Merge pull request #272501 from cherylmc/reset-active

Reset active

Author: prmerger-automator[bot]

articles/vpn-gateway/reset-gateway.md

@@ -5,7 +5,7 @@ description: Learn how to reset a gateway or a gateway connection to reestablish
 author: cherylmc
 ms.service: vpn-gateway
 ms.topic: how-to
-ms.date: 07/28/2023
+ms.date: 04/17/2024
 ms.author: cherylmc 
 ---
 # Reset a VPN gateway or a connection
@@ -16,13 +16,16 @@ Resetting an Azure VPN gateway or gateway connection is helpful if you lose cros
 
 ### Gateway reset
 
-A VPN gateway is composed of two VM instances running in an active-standby configuration. When you reset the gateway, it reboots the gateway, and then reapplies the cross-premises configurations to it. The gateway keeps the public IP address it already has. This means you won’t need to update the VPN router configuration with a new public IP address for Azure VPN gateway.
+A VPN gateway is composed of two virtual machine (VM) instances running in an active-standby or active-active configuration. When you reset the gateway, it reboots the gateway, and then reapplies the cross-premises configurations to it. The gateway keeps the public IP address it already has. This means you won’t need to update the VPN router configuration with a new public IP address for Azure VPN gateway.
 
-When you issue the command to reset the gateway, the current active instance of the Azure VPN gateway is rebooted immediately. There will be a brief gap during the failover from the active instance (being rebooted), to the standby instance. The gap should be less than one minute.
+When you issue the command to reset the gateway in active-standby setup, the current active instance of the Azure VPN gateway is rebooted immediately. A brief connectivity disruption can be expected during the failover from the active instance (being rebooted), to the standby instance.
 
-If the connection isn't restored after the first reboot, issue the same command again to reboot the second VM instance (the new active gateway). If the two reboots are requested back to back, there will be a slightly longer period where both VM instances (active and standby) are being rebooted. This will cause a longer gap on the VPN connectivity, up to 30 to 45 minutes for VMs to complete the reboots.
+When you issue the command to reset the gateway in active-active setup, one of the active instances (for example, primary active instance) of the Azure VPN gateway is rebooted immediately. A brief connectivity disruption can be expected as the gateway instance gets rebooted.
 
-After two reboots, if you're still experiencing cross-premises connectivity problems, please open a support request from the Azure portal.
+If the connection hasn't restored after the first reboot, the next steps might vary depending on if the VPN gateway is configured as active-standby or active-active:
+
+* If the VPN gateway is configured as active-standby, issue the same command again to reboot the second VM instance (the new active gateway).
+* If the VPN gateway is configured as active-active, the same instance gets rebooted when the reset gateway operation is issued again. You can use PowerShell or CLI to reset one or both of the instances using VIPs.
 
 ### Connection reset
 
@@ -34,13 +37,13 @@ You can reset a connection easily using the Azure portal.
 
 1. Go to the **Connection** that you want to reset. You can find the connection resource either by locating it in **All resources**, or by going to the **'Gateway Name' -> Connections -> 'Connection Name'**
 1. On the **Connection** page, in the left pane, scroll down to the **Support + Troubleshooting** section and select **Reset**.
-1. On the **Reset** page, click **Reset** to reset the connection.
+1. On the **Reset** page, select **Reset** to reset the connection.
 
    :::image type="content" source="./media/reset-gateway/reset-connection.png" alt-text="Screenshot showing the Reset button selected." lightbox="./media/reset-gateway/reset-connection.png":::
 
 ## Reset a gateway
 
-Before you reset your gateway, verify the key items listed below for each IPsec site-to-site (S2S) VPN tunnel. Any mismatch in the items will result in the disconnect of S2S VPN tunnels. Verifying and correcting the configurations for your on-premises and Azure VPN gateways saves you from unnecessary reboots and disruptions for the other working connections on the gateways.
+Before you reset your gateway, verify the following key items for each IPsec site-to-site (S2S) VPN tunnel. Any mismatch in the items results in the disconnect of S2S VPN tunnels. Verifying and correcting the configurations for your on-premises and Azure VPN gateways saves you from unnecessary reboots and disruptions for the other working connections on the gateways.
 
