Vpn in azure using IKE with sha256

Similar Messages

• How many vpn can be used simultaneously in Azure?

  I need to add multiple locations to my azure platform approximately 90 branches , I need to know if I should set up a vpn for each branch , or as I should. thank you very much .
  I am from Colombia , if they can write in Spanish would be better

  Hi,
  It seems that you have asked this question before:
  https://social.msdn.microsoft.com/Forums/azure/en-US/c533ff85-c155-4a19-8156-67901da66ee4/how-many-vpn-can-be-used-simultaneously-in-azure?forum=WAVirtualMachinesVirtualNetwork#c533ff85-c155-4a19-8156-67901da66ee4
  Based on my experience, the maximum limitation for virtual networks and local networks is 100 per subscription and the limitation for local network
  sites is 10 per virtual network in Azure. If you connect each on-premise branch with an Azure virtual network, it would be possible to do that. However, the default limitation for virtual networks and local networks is 10 per subscription, you can request
  an increase limitation by following the article below:
  http://azure.microsoft.com/blog/2014/06/04/azure-limits-quotas-increase-requests/
  If you have anything unclear, please feel free to let me know.
  Best regards,
  Susie
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• How to upload to Azure Media Services when using HTML5 with Web API

  I keep finding examples demonstrating how to upload video to Azure Media Services through a console application.  I am developing an application using HTML5 with angularjs and web api, but am having trouble finding an example for uploading when you
  are getting the file from a form on a web browser.  The main issue I find is that I see a way to upload from a file path and no way to upload from a stream.  I would like to upload the file to blob storage and then associate the file in blob storage
  with the IAssetFile object, which is then associated with IAsset.  It this possible and if so can you point me in the direction of some tutorials that demonstrate this?  Also, I am allowing site members to upload videos and images.  For this
  images scenario, I saw doc. demonstrating how to start a job that will save the image into a different size, what if I need four different sizes for each image uploaded?

  Hi,
  the following example shows how to upload a stream into a blob and associate the blob with an asset: https://code.msdn.microsoft.com/How-to-upload-a-stream-to-d2750102.
  thanks,
  Julia
  This posting is provided "AS IS" with no warranties, and confers no rights.

• How to read azure storage data using JAVA with REST API

  Hi,
  We have a cloud service in our lab. We have enabled diagnostics
  in cloud services. So WADPerformanceCounterTable was created in storage account. Now , We want to read the WADPerformanceTable using
  JAVA with REST API. Is there any way to collect these details. please give me any
  sample code to connect azure storage using table service REST API.
  Thanks & Regards
  Rathidevi

  Hi,
  Please have a look at this article:
  https://convective.wordpress.com/2010/08/18/examples-of-the-windows-azure-storage-services-rest-api/, it demonstrate how to use table service Rest API, it also give us the code, hope this helps. Of course, the
  MSDN article could also help us coding.
  Best Regards,
  Jambor
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• What can I change to gain access to my work vpn.  I can access with my MacBook Air and other routers.  Can use my ipad and this time capsule to successfully access the VPN.

  What can I change to gain access to my work vpn.  I can access with my MacBook Air and other routers.  Can use my ipad and this time capsule to successfully access the VPN.

  You need to give us a lot more info.
  I presume the MBA and the TC are the combo that doesn't work, although you don't clearly state that.
  If the ipad and TC work.. are you sure the ipad is connected via the TC and not 3G network?
  If it is then the TC itself is fine and the issue might be setup on the MBA.. although if the MBA works with other routers.. that rather confuses the matter.
  You need to actually tell us how the TC is setup in the network. What kind of broadband modem you have and what kind of vpn you are using.

• Connect to Azure SQL DB with Security Enabled Access required using SSMS

  I'm looking to connect to an Azure SQL DB with Security Enabled Access required using SQL Server Management Studio 2014. I have tried checking off "Encrypt connection", but still errors out with "Cannot open database 'db name' on server 'hostname'
  requested by the login. Access to the database is only allowed using a security-enabled connection string."
  Thanks,
  Scott

  Hi Scott,
  Sorry, I missunderstood your initial question and the documentation I referenced is not updated appropriately. You have to change the connection string to <server-name>.database.secure.windows.net when you enable the security/auditing features.
  Documentation for this can be found
  here
  Thanks,
  Jan

• Instruction on how to work with images and videos in the storage azure using php

