Hi,    We have setup an IPSec tunnel from our MX to Azure vWAN (VPN gateway) which is working fine when using static routing. We are now trying to make use of eBGP over IPsec however were not having much luck.   The VPN gateway has the following configuration, the public IPs have been changed for obvious reasons.  "bgpSettings": { "asn": 65515, "peerWeight": 0, "bgpPeeringAddresses": [ { "ipconfigurationId": "Instance0", "defaultBgpIpAddresses": [ "10.104.0.13" ], "customBgpIpAddresses": [], "tunnelIpAddresses": [ "4.251.52.228", "10.104.0.4" ] }, { "ipconfigurationId": "Instance1", "defaultBgpIpAddresses": [ "10.104.0.12" ], "customBgpIpAddresses": [], "tunnelIpAddresses": [ "132.123.66.99", "10.104.0.5" ] } ] },   Whats confusing is what we set on the Meraki end. We logged a ticket with support and they wasn't much help but advised the following:   "Looking at the backend logs on the MX and what's on the dashboard, the peering stage is stuck at Connect. This indicates TCP 179 handshake is failing. Even though it is outside Meraki Support's scope to look at other vendors' configurations and I personally don't know much about Azure, looking at below my guess is you might have to use the subnet from 10.104.0.13. It would be a /30 shared subnet and both the Z3 and the Azure peer should both be in that. According to online subnet calculator, if Azure is using 10.104.0.13, then Z3 should be 10.104.0.14".    IPSec Subnet: 10.104.0.12/30 BGP Source IP: 10.104.0.14 BGP Neighbor IP: 10.104.0.13 Remote AS: 65515    Unfortunately we cannot get any meaningful logs our of the MX to see what might be causing the issue, has anyone else set this up that can point me in the right direction?    TIA.  ... View more