Acrolinx fixes

Author: ShawnJackson

articles/vpn-gateway/vpn-gateway-vpn-faq.md

@@ -96,7 +96,7 @@ A VPN gateway is a type of virtual network gateway. A VPN gateway sends encrypte
 
 ### Why can't I specify policy-based and route-based VPN types?
 
-As of October 1, 2023, you can't create a policy-based VPN gateway through the Azure portal. All new VPN gateways are automatically created as route-based. If you already have a policy-based gateway, you don't need to upgrade your gateway to route-based. You can use Azure Powershell or the Azure CLI to create the policy-based gateways.
+As of October 1, 2023, you can't create a policy-based VPN gateway through the Azure portal. All new VPN gateways are automatically created as route-based. If you already have a policy-based gateway, you don't need to upgrade your gateway to route-based. You can use Azure PowerShell or the Azure CLI to create the policy-based gateways.
 
 Previously, the older gateway product tiers (SKUs) didn't support IKEv1 for route-based gateways. Now, most of the current gateway SKUs support both IKEv1 and IKEv2.
 
@@ -130,7 +130,7 @@ When you create the gateway subnet, you specify the number of IP addresses that
 
 Some configurations require more IP addresses to be allocated to the gateway services than do others. Make sure that your gateway subnet contains enough IP addresses to accommodate future growth and possible new connection configurations.
 
-Although you can create a gateway subnet as small as /29, we recommend that you create a gateway subnet of /27 or larger (/27, /26, /25, and so on). Verify that your existing gateway subnet will meet the requirements for the configuration that you want to create.
+Although you can create a gateway subnet as small as /29, we recommend that you create a gateway subnet of /27 or larger (/27, /26, /25, and so on). Verify that your existing gateway subnet meets the requirements for the configuration that you want to create.
 
 ### Can I deploy virtual machines or role instances to my gateway subnet?
 

includes/vpn-gateway-configure-vpn-device-rm-include.md

@@ -1,13 +1,13 @@
 ---
- title: include file
- description: include file
+ title: Include file
+ description: Include file
  services: vpn-gateway
  author: cherylmc
  ms.service: vpn-gateway
  ms.topic: include
  ms.date: 02/14/2019
  ms.author: cherylmc
- ms.custom: include file
+ ms.custom: Include file
 ---
 
 Depending on the VPN device that you have, you might be able to download a VPN device configuration script. For more information, see [Download VPN device configuration scripts](../articles/vpn-gateway/vpn-gateway-download-vpndevicescript.md).

includes/vpn-gateway-connect-vm-troubleshoot-include.md

@@ -1,13 +1,13 @@
 ---
- title: include file
- description: include file
+ title: Include file
+ description: Include file
  services: vpn-gateway
  author: cherylmc
  ms.service: vpn-gateway
  ms.topic: include
  ms.date: 10/18/2023
  ms.author: cherylmc
- ms.custom: include file
+ ms.custom: Include file
 ---
 If you're having trouble connecting to a virtual machine over your VPN connection, check the following items:
 

includes/vpn-gateway-customer-controlled-gateway-maintenance-faq.md

@@ -38,7 +38,7 @@ At this time, you need to configure a daily maintenance window.
 
 Customer-controlled maintenance supports guest OS and service updates. These updates account for most of the maintenance items that cause concern for customers. Some other types of updates, including host updates, are outside the scope of customer-controlled maintenance.
 
-If a high-severity security issue might endanger customers, Azure might need to override customer control of the maintenance window and push a change. These changes are rare occurrences that we use only in in extreme cases.
+If a high-severity security issue might endanger customers, Azure might need to override customer control of the maintenance window and push a change. These changes are rare occurrences that we use only in extreme cases.
 
 ### Do maintenance configuration resources need to be in the same region as the gateway resource?
 

includes/vpn-gateway-deprecate-sku-faq.md

@@ -32,7 +32,7 @@ You can't migrate gateways from a deprecated SKU to an AZ SKU. However, all gate
 * Standard to VpnGw1AZ
 * High Performance to VpnGw2AZ
 
-After your gateways are automatically migrated and upgraded to the AZ SKUs, youu can then resize within that SKU family if necessary. For AZ SKU pricing, see the [pricing page](https://azure.microsoft.com/pricing/details/vpn-gateway/). For throughput information by SKU, see [About gateway SKUs](https://go.microsoft.com/fwlink/?linkid=2256302).
+After your gateways are automatically migrated and upgraded to the AZ SKUs, you can then resize within that SKU family if necessary. For AZ SKU pricing, see the [pricing page](https://azure.microsoft.com/pricing/details/vpn-gateway/). For throughput information by SKU, see [About gateway SKUs](https://go.microsoft.com/fwlink/?linkid=2256302).
 