  Dear Sirs
  I followed below instruction to make video and image storage on Azure using PHP:
  http://azure.microsoft.com/en-us/documentation/articles/storage-php-how-to-use-blobs/
  Whenever I record an image on Azure storage and download stored image there is no format
  in the stored image. and end up becoming like any other regular file. Othe problem is that I cannot see the concerned image in the browser. I already have checked recipient access and it is defined as public reading. 
  Could you also please provide me with an article instructing how to make upload,  download,
  show up on the browser and remove video and images from the azure storage area?
  Thanks & Regards,
  Pedro

  Hi Pedro,
  Thanks for your posting!
  I am not familiar with PHP. But from your description, I think your need pay attention to those points in your code:
  1.When you store file or download file, please write the file name and
  suffix, for example, you need store image as blob name "image.png".
  2.When you download file from Azure blob, you need set the content type.
  if your file is image, you could set the content type as image type.
  3.You could get the blob URI, and set your image URL as blob URI. Do this, you can show the picture.
  Please see this similar issue thread:
  http://phpazure.codeplex.com/discussions/472840
  Regards,
  Will
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Sending mail over VPN from Azure

  Hello,
  We are running a .NET website on two 2012R2 VM's behind a loadbalancer. We want to use a on-premise SMTP server for sending forms. Site to Site VPN between azure and on-premise is active.
  When using telnet from both frontends we can send email with no problems at all. We use internal ip-adressess, both in azure and on-premise.
  When sending email from the application we receive the error:
  Message: No connection could be made because the target machine actively refused it
  127.0.53.53:25
  This ip-address is confusing us, I found on the ICANN website that it is a new special ip-address to mitigate the impact of name collisions in the domain name system.
  However I cannot see how an azure vm or loadbalancer can have a conflicting DNS address.
  Any ideas?
  Regards

  Finally found the issue.
  The web application used a wrong hostname as sender.

• Pre-shared Key Off-line Bruteforcing Using IKE Aggressive Mode

  Hi, I have 10 site-to-site VPN's, they consist of Cisco 837's and 877's. I run a security scan (Qualys vulnerability scanning) against the public IP of the routers and half of them come back with the vulnerability below. They are all using the latest IOS and all connect to a Cisco Concentrator.
  Here is the vulnerability, that means nothing to me, is it anything to worry about, all pre-shared keys are 8 characters or more and have letters, numbers, and symbols and capital letters:
  Pre-shared Key Off-line Bruteforcing Using IKE Aggressive Mode
  THREAT:
  IKE is used during Phase 1 and Phase 2 of establishing an IPSec connection. Phase 1 is where the two ISAKMP peers establish a secure, authenticated channel with which to communicate. Every participant in IKE must possess a key which may be either pre-shared (PSK) or a public key. There are inherent risks to configurations that use pre-shared keys which are exaggerated when Aggressive Mode is used.
  IMPACT:
  Using Aggressive Mode with pre-shared keys is the least secure option. In this particular scenario, it is possible for an attacker to gather all necessary information in order to mount an off-line dictionary (brute force) attack on the pre-shared keys. For more information about this type of attack, visit http://www.ima.umn.edu/~pliam/xauth/.
  SOLUTION:
  IKE Aggressive mode with pre-shared keys should be avoided where possible. Otherwise a strong pre-shared key should be chosen.
  Note that this attack method has been known and discussed within the IETF IPSec Working Group. The risk was considered as acceptable. For more information on this, visit http://www.vpnc.org/ietf-ipsec/99.ipsec/thrd2.html#01451.

  The description of the vulnerability specifies IKE aggressive mode. So my first question would be whether you are using IKE in aggressive mode or in main mode? In my experience most router based site to site VPN use main mode (though aggressive mode is an option) while many Remote Access VPN use aggressive mode. So which mode are you using?
  The second part of my response goes back to what I said in my earlier response. What kind of key are you using? How long is it and how strong is it? When you think about it any time we authenticate using shared keys there is some degree of vulnerability to brute force attack. The longer the key and the stronger the key the more you have mitigated the risk.
  HTH
  Rick

• I'm hooked up to the ethernet using DHCP with manual address. It's running (green) but my internet (Safari, messenger, email) doesn't work! Help!

  I'm running an iMac with Mountain Lion. Not only do we do accounting work on this computer with AccountEdge, but the computer functions as a server to another computer in a different state.
  Anyway, I set a static IP address (Using DHCP with manual address) on it (to allow for a VPN to the computer in the different state) and it is connected (green dot) - meaning that the other computer in the different state can connect to us via that ethernet line - but for some reason Safari, Messanger, and Apple Email won't work.
  But if I switch a dynamic IP (DHCP auto), I can use the internet (Safari, messanger, email), but the computer in the different state can't connect to this computer.
  How can I fix this so that the computer in the different state can connect to this computer and that the internet (Safari, messanger, and email) can work at the same time?
  Much thanks!

