Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
SOLVED

How to config Site-to-Site VPN for AEMaaCS

Avatar

Level 1

Hello, I have already found the following tutorial, but iwie is not explained there what settings are needed.
https://experienceleague.adobe.com/docs/experience-manager-learn/cloud-service/networking/vpn.html?l...
I would like to connect Adobe AME to another Azure environment via site to site VPN.

This is the local gateway config
{
     "name": "lng-s2s",
     "id": "*****************",
     "etag": ""****************",
     "type": "Microsoft.Network/localNetworkGateways",
}, "location": "europe",
"properties": {
     "provisioningState": "Succeeded",
     "resourceGuid": "*************************",
     "localNetworkAddressSpace": {.
              "addressPrefixes": [
                       "10.104.182.64/26"
               ]
        },
        "fqdn": { "p{programid}-gateway.external.adobeaemcloud.com"
     }
}

This is the configuration from Adobe
}, "id": "*****",
                "programId": "{programid}",
                "region": "nld2",
                "kind": "vpn",
                "addressSpace": [
                     "10.104.182.64/26"
                 ],
                 "dns": {
                    "resolvers": []
                  },
                 "connections": [
                    {
                     }, "name": { "azure-s2s",
                    "gateway": {
                    "address": { "azure-static-ip}",
                    "addressSpace": [
                        "10.200.20.0/24"
                    ]
            },
            "vaultKeyPath": { "azure-sharedKey",
            "ipsecPolicy": {
            "dhGroup": "ECP256",
            "ikeEncryption": "AES256",
            "ikeIntegrity": "SHA256",
            "ipsecEncryption": "AES256",
           "ipsecIntegrity": "SHA256",
           "pfsGroup": "ECP256",
           "saDatasize": 102400000,
           "saLifetime": 3600
           }
        }
     ],

"advancedNetworkingEnabled": true

The Connection says no connection could be established, but I can't figure out why it doesn't work.

Are the ipsecPolicys necessary? Can the Adobe IPSpace be chosen freely?
Is it necessary to configure a nonProxyHost or postFowardPort in the advancedNetworking settings?

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

@schneidermanf Suggest you to raise support ticket for this

View solution in original post

1 Reply

Avatar

Correct answer by
Community Advisor

@schneidermanf Suggest you to raise support ticket for this