Expand my Community achievements bar.

SOLVED

How to config Site-to-Site VPN for AEMaaCS

Avatar

Level 1

Hello, I have already found the following tutorial, but iwie is not explained there what settings are needed.
https://experienceleague.adobe.com/docs/experience-manager-learn/cloud-service/networking/vpn.html?l...
I would like to connect Adobe AME to another Azure environment via site to site VPN.

This is the local gateway config
{
     "name": "lng-s2s",
     "id": "*****************",
     "etag": ""****************",
     "type": "Microsoft.Network/localNetworkGateways",
}, "location": "europe",
"properties": {
     "provisioningState": "Succeeded",
     "resourceGuid": "*************************",
     "localNetworkAddressSpace": {.
              "addressPrefixes": [
                       "10.104.182.64/26"
               ]
        },
        "fqdn": { "p{programid}-gateway.external.adobeaemcloud.com"
     }
}

This is the configuration from Adobe
}, "id": "*****",
                "programId": "{programid}",
                "region": "nld2",
                "kind": "vpn",
                "addressSpace": [
                     "10.104.182.64/26"
                 ],
                 "dns": {
                    "resolvers": []
                  },
                 "connections": [
                    {
                     }, "name": { "azure-s2s",
                    "gateway": {
                    "address": { "azure-static-ip}",
                    "addressSpace": [
                        "10.200.20.0/24"
                    ]
            },
            "vaultKeyPath": { "azure-sharedKey",
            "ipsecPolicy": {
            "dhGroup": "ECP256",
            "ikeEncryption": "AES256",
            "ikeIntegrity": "SHA256",
            "ipsecEncryption": "AES256",
           "ipsecIntegrity": "SHA256",
           "pfsGroup": "ECP256",
           "saDatasize": 102400000,
           "saLifetime": 3600
           }
        }
     ],

"advancedNetworkingEnabled": true

The Connection says no connection could be established, but I can't figure out why it doesn't work.

Are the ipsecPolicys necessary? Can the Adobe IPSpace be chosen freely?
Is it necessary to configure a nonProxyHost or postFowardPort in the advancedNetworking settings?

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

@schneidermanf Suggest you to raise support ticket for this

View solution in original post

1 Reply

Avatar

Correct answer by
Community Advisor

@schneidermanf Suggest you to raise support ticket for this