Merge pull request #263680 from paulth1/tutorial-site-to-site-portal

[AQ] edit pass: Tutorial site to site portal

Author: ShawnJackson

articles/vpn-gateway/tutorial-site-to-site-portal.md

@@ -10,8 +10,8 @@
  ms.custom: include file
 ---
 
-The virtual network gateway requires a specific subnet named **GatewaySubnet**. The gateway subnet is part of IP address range for your virtual network and contains the IP addresses that the virtual network gateway resources and services use.
+The virtual network gateway requires a specific subnet named **GatewaySubnet**. The gateway subnet is part of the IP address range for your virtual network and contains the IP addresses that the virtual network gateway resources and services use.
 
-When you create the gateway subnet, you specify the number of IP addresses that the subnet contains. The number of IP addresses needed depends on the VPN gateway configuration that you want to create. Some configurations require more IP addresses than others. It's best to specify /27 or larger (/26,/25 etc.) for your gateway subnet.
+When you create the gateway subnet, you specify the number of IP addresses that the subnet contains. The number of IP addresses needed depends on the VPN gateway configuration that you want to create. Some configurations require more IP addresses than others. It's best to specify /27 or larger (/26, /25, etc.) for your gateway subnet.
 
-If you see an error that specifies that the address space overlaps with a subnet, or that the subnet isn't contained within the address space for your virtual network, check your VNet address range. You might not have enough IP addresses available in the address range you created for your virtual network. For example, if your default subnet encompasses the entire address range, there are no IP addresses left to create additional subnets. You can either adjust your subnets within the existing address space to free up IP addresses, or specify an additional address range and create the gateway subnet there.
+If you see an error that specifies that the address space overlaps with a subnet, or that the subnet isn't contained within the address space for your virtual network, check your virtual network address range. You might not have enough IP addresses available in the address range you created for your virtual network. For example, if your default subnet encompasses the entire address range, there are no IP addresses left to create more subnets. You can either adjust your subnets within the existing address space to free up IP addresses or specify another address range and create the gateway subnet there.

includes/vpn-gateway-about-gwsubnet-portal-include.md

@@ -9,26 +9,26 @@
  ms.author: cherylmc
  ms.custom: include file
 ---
-1. From the [Azure portal](https://portal.azure.com), in **Search resources, services, and docs (G+/)** type **local network gateway**. Locate **local network gateway** under **Marketplace** in the search results and select it. This opens the **Create local network gateway** page.
-1. On the **Create local network gateway page**, on the **Basics** tab, specifiy the values for your local network gateway.
+1. In the [Azure portal](https://portal.azure.com), in **Search resources, services, and docs (G+/)**, enter **local network gateway**. Locate **local network gateway** under **Marketplace** in the search results and select it to open the **Create local network gateway** page.
+1. On the **Create local network gateway page**, on the **Basics** tab, specify the values for your local network gateway.
 
-   :::image type="content" source="./media/vpn-gateway-add-local-network-gateway-portal-include/basics.png" alt-text="Create a local network gateway with IP address." lightbox ="./media/vpn-gateway-add-local-network-gateway-portal-include/basics.png" :::
+   :::image type="content" source="./media/vpn-gateway-add-local-network-gateway-portal-include/basics.png" alt-text="Screenshot that shows creating a local network gateway with IP address." lightbox ="./media/vpn-gateway-add-local-network-gateway-portal-include/basics.png" :::
 
