MicrosoftDocs
diff --git a/‎articles/vpn-gateway/vpn-gateway-vpn-faq.md
Lines changed: 7 additions & 7 deletions b/‎articles/vpn-gateway/vpn-gateway-vpn-faq.md
Lines changed: 7 additions & 7 deletions
diff --git a/‎includes/vpn-gateway-configure-vpn-device-rm-include.md
Lines changed: 1 addition & 1 deletion b/‎includes/vpn-gateway-configure-vpn-device-rm-include.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎includes/vpn-gateway-connect-vm-troubleshoot-include.md
Lines changed: 5 additions & 5 deletions b/‎includes/vpn-gateway-connect-vm-troubleshoot-include.md
Lines changed: 5 additions & 5 deletions
diff --git a/‎includes/vpn-gateway-customer-controlled-gateway-maintenance-faq.md
Lines changed: 23 additions & 23 deletions b/‎includes/vpn-gateway-customer-controlled-gateway-maintenance-faq.md
Lines changed: 23 additions & 23 deletions
@@ -38,8 +38,8 @@ No. However, costs for any additional public IPs are charged accordingly. See [I
 
 The following cross-premises virtual network gateway connections are supported:
 
-* **Site-to-site**: VPN connection over IPsec (IKEv1 and IKEv2). This type of connection requires a VPN device or Windows Server Routing and Remote Access. For more information, see [Create a site-to-site VPN connection in the Azure portal](./tutorial-site-to-site-portal.md).
-* **Point-to-site**: VPN connection over Secure Socket Tunneling Protocol (SSTP) or IKEv2. This connection doesn't require a VPN device. For more information, see [Configure server settings for point-to-site VPN Gateway certificate authentication](vpn-gateway-howto-point-to-site-resource-manager-portal.md).
+* **Site-to-site (S2S)**: VPN connection over IPsec (IKEv1 and IKEv2). This type of connection requires a VPN device or Windows Server Routing and Remote Access. For more information, see [Create a site-to-site VPN connection in the Azure portal](./tutorial-site-to-site-portal.md).
+* **Point-to-site (P2S)**: VPN connection over Secure Socket Tunneling Protocol (SSTP) or IKEv2. This connection doesn't require a VPN device. For more information, see [Configure server settings for point-to-site VPN Gateway certificate authentication](vpn-gateway-howto-point-to-site-resource-manager-portal.md).
 * **Network-to-network**: This type of connection is the same as a site-to-site configuration. A connection between virtual networks is a VPN connection over IPsec (IKEv1 and IKEv2). It doesn't require a VPN device. For more information, see the [Configure a network-to-network VPN gateway connection](vpn-gateway-howto-vnet-vnet-resource-manager-portal.md).
 * **Azure ExpressRoute**: ExpressRoute is a private connection to Azure from your wide area network, not a VPN connection over the public internet. For more information, see the [ExpressRoute technical overview](../expressroute/expressroute-introduction.md) and the [ExpressRoute FAQ](../expressroute/expressroute-faqs.md).
 
@@ -177,7 +177,7 @@ For the classic deployment model:
 
 ### Can I use NAT-T on my VPN connections?
 
-Yes, NAT traversal (NAT-T) is supported. Azure VPN Gateway does *not* perform any NAT-like functionality on the inner packets to or from the IPsec tunnels. In this configuration, ensure that the on-premises device initiates the IPSec tunnel.
+Yes, network address translation traversal (NAT-T) is supported. Azure VPN Gateway does *not* perform any NAT-like functionality on the inner packets to or from the IPsec tunnels. In this configuration, ensure that the on-premises device initiates the IPSec tunnel.
 
 ### Can I set up my own VPN server in Azure and use it to connect to my on-premises network?
 
@@ -366,15 +366,15 @@ Yes. See [Configure forced tunneling](vpn-gateway-about-forced-tunneling.md).
 
 ### If my virtual machine is in a virtual network and I have a cross-premises connection, how should I connect to the VM?
 
-You have a few options. If you have RDP enabled for your VM, you can connect to your virtual machine by using the private IP address. In that case, you would specify the private IP address and the port that you want to connect to (typically 3389). You'll need to configure the port on your virtual machine for the traffic.
+If you have Remote Desktop Protocol (RDP) enabled for your VM, you can connect to your virtual machine by using the private IP address. In that case, you specify the private IP address and the port that you want to connect to (typically 3389). You need to configure the port on your virtual machine for the traffic.
 
