Failed to Delete Basic Public Ip Reference for Basic SKU VPN Gateway

Question

Failed to Delete Basic Public Ip Reference for Basic SKU VPN Gateway

John Sletten 0

Hi,

After clicking "Delete Basic Public Ip Reference" I encountered two error messages.

Failed to execute migration

Failed to execute migration to Remove Public IP. Error: There was an error processing your request. Try again in a few moments.

Deployment validation failed

Deployment validation failed. Additional details from the underlying API that might be helpful. The template deployment "VirtualNetworkGatewayUpdate-20260625222321" is not valid according to the validation procedure. The following resource provider(s) -"Microsoft.Network/virtualNetworkGateways (2025-05-01) reported preflight validation errors. Tracking id (REDACTED) . See inner errors for details.

Clicking on "Help me troubleshoot" provided rather general tips on checking public IP associations, gateway configurations, subnet and IP capacity.

I did notice that in a similar case, https://learn.microsoft.com/en-us/answers/questions/5864157/failed-to-remove-the-basic-sku-public-ip-address-r the solution involved opening the Point-to-site configuration to remove a certificate. In my setup there are three certs and I would not know which one(s) to safely remove.

I am therefore reaching out to see if anyone else has seen this.

I would be grateful for any advice.

Kind Regards,
John Sletten

0 comments

1 answer

Your answer

Answer 1

John Sletten 0

Update

I managed to identify the expired certificate and duly removed it from the Point-to-site configuration.

After a delay of about 2 minutes, I got: "Successfully saved virtual network gateway 'VPNGatewayPrimary'.

Upon retrying the "Delete Basic Public Ip Reference" button I got a different message:

No migration necessary.

*Your Gateway does not have a PublicIpAddress reference or is using a PublicIpAddress with Standard Sku. No migration is necessary.

*The VPN connections are healthy and the old (basic) PublicIp resource no longer has an associated IP address.

I will monitor the gateway closely for the next 24 hours, but it seems that this matter is resolved now.

Thanks in any case.

John

Rachana Thipparapu 0 Reputation points Microsoft External Staff Moderator

2026-06-26T01:08:01.7366667+00:00

Hello @John Sletten

Good to hear that from you.

Please monitor the behavior for next 24 hours. If the issue is still not resolved, kindly inform us so we can work on fixing it.

In the meantime, please follow the following documents for your reference:

Basic SKU Public IP address reference removal

https://learn.microsoft.com/azure/vpn-gateway/basic-sku-public-ip-remove

Migrate a Basic SKU public IP to Standard SKU for Azure VPN Gateway (Preview/how-to):

https://learn.microsoft.com/azure/vpn-gateway/basic-public-ip-migrate-howto

Create a Basic SKU VPN gateway using PowerShell:

https://learn.microsoft.com/azure/vpn-gateway/create-gateway-basic-sku-powershell
Rachana Thipparapu 0 Reputation points Microsoft External Staff Moderator

2026-06-30T08:40:02.23+00:00

Hi @John Sletten

Hope you are doing well.

I wanted to follow up on our previous conversation regarding the Public IP deletion issue. Could you please let me know whether the issue has been resolved, or if you are still experiencing difficulties deleting the Public IP resource?

If the issue is still occurring, kindly share any recent observations, error messages, or updates so that we can investigate further and assist you accordingly.

Looking forward to your response.

Share via

Failed to Delete Basic Public Ip Reference for Basic SKU VPN Gateway

1 answer

Your answer