-   * **Subscription:** Verify that the correct subscription is showing.
-   * **Resource Group:** Select the resource group that you want to use. You can either create a new resource group, or select one that you've already created.
-   * **Region:** Select the region that this object will be created in. You may want to select the same location that your VNet resides in, but you aren't required to do so.
-   * **Name:** Specify a name for your local network gateway object.
-   * **Endpoint:** Select the endpoint type for the on-premises VPN device - **IP address** or **FQDN (Fully Qualified Domain Name)**.
-      * **IP address**: If you have a static public IP address allocated from your Internet service provider for your VPN device, select the IP address option and fill in the IP address as shown in the example. This is the public IP address of the VPN device that you want Azure VPN gateway to connect to. If you don't have the IP address right now, you can use the values shown in the example, but you'll need to go back and replace your placeholder IP address with the public IP address of your VPN device. Otherwise, Azure won't be able to connect.
-      * **FQDN**: If you have a dynamic public IP address that could change after certain period of time, often determined by your Internet service provider, you can use a constant DNS name with a Dynamic DNS service to point to your current public IP address of your VPN device. Your Azure VPN gateway resolves the FQDN to determine the public IP address to connect to. 
-   * **Address Space** refers to the address ranges for the network that this local network represents. You can add multiple address space ranges. Make sure that the ranges you specify here don't overlap with ranges of other networks that you want to connect to. Azure routes the address range that you specify to the on-premises VPN device IP address. *Use your own values here if you want to connect to your on-premises site, not the values shown in the example*.
+   * **Subscription**: Verify that the correct subscription is showing.
+   * **Resource group**: Select the resource group that you want to use. You can either create a new resource group or select one that you've already created.
+   * **Region**: Select the region where this object will be created. You might want to select the same location where your virtual network resides, but you aren't required to do so.
+   * **Name**: Specify a name for your local network gateway object.
+   * **Endpoint**: Select the endpoint type for the on-premises VPN device as **IP address** or **FQDN (Fully Qualified Domain Name)**.
+      * **IP address**: If you have a static public IP address allocated from your internet service provider (ISP) for your VPN device, select the IP address option. Fill in the IP address as shown in the example. This address is the public IP address of the VPN device that you want Azure VPN Gateway to connect to. If you don't have the IP address right now, you can use the values shown in the example. Later, you must go back and replace your placeholder IP address with the public IP address of your VPN device. Otherwise, Azure can't connect.
+      * **FQDN**: If you have a dynamic public IP address that could change after a certain period of time, often determined by your ISP, you can use a constant DNS name with a Dynamic DNS service to point to your current public IP address of your VPN device. Your Azure VPN gateway resolves the FQDN to determine the public IP address to connect to.
+   * **Address space**: The address space refers to the address ranges for the network that this local network represents. You can add multiple address space ranges. Make sure that the ranges you specify here don't overlap with ranges of other networks that you want to connect to. Azure routes the address range that you specify to the on-premises VPN device IP address. *Use your own values here if you want to connect to your on-premises site, not the values shown in the example*.
 
    > [!NOTE]
    >
-   > * Azure VPN supports only one IPv4 address for each FQDN. If the domain name resolves to multiple IP addresses, Azure VPN Gateway will use the first IP address returned by the DNS servers. To eliminate the uncertainty, we recommend that your FQDN always resolve to a single IPv4 address. IPv6 is not supported.
-   > * Azure VPN Gateway maintains a DNS cache refreshed every 5 minutes. The gateway tries to resolve the FQDNs for disconnected tunnels only. Resetting the gateway will also trigger FQDN resolution.
+   > * Azure VPN Gateway supports only one IPv4 address for each FQDN. If the domain name resolves to multiple IP addresses, VPN Gateway uses the first IP address returned by the DNS servers. To eliminate the uncertainty, we recommend that your FQDN always resolve to a single IPv4 address. IPv6 isn't supported.
+   > * VPN Gateway maintains a DNS cache that's refreshed every 5 minutes. The gateway tries to resolve the FQDNs for disconnected tunnels only. Resetting the gateway also triggers FQDN resolution.
    >
 
-1. On the **Advanced** tab, you can configure BGP settings if needed.
-1. When you have finished specifying the values, select **Review + create** at the bottom of the page to validate the page.
+1. On the **Advanced** tab, you can configure BGP settings, if needed.
+1. After you specify the values, select **Review + create** at the bottom of the page to validate the page.
 1. Select **Create** to create the local network gateway object.

includes/vpn-gateway-add-local-network-gateway-portal-include.md

@@ -5,34 +5,34 @@
  ms.date: 08/10/2023
  ms.author: cherylmc
 ---
-1. Go to your virtual network. On your VNet page, select **Connected devices** on the left. Locate your VPN gateway and click to open it.
+1. Go to your virtual network. On your virtual network page, on the left, select **Connected devices**. Locate your VPN gateway and select it to open it.
 1. On the page for the gateway, select **Connections**.
-1. At the top of the Connections page, select **+Add** to open the **Create connection** page.
+1. At the top of the **Connections** page, select **+ Add** to open the **Create connection** page.
 
-   :::image type="content" source="./media/vpn-gateway-add-site-to-site-connection-portal-include/add-connection.png" alt-text="Graphic shows a screenshot of the Basics page." lightbox="./media/vpn-gateway-add-site-to-site-connection-portal-include/add-connection.png":::
-1. On the Create connection **Basics** page, configure the values for your connection.
-   * For **Project details**, select the subscription and the Resource group where your resources are located.
-   * For **Instance details**, configure the following settings:
+   :::image type="content" source="./media/vpn-gateway-add-site-to-site-connection-portal-include/add-connection.png" alt-text="Screenshot that shows the Basics page." lightbox="./media/vpn-gateway-add-site-to-site-connection-portal-include/add-connection.png":::
+1. On the **Create connection** page, on the **Basics** tab, configure the values for your connection:
+   * Under **Project details**, select the subscription and the resource group where your resources are located.
+   * Under **Instance details**, configure the following settings:
 
