Site to site to azure

I am new at this. I have openwrt (luci) installed on my router.
I am trying to set up site to site to Azure.
I was told I need to configure ipsec on my router and enter Azure configuration there.

I connected to my router via putty, but when try to access ipsec conf (where I was told to enter config data), I get permission denied.
What am I doing wrong?

login as: root
root@'s password:

BusyBox v1.26.2 () built-in shell (ash)

    /        /\      _    ___ ___  ___
   /  LE    /  \    | |  | __|   \| __|
  /    DE  /    \   | |__| _|| |) | _|
 /________/  LE  \  |____|___|___/|___|            
 \        \   DE /
  \    LE  \    /  -----------------------------------------------------------
   \  DE    \  /    Reboot (SNAPSHOT, r3899-dc4eae7)
    \________\/    -----------------------------------------------------------

LEDE ~ # /etc/config/ipsec
-ash: /etc/config/ipsec: Permission denied

ipsec is text config file you need to edit it using vi for example.

vi /etc/config/ipsec

That appears to be a relatively old development build (February, 2017)

You might want to upgrade to 18.06.01 Release

I updated and entered vi to input text as in guide I found. I guess when I input correct config connection should establish and I should be able to access my domain from remote site?

Since it is not connecting I probably made some mistakes. Is my config ok like this?

config 'ipsec'
  list listen ''
config 'remote' 'azure'
  option 'enabled' '1'
  option 'gateway' ''
  option 'pre_shared_key' 'my cipher for azure'
  option 'exchange_mode' 'aggressive'
  list   'p1_proposal' 'pre_g2_aes_sha1'
  list   'tunnel' 'azure_dmz'

config 'p1_proposal' 'pre_g2_aes_sha1'
  option 'encryption_algorithm' 'aes128'
  option 'hash_algorithm' 'sha1'
  option 'dh_group' '2'

config 'tunnel' 'azure_lan'
  option 'local_subnet' ''
  option 'remote_subnet' ''
  option 'p2_proposal' 'g2_aes_sha1'

config 'p2_proposal' 'g2_aes_sha1'
  option 'pfs_group' '2'
  option 'encryption_algorithm' 'aes128'
  option 'authentication_algorithm' 'sha1'

What is showing logread and ipsec statusall ?
Did you install strongswan? Are you trying start ipsec by /etc/init.d/ipsec start ?