 ### Will there be any pricing difference for my gateways after migration?
 

includes/vpn-gateway-faq-bgp-include.md

@@ -1,5 +1,5 @@
 ---
- title: include file
+ title: Include file
  author: cherylmc
  ms.service: vpn-gateway
  ms.date: 10/18/2023
@@ -39,7 +39,7 @@ The useable ranges of private ASNs are:
 
 * 64512-65514 and 65521-65534
 
-These ASNs aren't reserved by IANA or Azure, so you can assign them to your VPN gateway.
+Neither IANA nor Azure reserves these ASNs, so you can assign them to your VPN gateway.
 
 ### What address does Azure VPN Gateway use for BGP peer IP?
 
@@ -51,7 +51,7 @@ If your on-premises VPN routers use Automatic Private IP Addressing (APIPA) IP a
 
 ### What are the requirements for the BGP peer IP addresses on my VPN device?
 
-Your on-premises BGP peer address must not be the same as the public IP address of your VPN device or from the virtual network address space of the VPN gateway. Use a different IP address on the VPN device for your BGP peer IP. It can be an address assigned to the loopback interface on the device (either a regular IP address or an APIPA address).
+Your on-premises BGP peer address must not be the same as the public IP address of your VPN device or from the VNet address space of the VPN gateway. Use a different IP address on the VPN device for your BGP peer IP. It can be an address assigned to the loopback interface on the device (either a regular IP address or an APIPA address).
 
 If your device uses an APIPA address for BGP, you must specify one or more APIPA BGP IP addresses on your VPN gateway, as described in [Configure BGP for Azure VPN Gateway](../articles/vpn-gateway/bgp-howto.md). Specify these addresses in the corresponding local network gateway that represents the location.
 
@@ -74,7 +74,7 @@ Azure VPN gateways have a default ASN of 65515 assigned, whether BGP is enabled
 
 The gateways advertise the following routes to your on-premises BGP devices:
 
-* Your virtual network address prefixes
+* Your VNet address prefixes
 * Address prefixes for each local network gateway connected to the VPN gateway
 * Routes learned from other BGP peering sessions connected to the VPN gateway, except for the default route or routes that overlap with any virtual network prefix
 
@@ -84,11 +84,11 @@ Azure VPN Gateway supports up to 4,000 prefixes. The BGP session is dropped if t
 
 ### Can I advertise the default route (0.0.0.0/0) to VPN gateways?
 
-Yes. Keep in mind that advertising the default route forces all virtual network egress traffic toward your on-premises site. It also prevents the virtual network VMs from accepting public communication from the internet directly, such as RDP or SSH from the internet to the VMs.
+Yes. Keep in mind that advertising the default route forces all VNet egress traffic toward your on-premises site. It also prevents the virtual network VMs from accepting public communication from the internet directly, such as RDP or SSH from the internet to the VMs.
 
 ### Can I advertise the exact prefixes as my virtual network prefixes?
 
-No. Azure blocks or filters advertisement of the same prefixes as any one of your virtual network address prefixes. You can, however, advertise a prefix that's a superset of what you have inside your virtual network.
+No. Azure blocks or filters advertisement of the same prefixes as any one of your VNet address prefixes. You can, however, advertise a prefix that's a superset of what you have inside your virtual network.
 
 For example, if your virtual network uses the address space 10.0.0.0/16, you can advertise 10.0.0.0/8. But you can't advertise 10.0.0.0/16 or 10.0.0.0/24.
 

includes/vpn-gateway-faq-ipsecikepolicy-include.md

@@ -1,5 +1,5 @@
 ---
- title: include file
+ title: Include file
  author: cherylmc
  ms.service: vpn-gateway
  ms.date: 10/18/2023

includes/vpn-gateway-faq-nat-include.md

@@ -40,7 +40,7 @@ Yes, you can use BGP with NAT. Here are some important considerations:
 
 * To ensure that the learned routes and advertised routes are translated to post-NAT address prefixes (external mappings) based on the NAT rules associated with the connections, select **Enable BGP Route Translation** on the configuration page for NAT rules. The on-premises BGP routers must advertise the exact prefixes as defined in the **IngressSNAT** rules.
 
