Azure VPN connection fails with Failure error code:0x000035ed


I have created an VPN connection from my Azure VNET to a third party on site VPN device. The connection unfortunately fails. I have configured logging in the VNET and get the following error:

  Timestamp: 1601-01-01T00:00:00.000Z
  Flags: 0x00000106
    Local address field set
    Remote address field set
    IP version field set
  IP version: IPv4
  IP protocol: 0
  Local address: <xx.xx.xx.xx>
  Remote address: <yy.yy.yy.yy>
  Local Port: 0
  Remote Port: 0
  Application ID:
  User SID: <invalid>
Failure type: IKE/Authip Main Mode Failure
Type specific info:
  Failure error code:0x000035ed
    Negotiation timed out

  Failure point: Local
  Flags: 0x00000000
  Keying module type: IKEv2
  MM State: Initial state, no packets sent
  MM SA role: Initiator
  MM auth method: Unknown
  Cert hash:
  MM ID: 0x00000000000006bf
  MM Filter ID: 0x0000000000012dc9
  Local Principal Name: 
  Remote Principal Name: 
  Local Principal Group SIDs:
  Remote Principal Group SIDs:

Can anyone tell me what is wrong? I don't have any control over the VPN device, but make any Azure changes required.

asked on Stack Overflow Nov 1, 2017 by Slicc

1 Answer


This turned out to be to the Azure gateway using IKEv2 and the on-premises gateway using IKEv1. Updating the on-premises gateway fixed the issue.

answered on Stack Overflow Nov 2, 2017 by Slicc

User contributions licensed under CC BY-SA 3.0