Meraki VPN Cloud  Watchguard VPN Cloud   Sophos VPN Cloud  Sonicwall VPN Cloud  Palo Alto VPN Cloud  Fortigate VPN Cloud

Site-to-Site VPN Between Azure and a Cisco ASA

Create Virtual Network

Create Virtual Machine

Create Virtual Network Gateway

Create Local Network Gateway

This step may confuse some, as though it is named Local Network Gateway, it represents the remote side (peer/endpoint).

Your Vision, Our Expertise

Elevating Your Software Product Engineering Journey with Vast Edge

Create Connection

CISCO ASA Configuration:

Azure Connection

To show the status and the throughput totals you can click on the connection from within Virtual network gateways > VNETGW-POLICYVPN > Settings > Connections.

Site-to-Site VPN between Cisco RV and Amazon Web Services

Setting up a Site-to-Site VPN on Amazon Web Services:

Setting up Site-to-Site on an RV16X/RV26X, RV34X Router:

You have now successfully created a Site-to-Site VPN between CISCO RV series router and your AWS.

Set up VPN between Cisco ASR and Google Cloud VPN

Configure Cisco ASR 1000 for use with the Google Cloud VPN service is to ensure that the following prerequisite conditions have been met:

The Cisco ASR 1000 Series Router IPsec application requires:

IPsec parameters:

For the Cisco ASR 1000 IPsec configuration, the following details will be used:

Configuration - Google Cloud

IPsec VPN using dynamic routing:

For dynamic routing you use Cloud Router to establish BGP sessions between the 2 peers.

Using the Cloud Platform Console:

Configure IKEv2 proposal and policy:

Configure IKEv2 keyring:

The IKEv2 keyring is associated with an IKEv2 profile and hence, caters to a set of peers that match the IKEv2 profile.

Configure IKEv2 profile:

Configure IPsec security association:

Configure IPsec transform set:

During the IPsec SA negotiation, the peers agree to use a particular transform set for protecting a particular data flow.

Configure IPsec profile:

Configure IPsec static virtual tunnel interface (SVTI):

The recommended value is 1360 when the number of IP MTU bytes is set to 1400.

Configure static or dynamic routing protocol to route traffic into the IPsec tunnel:

Statically route traffic toward the network in Google Cloud to the Tunnel interface.

Saving the configuration:

To save the running configuration and set it as the default startup, run the following command on Cisco IOS terminal:

copy run start;

Advanced VPN configurations

Google Cloud Configuration:

Google Cloud does ECMP by default so there is no additional configuration required apart from creating x number of tunnels where x depends on your throughput requirements. You can either use a single VPN gateway to create multiple tunnels or create separate VPN gateway for each tunnel.

Actual performance varies depending on the following factors:

Testing the IPsec connection:

The IPsec tunnel can be tested from the router by using ICMP to ping a host on Google Cloud. Be sure to use the inside interface on the ASR 1000.

ABOUT VAST EDGE

For more than two decades, Vast Edge has served Fortune 500 enterprises across finance, manufacturing, telecom, and healthcare. Our expertise in AI driven migration, analytics, and security enables these organizations to scale with confidence while meeting the highest compliance standards.
We partner closely with CIOs, architects, and transformation teams to design hybrid environments that unify legacy systems with cloud-native AI services.

QUICK LINKS

TECHNOLOGY PARTNERS

CONTACT US

Copyrights © December 9 , 2025 All Rights Reserved by Vast Edge Inc.