-* If the on-premises VPN router uses a regular, non-APIPA address and it collides with the virtual network address space or other on-premises network spaces, ensure that the **IngressSNAT** rule will translate the BGP peer IP to a unique, non-overlapped address. Put the post-NAT address in the **BGP peer IP address** field of the local network gateway.
+* If the on-premises VPN router uses a regular, non-APIPA address and it collides with the VNet address space or other on-premises network spaces, ensure that the **IngressSNAT** rule will translate the BGP peer IP to a unique, non-overlapped address. Put the post-NAT address in the **BGP peer IP address** field of the local network gateway.
 * NAT isn't supported with BGP APIPA addresses.
 
 ### Do I need to create the matching DNAT rules for the SNAT rule?
@@ -49,7 +49,7 @@ No. A single source network address translation (SNAT) rule defines the translat
 
 * An **IngressSNAT** rule defines the translation of the source IP addresses coming into the  VPN gateway from the on-premises network. It also handles the translation of the destination IP addresses leaving from the virtual network to the same on-premises network.
 
-* An **EgressSNAT** rule defines the translation of the virtual network source IP addresses leaving the VPN gateway to on-premises networks. It also handles the translation of the destination IP addresses for packets coming into the virtual network via those connections with the **EgressSNAT** rule.
+* An **EgressSNAT** rule defines the translation of the VNet source IP addresses leaving the VPN gateway to on-premises networks. It also handles the translation of the destination IP addresses for packets coming into the virtual network via those connections with the **EgressSNAT** rule.
 
 In either case, you don't need destination network address translation (DNAT) rules.
 
@@ -60,7 +60,7 @@ You need to create one NAT rule for each prefix, because each NAT rule can inclu
 * **IngressSNAT** rule 1: Map 10.0.1.0/24 to 100.0.1.0/24.
 * **IngressSNAT** rule 2: Map 10.0.2.0/25 to 100.0.2.0/25.
 
-The two rules must match the prefix lengths of the corresponding address prefixes. The same guideline applies to **EgressSNAT** rules for the virtual network address space.
+The two rules must match the prefix lengths of the corresponding address prefixes. The same guideline applies to **EgressSNAT** rules for the VNet address space.
 
 > [!IMPORTANT]
 > If you link only one rule to the preceding connection, the other address space won't be translated.
@@ -79,7 +79,7 @@ Yes. You typically use the same **IngressSNAT** rule when the connections are fo
 
 ### Do I need both ingress and egress rules on a NAT connection?
 
-You need both ingress and egress rules on the same connection when the on-premises network address space overlaps with the virtual network address space. If the virtual network address space is unique among all connected networks, you don't need the **EgressSNAT** rule on those connections. You can use the ingress rules to avoid address overlap among the on-premises networks.
+You need both ingress and egress rules on the same connection when the on-premises network address space overlaps with the VNet address space. If the VNet address space is unique among all connected networks, you don't need the **EgressSNAT** rule on those connections. You can use the ingress rules to avoid address overlap among the on-premises networks.
 
 ### What do I choose as the IP configuration ID?
 

includes/vpn-gateway-faq-p2s-azurecert-include.md

@@ -1,5 +1,5 @@
 ---
- title: include file
+ title: Include file
  author: cherylmc
  ms.service: vpn-gateway
  ms.date: 10/18/2023
@@ -9,7 +9,7 @@
 
 ### What should I do if I get a certificate mismatch when connecting through certificate authentication?
 
-Clear the **Verify the server's identity by validating the certificate** checkbox. Or, add the server fully qualified domain name (FQDN) along with the certificate when you're creating a profile manually. You can do this by running `rasphone` from a command prompt and selecting the profile from the dropdown list.
+Clear the **Verify the server's identity by validating the certificate** checkbox. Or, add the server's fully qualified domain name (FQDN) along with the certificate when you're creating a profile manually. You can do this by running `rasphone` from a command prompt and selecting the profile from the dropdown list.
 
 We don't recommend bypassing validation of server identity in general. But with Azure certificate authentication, the same certificate is used for server validation in the VPN tunneling protocol (IKEv2/SSTP) and the Extensible Authentication Protocol (EAP). Because the VPN tunneling protocol is already validating the server certificate and FQDN, it's redundant to validate them again in EAP.