Share via

Azure VPN Gateway - PS2 Configuration in Failed State

ArnoudRaeven 16 Reputation points
2022-09-01T11:28:18.543+00:00

I am trying to create a basic-standard VPN gateway with a P2S configuration in WestEU.
Gateway deploys fine, but when I configure the P2S setup, it always fails.
Even after re-creating the VPN Gateway and subnet, using different IP-ranges, etc.

Basically the same issue as mentioned here:
https://social.msdn.microsoft.com/Forums/SECURITY/en-US/233f7768-8fe4-4fe5-9129-d715c04be3af/vpn-pointtosite-configuration-fails-with-generic-error-quotthe-current-operation-failed-due-to?forum=WAVirtualMachinesVirtualNetwork

The self-diag returns a Powershell command to execute:
Get-AzVirtualNetworkGateway -ResourceGroupName <RSG> -Name <VNET GW NAME> | Set-AzVirtualNetworkGateway
But that also fails to run/return the state to Succeeded.

How can I resolve this situation and create my P2S VPN GW?

Best Regards,

Arnoud

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,796 questions
0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jackson Martins 10,606 Reputation points MVP Volunteer Moderator
    2022-09-01T11:57:06.137+00:00

    Hi @ArnoudRaeven

    There is a thread here on QnA with the similar problem and the only solution is open a support ticket with Microsoft (https://azure.microsoft.com/en-us/support/create-ticket/)

    236926-ticket.png

    Reference: https://learn.microsoft.com/en-us/answers/questions/210809/internal-error-when-creating-a-vpn-gateway.html

    You can try "Reset"

    236928-image.png

    Change SKU or redeploy da VPNGateway with another name e SKU.

    Get in touch if you need more help with this issue.

    --please don't forget to "[Accept the answer]" if the reply is helpful--

    0 comments
  2. ArnoudRaeven 16 Reputation points
    2022-09-01T13:30:54.743+00:00

    Thanks @Jackson Martins , unfortunately I do not have a support contact, so I can't open a ticket without paying. That feels weird as there it's not due to any fault of my own. But an issue on the Azure site. I will try to re-create with a different name, see if that helps.
    Reset ofcourse also tried, no luck.

  3. JimmySalian-2011 42,511 Reputation points
    2022-09-01T21:23:31.727+00:00

    Hi Arnoud,

    I agree with Martin it is challenging and will be great to assist you, it seems to me like somewhere in the backend or some configuration is causing this issue. Can I request you to share the configuration over here obviously please remove your name and IP addresses.

    Also is it possible to use new root certificate for the configuration? How long it has been since you deleted and trying to recreate the VPN GW? What is Tunnel Type you are selecting?

    0 comments
  4. ArnoudRaeven 16 Reputation points
    2022-09-02T14:14:06.66+00:00

    I've done some more testing.
    Removed this: https://learn.microsoft.com/en-us/answers/questions/985608/azure-p2s-vpn-standard-sku-private-endpoints.html
    And re-created the P2S VPN. That worked without any issues once the DNS Resolver was removed. So I'm guessing the issue is somewhat related to that.

    Tried to do another setup with totally different IP range, double checking that they won't overlap.
    Seems to break when making the VNET links.
    So I've removed the Private DNS forwarder for now and decided to use local hosts files (I now it's not recommended, but for now my only option).

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.