  No but if they are using a VPN Tunnel for the connection that restricts all internet traffic over the tunnel. Which means you can't use that same computer to broswe the internet or connect to other computers or devices on your LAN.
  I'd need to see the actual setup, router and the IP addresses you are using.
  Networking and remote networking is fairly easy when you are in front of the systems you are working on. Doing it over the internet on a forum is almost impossible. Tha is why I suggested you get local help, like the person that originally set it up.

• Remote Desktop to Windows 8 (in Azure) using a Windows Live Account

  This took me a while to find this answer so posting it again in case it help anybody and also perhaps somebody has a suggestion of a better way to do it.
  I spun up a Windows 8 Pro VM in Azure (using MSDN subscription) which gives me a local account to access it with via RDP. No problems there.
  I want to use a Microsoft Account on this VM instead of a local account however, because I want to sync my OneDrive (reason: I have a lot of data in the Cloud via backup programs like Carbonite and CrashPlan  that I want to move to my OneDrive as it
  has unlimited space now, but don't want to use home or work network for that move as it will take months to move it all about. Cloud-to-Cloud initial data move seemed like it would be quicker hence I am doing it in Azure.)
  I can't use OneDrive with the local account no matter what I tried so I had to log in as a Microsoft account.
  I tried adding my Microsoft Account to this VM, making it Administrator and then switching the local account to that one but this process failed (even tried different accounts, one without 2-factor auth. enabled: nothing.)
  I also tried RDPin in using the MicrosoftAccount\[email protected] rather than convert or link the local account but that didn't work either. "Your credentials didn't work." Even trying with just the email address didn't work. Nor did using
  an app password (I have 2-factor enabled of course.)
  The only way I was able to log in was to:
  Under System properties of the Windows 8 Pro VM, under Remote tab uncheck "Allow connections only from computers running Remote Desktop with Network Level Authentication"
  I follered these instructions to create and edit an RDP file on my local pc:
  http://support.microsoft.com/kb/941641
  Once I connected from my local pc with the modified RDP file to the Windows 8 Pro VM in Azure, I was prompted for the user to log in as by the VM, allowing me to select the Microsoft Account I had previously added instead of the local account which looked
  the same as if you do it physically at the machine. This had not happened before and once I did, everything was fine after that :-)

  Hi,
  Please use the original RDP file in another computer and install the certificate. And then use the new RDP for test
  Karen Hu
  TechNet Community Support

• How integrate azure media services with blob storage?

  I need to upload lots of content over blob storage which contains different types of files.
  Now my problem is that files contains lots of videos also.
  I want to way by which i can integrate azure media services with blob storage so that i can stream that video.
  So probably i don't want to upload my videos on azure media services storage because i want all my content to be at one place which is blob storage.
  Is there any way to achieve this?
  Thanks,
  Rajesh Khunt
  Blog : http://programmersgeek.wordpress.com/
  Twitter : http://twitter.com/#!/r_rajeshkhunt
  Linkedin : http://in.linkedin.com/in/rajeshkhunt

  Hi Rajesh
  Every Media Services account needs a blob storage account associated with it. You can choose an existing blob storage account for that purpose. In order for Media Services to work with your videos you need to create an asset using the Media Services APIs.
  That call results in the creation of a container which has the name in the following format asset-<AssetId>. The actual video files need to go as blobs within this container but these files need to be known to Media Services and you can do so by adding
  AssetFiles to the asset using the Media Services APIs. Once you do that the asset is well known to Media Services and you can stream it.

• Tutorial: Azure AD Integration with Bime

  Click reply and tell us what you think:
  Tutorial: Azure AD Integration with Bime
  Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation

  Thanks for this.  Do you have a similar set of instructions to use the "use an existing single sign-on" option so we could leverage our Azure Identities but with our ADFS system (we're not currently syncing passwords to Azure AD)?

• Tutorial: Azure AD Integration with ITRP

  Click reply and tell us what you think:
  Tutorial: Azure AD Integration with ITRP
  Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation

  Thanks for this.  Do you have a similar set of instructions to use the "use an existing single sign-on" option so we could leverage our Azure Identities but with our ADFS system (we're not currently syncing passwords to Azure AD)?

• Tutorial: Azure AD Integration with xMatters OnDemand

  Click reply and tell us what you think:
  Tutorial: Azure AD Integration with xMatters OnDemand
  Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation

  Thanks for this.  Do you have a similar set of instructions to use the "use an existing single sign-on" option so we could leverage our Azure Identities but with our ADFS system (we're not currently syncing passwords to Azure AD)?