Advertisement
Hello,<\/p>\n
Im trying to setup a BGP with my Azure cloud server from my firewall Sophos.
\nThere are 2 IPSEC VPN (Route-based) between the two.
\nSince i have more than 1 routes for redundancy.
\nI am trying to use BGP instead of Static Route.<\/p>\n
However since this is a RBVPN, my BGB in Sophos requires the tunnel peer IP of the Azure Cloud Server.
\nBut two WAN connections in the Azure cloud have similar tunnel IP.
\nI was told they are created by default and im not sure to change them.
\nhere is the config from Azure.<\/p>\n
int tunnel 11\n ip address 169.254.0.1 255.255.255.252\n tunnel mode ipsec ipv4\n ip tcp adjust-mss 1350\n tunnel source 10.10.10.254\n tunnel destination 172.16.100.2\n tunnel protection ipsec profile Neo-OnPrem-VPN-Subisu-IPsecProfile\n exit\n\nint tunnel 12\n ip address 169.254.0.2 255.255.255.252\n tunnel mode ipsec ipv4\n ip tcp adjust-mss 1350\n tunnel source 10.10.10.254\n tunnel destination 172.16.200.2\n tunnel protection ipsec profile Neo-OnPrem-VPN-Subisu-IPsecProfile\n exit\n<\/code><\/pre>\nMy Sophos VPN Tunnel IP
\nISP1 : 169.254.0.1 255.255.255.252
\nISP:2: 169.254.0.2 255.255.255.252<\/p>\n
My plan for tunnel IT between Sophos to Azure
\nSophos ISP1 Tunnel IP: 3.3.3.3
\nAzure Tunnel 1 IP: 3.3.3.4<\/p>\n
Sophos ISP1 Tunnel IP: 4.4.4.3
\nAzure Tunnel 1 IP: 4.4.4.4<\/p>\n
Im confused as which tunnel is being used as i see tunnel 11 and tunnel 12 on the config of azure.
\nWhich tunnel should i use and is there a way to change them to my requirement?<\/p>","upvoteCount":5,"answerCount":5,"datePublished":"2025-05-15T09:04:41.979Z","author":{"@type":"Person","name":"netw0rk-newb","url":"https://community.spiceworks.com/u/netw0rk-newb"},"suggestedAnswer":[{"@type":"Answer","text":"
Hello,<\/p>\n
Im trying to setup a BGP with my Azure cloud server from my firewall Sophos.
\nThere are 2 IPSEC VPN (Route-based) between the two.
\nSince i have more than 1 routes for redundancy.
\nI am trying to use BGP instead of Static Route.<\/p>\n
However since this is a RBVPN, my BGB in Sophos requires the tunnel peer IP of the Azure Cloud Server.
\nBut two WAN connections in the Azure cloud have similar tunnel IP.
\nI was told they are created by default and im not sure to change them.
\nhere is the config from Azure.<\/p>\n
int tunnel 11\n ip address 169.254.0.1 255.255.255.252\n tunnel mode ipsec ipv4\n ip tcp adjust-mss 1350\n tunnel source 10.10.10.254\n tunnel destination 172.16.100.2\n tunnel protection ipsec profile Neo-OnPrem-VPN-Subisu-IPsecProfile\n exit\n\nint tunnel 12\n ip address 169.254.0.2 255.255.255.252\n tunnel mode ipsec ipv4\n ip tcp adjust-mss 1350\n tunnel source 10.10.10.254\n tunnel destination 172.16.200.2\n tunnel protection ipsec profile Neo-OnPrem-VPN-Subisu-IPsecProfile\n exit\n<\/code><\/pre>\nMy Sophos VPN Tunnel IP
\nISP1 : 169.254.0.1 255.255.255.252
\nISP:2: 169.254.0.2 255.255.255.252<\/p>\n
My plan for tunnel IT between Sophos to Azure
\nSophos ISP1 Tunnel IP: 3.3.3.3
\nAzure Tunnel 1 IP: 3.3.3.4<\/p>\n
Sophos ISP1 Tunnel IP: 4.4.4.3
\nAzure Tunnel 1 IP: 4.4.4.4<\/p>\n
Im confused as which tunnel is being used as i see tunnel 11 and tunnel 12 on the config of azure.
\nWhich tunnel should i use and is there a way to change them to my requirement?<\/p>","upvoteCount":5,"datePublished":"2025-05-15T09:04:42.041Z","url":"https://community.spiceworks.com/t/how-to-change-azure-tunnel-interface-ip/1206001/1","author":{"@type":"Person","name":"netw0rk-newb","url":"https://community.spiceworks.com/u/netw0rk-newb"}},{"@type":"Answer","text":"
You need to drill down on the resource in azure and find out what the public ip interface object shows. You can disassociate the object, change it then bind it back to the virtual network gateway.<\/p>","upvoteCount":1,"datePublished":"2025-05-20T20:10:00.091Z","url":"https://community.spiceworks.com/t/how-to-change-azure-tunnel-interface-ip/1206001/2","author":{"@type":"Person","name":"popeyesailzzz","url":"https://community.spiceworks.com/u/popeyesailzzz"}},{"@type":"Answer","text":"
that being said.
\nhow do i change the both tunnel 1 n 2 ip address?<\/p>","upvoteCount":0,"datePublished":"2025-05-28T03:32:57.548Z","url":"https://community.spiceworks.com/t/how-to-change-azure-tunnel-interface-ip/1206001/3","author":{"@type":"Person","name":"netw0rk-newb","url":"https://community.spiceworks.com/u/netw0rk-newb"}},{"@type":"Answer","text":"
Thanks for the related information<\/p>","upvoteCount":0,"datePublished":"2025-05-28T09:32:11.599Z","url":"https://community.spiceworks.com/t/how-to-change-azure-tunnel-interface-ip/1206001/4","author":{"@type":"Person","name":"spiceuser-vxad","url":"https://community.spiceworks.com/u/spiceuser-vxad"}},{"@type":"Answer","text":"
Is the sophos firewall in azure? The ips are assigned to the network interfaces in azure then attached to the firewall, set static ips. Use those static ips for tunnel interfaces.<\/p>","upvoteCount":0,"datePublished":"2025-05-28T17:46:22.354Z","url":"https://community.spiceworks.com/t/how-to-change-azure-tunnel-interface-ip/1206001/5","author":{"@type":"Person","name":"popeyesailzzz","url":"https://community.spiceworks.com/u/popeyesailzzz"}}]}}
