1) Open the dialog VPN -> IKEv2/IPSec -> Encryption and add a new encryption profile.
2) It is important that you select DH group 2 and disable PFS.
3) Go to the menu VPN -> IKEv2/IPSec -> Authentication and add a new entry.
Enter a name for the authentication profile.
Set the Local authentication parameter to PSK (pre-shared key).
Set the Local identifier type parameter to IPv4 address.
In the field for the Local identifier, you need to enter the public IP address of the LANCOM router.
Enter a local password for use as the pre-shared key.
Set the remote authentication parameter to PSK (pre-shared key).
Set the Remote identifier type parameter to IPv4 address.
In the field for the Remote identifier, you need to enter the public IP address of the Windows AZURE server.
Enter a remote password for use by the pre-shared key.
4) Go to the menu VPN -> General -> Network rules -> IPv4 rules and add a new entry.
In this example, the local network of the LANCOM router with the IP address range
192.168.1.0/24 is to communicate with the remote (local) network 192.168.11.0/24 .
5) Go to the menu VPN -> IKEv2/IPSec -> Connection list and add a new entry.
Enter a name for the authentication profile.
In this example, the VPN connection is established from Windows AZURE, so the short hold time is set to 0.
In the field for the remote Gateway, you need to enter the public IP address of the Windows AZURE server.
Set the encryption to the encryption profile created in step 2.
Set the authentication to the authentication profile created in step 3.
The rule creation is performed manually.
The IPv4 rule is set to the rule created in step 4.
6) Open the menu IP router -> Routing -> IPv4 routing table and create a new entry for the VPN connection to Windows AZURE.
The IP address and netmask are the parameters set for the Windows AZURE server.
Set the Router as the VPN connection that you created.