This whole issue is a joke at this point. I've lost all respect for Meraki at this point when it comes to major features missing. IPv6, SSLVPN, proper IPSEC /NAT support, they don't care; their indifference and wordplay games simply shows it. I don't even know why I stick up for Meraki at this point. It's just rediculous the smoke and mirrors, and well as the ultimately unfulfilled promises that just dissapoint me more than anything. Time to take a look around the vendor market at this point, to be honest.
... View more
Sorry. Everything went well. After updating the firmware I have access to IKE v2 parameters. I had to configure my Azure VPN with powershell : # first get your current connexion on Azure
$connection = Get-AzVirtualNetworkGatewayConnection -Name "Office" -ResourceGroupName "Internal"
# then create an IPSec policy whith the lifetime and DH Group you configured on Meraki
$ipsecpolicy = New-AzIpsecPolicy -IpsecEncryption AES256 -IpsecIntegrity SHA1 `
-IkeEncryption AES256 -IkeIntegrity SHA1 -DhGroup DHGroup2 `
-PfsGroup None -SALifeTimeSeconds 3600
# Apply policy to your connection
Set-AzVirtualNetworkGatewayConnection -VirtualNetworkGatewayConnection $connection -IpsecPolicies $ipsecpolicy -UsePolicyBasedTrafficSelectors $True It is now working smoothly for a month and it solved a lot of our problems. The only downside is that you have to use a VpnGw1 subscription on Azure VPN which cost more than base subscription but this is way less than a virtual MX. If you have any other question let me know. Have a nice day PS There is a nice conversation about this : https://community.meraki.com/t5/Security-SD-WAN/IKEv2-support-on-MX-devices/m-p/49088#M12406
... View more