You can setup dual tunnels (AWS) and active-active (Azure). BGP configuration is still not possible to be matched: AWS uses the tunnel's internal addresses while Azure does not have that concept and hardcodes the last available IP in the GatewaySubnet. Those two things are incompatible, so BGP can't be established with only the native gateways.

The same is being observed on our first time setup (s2s VPN tunnel) between a Cisco ASA and Azure. Traffic passes through successfully when initiated from hosts residing behind the Cisco ASA but not when connection is started from hosts within the Azure. Did you manage to get through this challenge? On our side we have a Cisco ASA 5516-X ExpressRoute or Virtual Network VPN - azure.microsoft.com Jun 10, 2014 IPsec VPN to Microsoft Azure – Fortinet Cookbook Jun 30, 2017

Microsoft Azure Site to Site VPN with SonicWall Hardware

How to Configure a Site-to-Site IPsec IKEv2 VPN Tunnel Jun 15, 2020 Configuring IKEv2 IPsec VPN for Microsoft Azure Environment

Jan 06, 2020

Step-By-Step: Connect your AWS and Azure environments with First, the Azure VPN Gateway can act as either initiator or responder of the tunnels, but AWS VGW can only act as a responder, Azure endpoint would have to be the initiator at all times. Second, as per Azure documentation, when Azure VPN Gateway acts as the initiator, Perfect Forward Secrecy (PFS) is not enabled for phase 2. inter-cloud vpn tunneling (AWS and Azure) - Server Fault You can setup dual tunnels (AWS) and active-active (Azure). BGP configuration is still not possible to be matched: AWS uses the tunnel's internal addresses while Azure does not have that concept and hardcodes the last available IP in the GatewaySubnet. Those two things are incompatible, so BGP can't be established with only the native gateways. Microsoft Azure - Connect Cloud Resources Jun 03, 2020