-You can also connect to your virtual machine by private IP address from another virtual machine that's located on the same virtual network. You can't RDP to your virtual machine by using the private IP address if you're connecting from a location outside of your virtual network. For example, if you have a point-to-site virtual network configured and you don't establish a connection from your computer, you can't connect to the virtual machine by private IP address.
+You can also connect to your virtual machine by private IP address from another virtual machine that's located on the same virtual network. You can't RDP to your virtual machine by using the private IP address if you're connecting from a location outside your virtual network. For example, if you have a point-to-site virtual network configured and you don't establish a connection from your computer, you can't connect to the virtual machine by private IP address.
 
 ### If my virtual machine is in a virtual network with cross-premises connectivity, does all the traffic from my VM go through that connection?
 
-No. Only the traffic that has a destination IP that is contained in the virtual network Local Network IP address ranges that you specified goes through the virtual network gateway.
+No. Only the traffic that has a destination IP that's contained in the virtual network's local network IP address ranges that you specified goes through the virtual network gateway.
 
-Traffic has a destination IP located within the virtual network stays within the virtual network. Other traffic is sent through the load balancer to the public networks, or if forced tunneling is used, sent through the VPN gateway.
+Traffic that has a destination IP located within the virtual network stays within the virtual network. Other traffic is sent through the load balancer to the public networks. Or if you use forced tunneling, the traffic is sent through the VPN gateway.
 
 ### How do I troubleshoot an RDP connection to a VM
 
 
@@ -28,7 +28,7 @@ The following links provide more configuration information:
 
 - For cryptographic requirements, see [About cryptographic requirements and Azure VPN gateways](../articles/vpn-gateway/vpn-gateway-about-compliance-crypto.md).
 
-- For information about parameter information that you need to complete your configuration, see [Default IPsec/IKE parameters](../articles/vpn-gateway/vpn-gateway-about-vpn-devices.md#ipsec). The information includes IKE version, Diffie-Hellman group, authentication method, encryption and hashing algorithms, security association lifetime, Perfect Forward Secrecy, and Dead Peer Detection (DPD).
+- For information about parameter information that you need to complete your configuration, see [Default IPsec/IKE parameters](../articles/vpn-gateway/vpn-gateway-about-vpn-devices.md#ipsec). The information includes IKE version, Diffie-Hellman (DH) group, authentication method, encryption and hashing algorithms, security association (SA) lifetime, Perfect Forward Secrecy (PFS), and Dead Peer Detection (DPD).
 
 - For IPsec/IKE policy configuration steps, see [Configure custom IPsec/IKE connection policies for S2S VPN and VNet-to-VNet](../articles/vpn-gateway/vpn-gateway-ipsecikepolicy-rm-powershell.md).
 
 
@@ -13,11 +13,11 @@ If you're having trouble connecting to a virtual machine over your VPN connectio
 
 * Verify that your VPN connection is successful.
 * Verify that you're connecting to the private IP address for the VM.
-* If you can connect to the VM using the private IP address, but not the computer name, verify that you have configured DNS properly. For more information about how name resolution works for VMs, see [Name Resolution for VMs](../articles/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances.md).
+* If you can connect to the VM by using the private IP address but not the computer name, verify that you configured DNS properly. For more information about how name resolution works for VMs, see [Name resolution for resources in Azure virtual networks](../articles/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances.md).
 
-When you connect over Point-to-Site, check the following additional items:
+When you connect over point-to-site, check the following additional items:
 
-* Use 'ipconfig' to check the IPv4 address assigned to the Ethernet adapter on the computer from which you're connecting. If the IP address is within the address range of the virtual network that you're connecting to, or within the address range of your VPNClientAddressPool, this is referred to as an overlapping address space. When your address space overlaps in this way, the network traffic doesn't reach Azure, it stays on the local network.
-* Verify that the VPN client configuration package was generated after the DNS server IP addresses were specified for the virtual network. If you updated the DNS server IP addresses, generate and install a new VPN client configuration package.
+* Use `ipconfig` to check the IPv4 address assigned to the Ethernet adapter on the computer from which you're connecting. If the IP address is within the address range of the virtual network that you're connecting to, or within the address range of your VPN client address pool, it's an overlapping address space. When your address space overlaps in this way, the network traffic doesn't reach Azure. It stays on the local network.
+* Verify that the VPN client configuration package was generated after you specified the DNS server IP addresses for the virtual network. If you updated the DNS server IP addresses, generate and install a new VPN client configuration package.
 
