Configure a virtual network gateway for ExpressRoute using PowerShell
Article
This article walks you through the steps to add, resize, and remove a virtual network gateway for a preexisting virtual network (VNet) using PowerShell. The steps for this configuration apply to VNets that were created using the Resource Manager deployment model for an ExpressRoute configuration. For more information about virtual network gateways and gateway configuration settings for ExpressRoute, see About virtual network gateways for ExpressRoute.
Prerequisites
Configuration reference list
The steps for this task use a VNet based on the values in the following configuration reference list. More settings and names are also outlined in this list. We don't use this list directly in any of the steps, although we do add variables based on the values in this list. You can copy the list to use as a reference, replacing the values with your own.
Setting
Value
Virtual Network Name
TestVNet
Virtual Network address space
192.168.0.0/16
Resource Group
TestRG
Subnet1 Name
FrontEnd
Subnet1 address space
192.168.1.0/24
Subnet1 Name
FrontEnd
Gateway Subnet name
GatewaySubnet
Gateway Subnet address space
192.168.200.0/26
Region
West US
Gateway Name
GW
Gateway IP Name
GWIP
Gateway IP configuration Name
gwipconf
Type
ExpressRoute
Gateway Public IP Name
gwpip
Add a gateway
Important
If you plan to use IPv6-based private peering over ExpressRoute, make sure to select an AZ SKU (ErGw1AZ, ErGw2AZ, ErGw3AZ) for -GatewaySku or use Non-AZ SKU (Standard, HighPerformance, UltraPerformance) for -GatewaySKU with Standard and Static Public IP.
To connect with Azure, run Connect-AzAccount.
Declare your variables for this tutorial. Be sure to edit the sample to reflect the settings that you want to use.
Add a gateway subnet to your Virtual Network. The gateway subnet must be named "GatewaySubnet". The gateway subnet has to be /27 or larger (/26, /25, and so on). If you plan on connecting 16 ExpressRoute circuits to your gateway, you must create a gateway subnet of /26 or larger.
Request a public IP address. The IP address is requested before creating the gateway. You can't specify the IP address that you want to use; it’s dynamically assigned. You'll use this IP address in the next configuration section. The AllocationMethod must be Dynamic.
Azure PowerShell
$pip = New-AzPublicIpAddress -Name$GWIPName -ResourceGroupName$RG -Location$Location -AllocationMethod Static -SKU Standard
If you want to create the gateway in an Azure Extended Zone, request a public IP address in the Extended Zone using the -ExtendedLocation parameter.
Basic SKU public IP isn't supported with new ExpressRoute virtual network gateway.
Create the configuration for your gateway. The gateway configuration defines the subnet and the public IP address to use. In this step, you're specifying the configuration that will be used when you create the gateway. Use the following sample to create your gateway configuration.
Create the gateway. In this step, the -GatewayType is especially important. You must use the value ExpressRoute. After running these cmdlets, the gateway can take 45 minutes or more to create.
Azure PowerShell
New-AzVirtualNetworkGateway -Name$GWName -ResourceGroupName$RG -Location$Location -IpConfigurations$ipconf -GatewayType Expressroute -GatewaySku Standard
If you want to create the gateway in an Azure Extended Zone, add the -ExtendedLocation parameter.
Azure PowerShell
New-AzVirtualNetworkGateway -Name$GWName -ResourceGroupName$RG -Location$Location -ExtendedLocation$ExtendedLocation -IpConfigurations$ipconf -GatewayType Expressroute -GatewaySku Standard