jan 20 04:03:02]Construction NHTB payload for  local:jj.jj.jj.jj, remote:aa.aa.aa.aa IKEv2 P1 SA index 5870426 sa-cfg azure-vpn\n[Jan 20 04:03:02]Peer router vendor is not Juniper. Not sending NHTB payload for sa-cfg azure-vpn, p1_sa=5870426\n[Jan 20 04:03:02]iked_pm_ipsec_sa_install: local:jj.jj.jj.jj, remote:aa.aa.aa.aa  IKEv2 for SA-CFG azure-vpn, rekey-ikev2:no\n[Jan 20 04:03:02]iked_pm_ipsec_sa_create: encr key len 32, auth key len: 20, salt len: 0\n[Jan 20 04:03:02]Added (spi=0xe913e01d, protocol=ESP dst=jj.jj.jj.jj) entry to the peer hash table\n[Jan 20 04:03:02]Added (spi=0x9a0dbe24, protocol=ESP dst=aa.aa.aa.aa) entry to the peer hash table\n[Jan 20 04:03:02]iked_pm_ipsec_sa_install: NHTB add passed for sa-cfg azure-vpn\n[Jan 20 04:03:02]Hardlife timer started for inbound azure-vpn with 3600 seconds\/0 kilobytes\n[Jan 20 04:03:02]Softlife timer started for inbound azure-vpn with 3025 seconds\/0 kilobytes\n[Jan 20 04:03:02]In iked_ipsec_sa_pair_add Adding GENCFG msg with key; Tunnel = 131073;SPI-In = 0xe913e01d\n[Jan 20 04:03:02]Added dependency on SA config blob with tunnelid = 131073\n[Jan 20 04:03:02]<span style=\"color: #008000;\"><strong>Successfully added ipsec SA PAIR<\/strong><\/span>\n[Jan 20 04:03:02]iked_pm_ike_sa_done: local:jj.jj.jj.jj, remote:aa.aa.aa.aa IKEv2\n[Jan 20 04:03:02]IKE negotiation done for local:jj.jj.jj.jj, remote:aa.aa.aa.aa IKEv2 with status: <span style=\"color: #008000;\"><strong>Error ok<\/strong><\/span>\n[Jan 20 04:03:02]<span style=\"color: #008000;\"><strong>IPSec  negotiation done successfully<\/strong><\/span> for SA-CFG azure-vpn for local:jj.jj.jj.jj, remote:aa.aa.aa.aa  IKEv2<\/pre>\n<p>\u4f8b\u306e\u3054\u3068\u304f\u3001\u5404\u793e\u306e\u30c7\u30d0\u30a4\u30b9\u306e\u30b3\u30f3\u30d5\u30a3\u30b0\u3001\u30c8\u30e9\u30b7\u30e5\u30fc\u65b9\u6cd5\u306b\u3064\u3044\u3066\u306f\u3001\u5404\u6a5f\u5668\u30d9\u30f3\u30c0\u30fc\u307e\u3067\u78ba\u8a8d\u3057\u307e\u3057\u3087\u3046\u3002<\/p>\n<p>\u6c17\u307e\u3050\u308c\u3067\u8ffd\u8a18\u3057\u307e\u3059\u3002<\/p>\n<h2>\u305d\u306e\u4ed6<\/h2>\n<p>Azure VPN Gateway \u5074\u3067\u3082\u30ed\u30b0\u304c\u53d6\u308c\u308b\u3088\u3046\u306b\u306a\u3063\u3066\u305f\u306e\u3067\u3001\u4ee5\u4e0b\u3082\u4f75\u305b\u3066\u3069\u3046\u305e\u3002<\/p>\n<p><blockquote class=\"wp-embedded-content\" data-secret=\"I7rO6P4M5z\"><a href=\"https:\/\/www.syuheiuda.com\/?p=4495\">Azure \u3068\u306e VPN \u63a5\u7d9a\u304c\u3046\u307e\u304f\u3044\u304b\u306a\u3044\u5834\u5408\u306e\u30c7\u30d0\u30c3\u30b0\u65b9\u6cd5<\/a><\/blockquote><iframe title=\"&#8220;Azure \u3068\u306e VPN \u63a5\u7d9a\u304c\u3046\u307e\u304f\u3044\u304b\u306a\u3044\u5834\u5408\u306e\u30c7\u30d0\u30c3\u30b0\u65b9\u6cd5&#8221; &#8212; Made in container\" class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" src=\"https:\/\/www.syuheiuda.com\/?p=4495&#038;embed=true#?secret=I7rO6P4M5z\" data-secret=\"I7rO6P4M5z\" width=\"600\" height=\"338\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/p>\n\n\n<p>\n\n\u3042\u3068\u3001Jazug Night \u3067\u767b\u58c7\u3057\u305f\u969b\u306b\u66f4\u306b\u8a73\u3057\u3044\u8a71\u3092\u3057\u305f\u306e\u3067\u3001\u4ee5\u4e0b\u306e\u30b9\u30e9\u30a4\u30c9 