Azure and AWS vMX is not a solution. We are a IaaS/PaaS provider hosted in our DataCentre on VMWare/Hyper-v. All of our customers have MX on-premise which have a site to site VPN back to our infrastructure which we then have to use a competitors Firewall product to terminate the VPNs back into our infrastructure. I would much prefer to use MX Auto vpn on provider side! Meraki is simply missing out on a large slice of license sales which we are just passing to a competitor as we run a virtual firewall for each customer in our infrastructure.
... View more
Route based is the Default in Azure Just click on your Dashboard and search for "Virtual Network Gateways" click ADD Choose your subscription, name the gateway, make sure you choose correct region and put the gateway in same resource group as your Vnet (keep it easy). SKU can be standard or VpnGw1 << is better than you can modify later. under Virtual Network choose the Vnet you want to put the VPN on. Create new public IP and wait for like 20 minutes it takes a bit. you will have to create a Root Certificate and User Certificates for IKE SSTP this one is tricky to manage if you want a cert for each user. There are guides out there but its not difficult to setup. I configured mine for Radius Authentication. FYI policy based is the IKE_v1 we dont want that !!!
... View more