Deploy Azure VPN Gateway with Basic SKU

David Lienhard 30 Reputation points
2023-09-27T08:46:11.6166667+00:00

Dear All

I'm a bit stuck, deploying a new Azure VPN Gateway with the Basic SKU. According to the docs this is still possible: https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#benchmark

And according to the docs this has to be down via Powershell or Azure CLI. I have already done this over the Azure Portal recently, but now I am unable to select the Basic SKU.

So I have tried to deploy the Gateway with Powershell:

$gwname = "vnet-gw-v-chno-01"
$rgname = "rg-network-chno-01"
$pipid = "...."
$subnetid = "...."
$location = "Switzerland North"

    -Name "$($gwname)-config" `
    -SubnetId $subnetid `
    -PublicIpAddressId $pipid

New-AzVirtualNetworkGateway `
    -Name $gwname `
    -ResourceGroupName $rgname `
    -Location $location `
    -IpConfigurations $ngwipconfig `
    -GatewayType "Vpn" `
    -VpnType "RouteBased" `
    -GatewaySku "Basic"

But then, I get the following error-message:

New-AzVirtualNetworkGateway: Virtual network gateway Sku specified is not valid for gateway ..../vnet-gw-v-chno-01 with DeploymentType VMScaleSet. The allowed Skus are VpnGw1AZ,VpnGw2AZ,VpnGw3AZ,VpnGw4AZ,VpnGw5AZ,VpnGw1,VpnGw2,VpnGw3,VpnGw4,VpnGw5.
StatusCode: 400
ReasonPhrase: 
ErrorCode: InvalidGatewaySkuSpecifiedForGatewayDeploymentType
ErrorMessage: Virtual network gateway Sku specified is not valid for gateway /..../vnet-gw-v-chno-01 with DeploymentType VMScaleSet. The allowed Skus are VpnGw1AZ,VpnGw2AZ,VpnGw3AZ,VpnGw4AZ,VpnGw5AZ,VpnGw1,VpnGw2,VpnGw3,VpnGw4,VpnGw5.
OperationID : ....

Same when I try with Azure CLI:

az network vnet-gateway create \
  -n "vnet-gw-v-chno-01" \
  -l "Switzerland North" \
  --public-ip-address "pip-vpn-gw-chno-01" \
  -g "rg-network-chno-01" \
  --vnet "vnet-chno-01" \
  --gateway-type Vpn \
  --sku "Basic" \
  --vpn-type RouteBased \
  --no-wait

I get the following error:

(InvalidGatewaySkuSpecifiedForGatewayDeploymentType) Virtual network gateway Sku specified is not valid for gateway /..../vnet-gw-v-chno-01 with DeploymentType VMScaleSet. The allowed Skus are VpnGw1AZ,VpnGw2AZ,VpnGw3AZ,VpnGw4AZ,VpnGw5AZ,VpnGw1,VpnGw2,VpnGw3,VpnGw4,VpnGw5. Code: InvalidGatewaySkuSpecifiedForGatewayDeploymentType Message: Virtual network gateway Sku specified is not valid for gateway /..../vnet-gw-v-chno-01 with DeploymentType VMScaleSet. The allowed Skus are VpnGw1AZ,VpnGw2AZ,VpnGw3AZ,VpnGw4AZ,VpnGw5AZ,VpnGw1,VpnGw2,VpnGw3,VpnGw4,VpnGw5.

So it seems, that the Basic Sku is not available anymore, but still in the docs, and I was not able to find a retirement notice.

Does anyone know more about this? Is this a bug, or is the Basic SKU really not available anymore?

Thanks for any help on this one.

Best regards

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,557 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,509 questions
{count} vote

Accepted answer
  1. TP 98,176 Reputation points
    2023-09-27T08:49:44.4833333+00:00

    Hi David,

    Please see sample code below. I tested and was able to successfully create Basic VPN Gateway.

    $location = "westus3"
    $resourceGroup = "basic-vnet-gateway-group"
    $vnetAddressSpace = "10.20.0.0/16"
    $gatewaySubnet = "10.20.0.0/27"
    New-AzResourceGroup -Name $resourceGroup -Location $location
    $subnetConfig = New-AzVirtualNetworkSubnetConfig -Name GatewaySubnet -AddressPrefix $gatewaySubnet
    $vngwPIP = New-AzPublicIpAddress -Name myvngw-ip -ResourceGroupName $resourceGroup -Location $location -Sku Basic -AllocationMethod Dynamic
    $vnet = New-AzVirtualNetwork -Name myvngw-vnet -ResourceGroupName $resourceGroup -Location $location -AddressPrefix $vnetAddressSpace -Subnet $subnetConfig
    $subnet = Get-AzVirtualNetworkSubnetConfig -Name GatewaySubnet -VirtualNetwork $vnet
    $vngwIpConfig = New-AzVirtualNetworkGatewayIpConfig -Name vngwipconfig -SubnetId $subnet.Id -PublicIpAddressId $vngwPIP.Id
    New-AzVirtualNetworkGateway -Name myvngw-gw -ResourceGroupName $resourceGroup -Location $location -IpConfigurations $vngwIpConfig -GatewayType Vpn -VpnType RouteBased -GatewaySku Basic
    
    

    Please click Accept Answer if above was helpful.

    Thanks.

    -TP

    6 people found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.