P.64 &#8211; 73 \u3084 YouTube \u306e\u9332\u753b (1:03:36 &#8211; 1:18:50) \u3082\u3054\u78ba\u8a8d\u304f\u3060\u3055\u3044\u3002\n\n<\/p>\n\n\n\n<figure class=\"wp-block-embed-slideshare wp-block-embed is-type-rich is-provider-slideshare wp-embed-aspect-1-1 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"\u30b5\u30dd\u30fc\u30c8 \u30a8\u30f3\u30b8\u30cb\u30a2\u304c Azure Networking \u3092\u3058\u3063\u304f\u308a\u305f\u3063\u3077\u308a\u8a9e\u308a\u3064\u304f\u3059\u4f1a\" src=\"https:\/\/www.slideshare.net\/slideshow\/embed_code\/key\/4XGONsILdvDGj6\" width=\"427\" height=\"356\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" style=\"border:1px solid #CCC; border-width:1px; margin-bottom:5px; max-width: 100%;\" allowfullscreen> <\/iframe> <div style=\"margin-bottom:5px\"> <strong> <a href=\"https:\/\/www.slideshare.net\/ShuheiUda\/azure-networking-165852712\" title=\"\u30b5\u30dd\u30fc\u30c8 \u30a8\u30f3\u30b8\u30cb\u30a2\u304c Azure Networking \u3092\u3058\u3063\u304f\u308a\u305f\u3063\u3077\u308a\u8a9e\u308a\u3064\u304f\u3059\u4f1a\" target=\"_blank\">\u30b5\u30dd\u30fc\u30c8 \u30a8\u30f3\u30b8\u30cb\u30a2\u304c Azure Networking \u3092\u3058\u3063\u304f\u308a\u305f\u3063\u3077\u308a\u8a9e\u308a\u3064\u304f\u3059\u4f1a<\/a> <\/strong> from <strong><a href=\"https:\/\/www.slideshare.net\/ShuheiUda\" target=\"_blank\">ShuheiUda<\/a><\/strong> <\/div>\n<\/div><\/figure>\n\n\n\n<figure class=\"wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"\u7b2c21\u56de Tokyo Jazug Night\" width=\"860\" height=\"484\" src=\"https:\/\/www.youtube.com\/embed\/YMAV8aqb9pk?start=3816&#038;feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>\u5148\u65e5\u306e Fortigate \u7de8 \u306b\u7d9a\u3044\u3066\u3001\u4eca\u5ea6\u306f @kazubu \u5148\u751f\u306b\u3054\u63d0\u4f9b\u3044&hellip;<\/p>\n<p class=\"more-link-p\"><a class=\"more-link\" href=\"https:\/\/www.syuheiuda.com\/?p=4240\">Read more &rarr;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_locale":"","_original_post":""},"categories":[42,43,31],"tags":[],"views":26984,"_links":{"self":[{"href":"https:\/\/www.syuheiuda.com\/index.php?rest_route=\/wp\/v2\/posts\/4240"}],"collection":[{"href":"https:\/\/www.syuheiuda.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.syuheiuda.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.syuheiuda.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.syuheiuda.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4240"}],"version-history":[{"count":14,"href":"https:\/\/www.syuheiuda.com\/index.php?rest_route=\/wp\/v2\/posts\/4240\/revisions"}],"predecessor-version":[{"id":5149,"href":"https:\/\/www.syuheiuda.com\/index.php?rest_route=\/wp\/v2\/posts\/4240\/revisions\/5149"}],"wp:attachment":[{"href":"https:\/\/www.syuheiuda.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4240"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.syuheiuda.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4240"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.syuheiuda.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4240"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}