Error while creating Virtual Network Gateway

Ahmed Hadbool 5 Reputation points


Hi everyone

I have technical difficulties while configuring point to site VPN gateway in Microsoft Azure.

I already create Virtual Networks and VPN gateway with Public IP address and Generate certificates from the client machine

Issue begins when I try to Add the address pool, I get this error message :

Deployment to resource group 'AXTestRes' failed. Additional details from the underlying API that might be helpful: At least one resource deployment operation failed. Please list deployment operations for details. Please see for usage details.

I tried to use different address pool unfortunately get the same error message.

Any help would be greatly appreciated.

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,420 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,227 questions
{count} votes

1 answer

Sort by: Most helpful
  1. GitaraniSharma-MSFT 48,511 Reputation points Microsoft Employee

    Hello @Ahmed Hadbool ,

    I understand that you were getting an error when creating an Azure Virtual Network Gateway.

    Advised you to follow the below doc and check if you can find the detailed error message of the failed deployment:

    You followed the steps and shared the deployment JSON, where we found the below error message:

    "details": [
              "code": "ActiveActiveGatewayPublicIPAddressesDiffersInSkuOrZones",
              "message": "Virtual network gateway /subscriptions/xxxxxxxxxxx/resourceGroups/AXTestRes/providers/Microsoft.Network/virtualNetworkGateways/TestGateway in active active mode is using PublicIPAddresses either with different Skus or with different PublicIPAllocationMethod or from a different availability zones. Networking does not support using resources from multiple zones. Networking also does not support using both regional resources and zonal resources."

    The creation of the third Public IP address on the P2S VPN configuration page was causing issues.

    So, I requested you to check the 2 Public IP addresses that are associated with your Zone-redundant active-active VPN gateway and create a new Public IP address replicating the existing configuration. Once you create this new Public IP address, add it in the P2S VPN configuration page by selecting the "Use existing" option and then try saving the config.

    You followed the recommendation and P2S configuration was done successfully. You downloaded the VPN Client app on windows 10 and you were able to connect to it successfully.

    But on Windows Server 2019, VPN connect button was not responding.

    Informed you that Windows server 2019 is supported for Azure P2S VPN via the native VPN clients as long as you are using Azure Certificate/Radius authentication with OpenVPN/IKEv2 tunnel type.


    Advised you the below steps:


    You were able to fix the issue by resetting all configurations (Virtual Networks - Virtual Network Gateway - P2S ) then setup all from scratch.

    Now everythings works fine.

    Kindly let us know if the above helps or you need further assistance on this issue.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.