Delete a virtual network gateway using PowerShell (classic)
This article helps you delete a VPN gateway in the classic (legacy) deployment model by using PowerShell. After the virtual network gateway is deleted, modify the network configuration file to remove elements that you're no longer using.
The steps in this article apply to the classic deployment model and don't apply to the current deployment model, Resource Manager. Unless you want to work in the classic deployment model specifically, we recommend that you use the Resource Manager version of this article.
Important
You can no longer create new virtual network gateways for classic deployment model (service management) virtual networks. New virtual network gateways can be created only for Resource Manager virtual networks.
Step 1: Connect to Azure
1. Install the latest PowerShell cmdlets.
When working with the classic deployment model, you can't use Azure Cloud Shell. Instead, you must install the latest version of the Azure Service Management (SM) PowerShell cmdlets locally on your computer. These cmdlets are different from the AzureRM or Az cmdlets. To install the SM cmdlets, see Install Service Management cmdlets. For more information about Azure PowerShell in general, see the Azure PowerShell documentation.
2. Connect to your Azure account.
Open your PowerShell console with elevated rights and connect to your account. Use the following example to help you connect:
Open your PowerShell console with elevated rights.
Connect to your account. Use the following example to help you connect:
Add-AzureAccount
Step 2: Export and view the network configuration file
Create a directory on your computer and then export the network configuration file to the directory. You use this file to both view the current configuration information, and also to modify the network configuration.
In this example, the network configuration file is exported to C:\AzureNet.
Get-AzureVNetConfig -ExportToFile C:\AzureNet\NetworkConfig.xml
Open the file with a text editor and view the name for your classic VNet. When you create a VNet in the Azure portal, the full name that Azure uses isn't visible in the portal. For example, a VNet that appears to be named 'ClassicVNet1' in the Azure portal, might have a longer name in the network configuration file. The name might look something like: 'Group ClassicRG1 ClassicVNet1'. Virtual network names are listed as 'VirtualNetworkSite name ='. Use the names in the network configuration file when running your PowerShell cmdlets.
Step 3: Delete the virtual network gateway
When you delete a virtual network gateway, all connections to the VNet through the gateway are disconnected. If you have P2S clients connected to the VNet, they'll be disconnected without warning.
This example deletes the virtual network gateway. Make sure to use the full name of the virtual network from the network configuration file.
Remove-AzureVNetGateway -VNetName "Group ClassicRG1 ClassicVNet1"
If successful, the return shows:
Status : Successful
Step 4: Modify the network configuration file
When you delete a virtual network gateway, the cmdlet doesn't modify the network configuration file. You need to modify the file to remove the elements that are no longer being used. The following sections help you modify the network configuration file that you downloaded.
Local Network Site References
To remove site reference information, make configuration changes to ConnectionsToLocalNetwork/LocalNetworkSiteRef. Removing a local site reference triggers Azure to delete a tunnel. Depending on the configuration that you created, you might not have a LocalNetworkSiteRef listed.
<Gateway>
<ConnectionsToLocalNetwork>
<LocalNetworkSiteRef name="D1BFC9CB_Site2">
<Connection type="IPsec" />
</LocalNetworkSiteRef>
</ConnectionsToLocalNetwork>
</Gateway>
Example:
<Gateway>
<ConnectionsToLocalNetwork>
</ConnectionsToLocalNetwork>
</Gateway>
Local Network Sites
Remove any local sites that you're no longer using. Depending on the configuration you created, it's possible that you don't have a LocalNetworkSite listed.
<LocalNetworkSites>
<LocalNetworkSite name="Site1">
<AddressSpace>
<AddressPrefix>192.168.0.0/16</AddressPrefix>
</AddressSpace>
<VPNGatewayAddress>5.4.3.2</VPNGatewayAddress>
</LocalNetworkSite>
<LocalNetworkSite name="Site3">
<AddressSpace>
<AddressPrefix>192.168.0.0/16</AddressPrefix>
</AddressSpace>
<VPNGatewayAddress>57.179.18.164</VPNGatewayAddress>
</LocalNetworkSite>
</LocalNetworkSites>
In this example, we removed only Site3.
<LocalNetworkSites>
<LocalNetworkSite name="Site1">
<AddressSpace>
<AddressPrefix>192.168.0.0/16</AddressPrefix>
</AddressSpace>
<VPNGatewayAddress>5.4.3.2</VPNGatewayAddress>
</LocalNetworkSite>
</LocalNetworkSites>
Client AddressPool
If you had a P2S connection to your VNet, you'll have a VPNClientAddressPool. Remove the client address pools that correspond to the virtual network gateway that you deleted.
<Gateway>
<VPNClientAddressPool>
<AddressPrefix>10.1.0.0/24</AddressPrefix>
</VPNClientAddressPool>
<ConnectionsToLocalNetwork />
</Gateway>
Example:
<Gateway>
<ConnectionsToLocalNetwork />
</Gateway>
GatewaySubnet
Delete the GatewaySubnet that corresponds to the VNet.
<Subnets>
<Subnet name="FrontEnd">
<AddressPrefix>10.11.0.0/24</AddressPrefix>
</Subnet>
<Subnet name="GatewaySubnet">
<AddressPrefix>10.11.1.0/29</AddressPrefix>
</Subnet>
</Subnets>
Example:
<Subnets>
<Subnet name="FrontEnd">
<AddressPrefix>10.11.0.0/24</AddressPrefix>
</Subnet>
</Subnets>
Step 5: Upload the network configuration file
Save your changes and upload the network configuration file to Azure. Make sure you change the file path as necessary for your environment.
Set-AzureVNetConfig -ConfigurationPath C:\AzureNet\NetworkConfig.xml
If successful, the return shows something similar to this example:
OperationDescription OperationId OperationStatus
-------------------- ----------- ---------------
Set-AzureVNetConfig e0ee6e66-9167-cfa7-a746-7casb9 Succeeded