This is a short tutorial how to configure your MikroTik router to connect to Azure network with site-to-site VPN.
The things you need to do:
- Prepare your Azure virtual net, gateway and link configuration by following the article you can find here. There is nothing very tricky here, you just need to be careful with the following difference:
When you run the New-AzureRmVirtualNetworkGateway, be sure that you use the VPN type: PolicyBased. - Configure your MikroTik router. For this, you can search the Internet and study my screenshots.
I’m not sure if this configuration is the best, but this seems to be working.
The Firewall configuration:
Here you need to be able to exclude traffic from masquerading, fasttrack and let in the traffic from Azure virtual subnets. These screenshots show here a completely open firewall configuration between local subnets (192.168.0.0/16) and Azure subnets (10.0.0.0/16), but probably this is what you want first.
IPsec configuration:
Enter here your pre shared key to the Secret field.
Please leave your comment if you have ideas to improve the configuration.