-     * **Connection type:** Select **Site-to-site (IPSec)**.
-     * **Name:** Name your connection.
-     * **Region:** Select the region for this connection.
-1. Select **Settings** to navigate to the settings page.
+     * **Connection type**: Select **Site-to-site (IPSec)**.
+     * **Name**: Name your connection.
+     * **Region**: Select the region for this connection.
+1. Select the **Settings** tab and configure the following values:
 
-   :::image type="content" source="./media/vpn-gateway-add-site-to-site-connection-portal-include/settings-page.png" alt-text="Graphic shows a screenshot of the Settings page." lightbox="./media/vpn-gateway-add-site-to-site-connection-portal-include/settings-page.png":::
+   :::image type="content" source="./media/vpn-gateway-add-site-to-site-connection-portal-include/settings-page.png" alt-text="Screenshot that shows the Settings page." lightbox="./media/vpn-gateway-add-site-to-site-connection-portal-include/settings-page.png":::
 
-   * **Virtual network gateway:** Select the virtual network gateway from the dropdown.
-   * **Local network gateway:** Select the local network gateway from the dropdown.
-   * **Shared Key:** the value here must match the value that you're using for your local on-premises VPN device.
-   * Select **IKEv2**.
-   * Leave **Use Azure Private IP Address** deselected.
-   * Leave **Enable BGP** deselected.
-   * Leave **FastPath** deselected.
-   * **IPse/IKE policy:** Default.
-   * **Use policy based traffic selector:** Disable.
-   * **DPD timeout in seconds:** 45
-   * **Connection Mode:** leave as Default. This setting is used to specify which gateway can initiate the connection. For more information, see [VPN Gateway settings - connection modes](../articles/vpn-gateway/vpn-gateway-about-vpn-gateway-settings.md#connectionmode).
-1. For **NAT Rules Associations**, leave both Ingress and Egress as **0 selected**.
+   * **Virtual network gateway**: Select the virtual network gateway from the dropdown list.
+   * **Local network gateway**: Select the local network gateway from the dropdown list.
+   * **Shared key**: The value here must match the value that you're using for your local on-premises VPN device.
+   * **IKE Protocol**: Select **IKEv2**.
+   * **Use Azure Private IP Address**: Don't select.
+   * **Enable BGP**: Don't select.
+   * **FastPath**: Don't select.
+   * **IPsec/IKE policy:** Select **Default**.
+   * **Use policy based traffic selector**: Select **Disable**.
+   * **DPD timeout in seconds**: Select **45**.
+   * **Connection Mode**: Select **Default**. This setting is used to specify which gateway can initiate the connection. For more information, see [VPN Gateway settings - Connection modes](../articles/vpn-gateway/vpn-gateway-about-vpn-gateway-settings.md#connectionmode).
+1. For **NAT Rules Associations**, leave both **Ingress** and **Egress** as **0 selected**.
 1. Select **Review + create** to validate your connection settings.
 1. Select **Create** to create the connection.
-1. Once the deployment is complete, you can view the connection in the **Connections** page of the virtual network gateway. The Status goes from *Unknown* to *Connecting*, and then to *Succeeded*.
+1. After the deployment is finished, you can view the connection on the **Connections** page of the virtual network gateway. The status changes from *Unknown* to *Connecting* and then to *Succeeded*.

includes/vpn-gateway-add-site-to-site-connection-portal-include.md

@@ -24,8 +24,9 @@ ms.date: 08/08/2023
 
    * **IPv4 address space**: By default, an address space is automatically created. You can select the address space and adjust it to reflect your own values. You can also add a different address space and remove the default that was automatically created. For example, you can specify the starting address as **10.1.0.0** and specify the address space size as **/16**. Then select **Add** to add that address space.
    * **+ Add subnet**: If you use the default address space, a default subnet is created automatically. If you change the address space, add a new subnet within that address space. Select **+ Add subnet** to open the **Add subnet** window. Configure the following settings, and then select **Add** at the bottom of the page to add the values.
-      * **Subnet name**: An example is **FrontEnd**.
-      * **Subnet address range**: The address range for this subnet. Examples are **10.1.0.0** and **/24**.
+
+     * **Subnet name**: An example is **FrontEnd**.
+     * **Subnet address range**: The address range for this subnet. Examples are **10.1.0.0** and **/24**.
 
 1. Review the **IP addresses** page and remove any address spaces or subnets that you don't need.
 1. Select **Review + create** to validate the virtual network settings.