Failed to Delete Basic Public IP Reference from a Basic SKU VPN gateway

Question

Hi,

I am trying to do Delete Basic Public IP Reference from a Basic SKU VPN gateway in the Azure portal as per the documentation here https://learn.microsoft.com/en-us/azure/vpn-gateway/basic-sku-public-ip-remove due to this must be done before 30 June 2026.

I have validated this operation and all validations are succeeded:

Then, I am however encountering the following error when doing Delete Basic Public Ip Reference:

My understanding this is an automated process as part of the deletion process provided by Azure. The inner errors don't really display too much more information.

Any suggestion about this?

Answer 1

Welcome to Microsoft Q&A

Hello @Fengqizhang-6483 I hope you are doing well,

The error code PublicIpForGatewayIsRequired is occurring because Azure architecture dictates that an internet-facing VPN Gateway cannot exist without a public IP endpoint. The system is actively blocking the deletion because completing the action would leave your gateway without a required IP address.

Because your VPN Gateway is on the Basic SKU, it only supports Basic Public IPs. You cannot remove the IP, and you cannot attach a Standard IP to a Basic gateway.

To meet the June 30, 2026 deprecation deadline, you should not delete the IP reference. Instead, follow this upgrade path:

Step 1: Upgrade the VPN Gateway SKU. First, migrate or resize your VPN Gateway from the Basic SKU to a higher, Standard-compatible SKU (such as VpnGw1).

• Step 2: Upgrade the IP In-Place. Once your gateway is running on the upgraded SKU, navigate directly to your Public IP resource in the Azure portal. You can use the built-in option to upgrade the IP allocation directly from Basic to Standard without needing to delete it.

If my answer helped you resolve your issue, please consider marking it as the correct answer. This helps others in the community find solutions more easily. Thanks!