 Verify the following items before resetting your gateway:
 
@@ -54,16 +57,20 @@ You can reset a Resource Manager VPN gateway using the Azure portal.
 
 [!INCLUDE [portal steps](../../includes/vpn-gateway-reset-gw-portal-include.md)]
 
+Note: If the VPN gateway is configured as active-active, you can reset the gateway instances using VIPs of the instances in PowerShell or CLI.
+
 ### <a name="ps"></a>PowerShell
 
-The cmdlet for resetting a gateway is **Reset-AzVirtualNetworkGateway**. Before performing a reset, make sure you have the latest version of the [PowerShell Az cmdlets](/powershell/module/az.network). The following example resets a virtual network gateway named VNet1GW in the TestRG1 resource group:
+The cmdlet for resetting a gateway is **Reset-AzVirtualNetworkGateway**. The following example resets a virtual network gateway named VNet1GW in the TestRG1 resource group:
 
 ```azurepowershell-interactive
 $gw = Get-AzVirtualNetworkGateway -Name VNet1GW -ResourceGroupName TestRG1
 Reset-AzVirtualNetworkGateway -VirtualNetworkGateway $gw
 ```
 
-When you receive a return result, you can assume the gateway reset was successful. However, there's nothing in the return result that indicates explicitly that the reset was successful. If you want to look closely at the history to see exactly when the gateway reset occurred, you can view that information in the [Azure portal](https://portal.azure.com). In the portal, navigate to **'GatewayName' -> Resource Health**.
+You can view the reset history of the gateway from [Azure portal](https://portal.azure.com) by navigating to **'GatewayName' -> Resource Health**.
+
+Note: If the gateway is set up as active-active, use `-GatewayVip <string>` to reset both the instances one by one.
 
 ### <a name="cli"></a>Azure CLI
 
@@ -73,13 +80,15 @@ To reset the gateway, use the [az network vnet-gateway reset](/cli/azure/network
 az network vnet-gateway reset -n VNet5GW -g TestRG5
 ```
 
-When you receive a return result, you can assume the gateway reset was successful. However, there's nothing in the return result that indicates explicitly that the reset was successful. If you want to look closely at the history to see exactly when the gateway reset occurred, you can view that information in the [Azure portal](https://portal.azure.com). In the portal, navigate to **'GatewayName' -> Resource Health**.
+You can view the reset history of the gateway from [Azure portal](https://portal.azure.com) by navigating to **'GatewayName' -> Resource Health**.
+
+Note: If the gateway is set up as active-active, use `--gateway-vip <string>` to reset both the instances one by one.
 
 ### <a name="resetclassic"></a>Reset a classic gateway
 
 The cmdlet for resetting a classic gateway is **Reset-AzureVNetGateway**. The Azure PowerShell cmdlets for Service Management must be installed locally on your desktop. You can't use Azure Cloud Shell. Before performing a reset, make sure you have the latest version of the [Service Management (SM) PowerShell cmdlets](/powershell/azure/servicemanagement/install-azure-ps#azure-service-management-cmdlets).
 
-When using this command, make sure you're using the full name of the virtual network. Classic VNets that were created using the portal have a long name that is required for PowerShell. You can view the long name by using 'Get-AzureVNetConfig -ExportToFile C:\Myfoldername\NetworkConfig.xml'.
+When using this command, make sure you're using the full name of the virtual network. Classic VNets that were created using the portal have a long name that is required for PowerShell. You can view the long name by using `Get-AzureVNetConfig -ExportToFile C:\Myfoldername\NetworkConfig.xml`.
 
 The following example resets the gateway for a virtual network named "Group TestRG1 TestVNet1" (which shows as simply "TestVNet1" in the portal):