-For more information about troubleshooting an RDP connection, see [Troubleshoot Remote Desktop connections to a VM](/troubleshoot/azure/virtual-machines/troubleshoot-rdp-connection).
+For more information about troubleshooting an RDP connection, see [Troubleshoot Remote Desktop connections to a VM](/troubleshoot/azure/virtual-machines/troubleshoot-rdp-connection).
@@ -9,57 +9,57 @@ ms.topic: include
 
 ---
 
-### Which services are included in the Maintenance Configuration scope of Network Gateways? 
+### Which services are included in maintenance configuration for the Network Gateways scope? 
 
-The Network Gateways scope includes gateway resources in Networking services. There are four types of resources in the Network Gateways scope:
+The Network Gateways scope includes gateway resources in networking services. There are four types of resources in the Network Gateways scope:
 
-* Virtual network gateway in the ExpressRoute service.
-* Virtual network gateway in the VPN Gateway service.
-* VPN gateway (Site-to-Site) in the Virtual WAN service.
-* ExpressRoute gateway in the Virtual WAN service.
+* Virtual network gateway in the ExpressRoute service
+* Virtual network gateway in the VPN Gateway service
+* VPN gateway (site-to-site) in the Azure Virtual WAN service
+* ExpressRoute gateway in the Virtual WAN service
 
-### Which maintenance is supported or not supported by customer-controlled maintenance?
+### Which maintenance does customer-controlled maintenance support?
 
-Azure services go through periodic maintenance updates to improve functionality, reliability, performance, and security. Once you configure a maintenance window for your resources, Guest OS and Service maintenance are performed during that window. Host updates, beyond the host updates (TOR, Power etc.) and critical security updates, aren't covered by the customer-controlled maintenance.  
+Azure services go through periodic maintenance updates to improve functionality, reliability, performance, and security. After you configure a maintenance window for your resources, guest OS and service maintenance are performed during that window. Customer-controlled maintenance doesn't cover updates beyond the host updates (for example, TOR and power) and critical security updates.  
 
 ### Can I get advanced notification of the maintenance?
 
-At this time, advanced notification can't be enabled for the maintenance of Network Gateway resources.
+At this time, you can't get advanced notification for the maintenance of network gateway resources.
 
 ### Can I configure a maintenance window shorter than five hours?
 
-At this time, you need to configure a minimum of a five hour window in your preferred time zone.
+At this time, you need to configure a minimum of a five-hour window in your preferred time zone.
 
-### Can I configure a maintenance window other than Daily schedule?
+### Can I configure a maintenance window other than a daily schedule?
 
 At this time, you need to configure a daily maintenance window.
 
-### Are there cases where I can’t control certain updates?
+### Are there cases where I can't control certain updates?
 
-Customer-controlled maintenance supports Guest OS and Service updates. These updates account for most of the maintenance items that cause concern for the customers. Some other types of updates, including Host updates, are outside of the scope of customer-controlled maintenance.
+Customer-controlled maintenance supports guest OS and service updates. These updates account for most of the maintenance items that cause concern for customers. Some other types of updates, including host updates, are outside the scope of customer-controlled maintenance.
 
-Additionally, if there's a high-severity security issue that might endanger our customers, Azure might need to override customer control of the maintenance window and push the change. These are rare occurrences that would only be used in extreme cases.
+If a high-severity security issue might endanger customers, Azure might need to override customer control of the maintenance window and push a change. These changes are rare occurrences that we use only in in extreme cases.
 
-### Do Maintenance Configuration resources need to be in the same region as the gateway resource?
+### Do maintenance configuration resources need to be in the same region as the gateway resource?
 
-Yes
+Yes.
 
-### Which gateway SKUs can be configured to use customer-controlled maintenance?
+### Which gateway SKUs can I configure to use customer-controlled maintenance?
 
 All gateway SKUs (except the Basic SKU for VPN Gateway) can be configured to use customer-controlled maintenance.
 
-### How long does it take for maintenance configuration policy to become effective after it gets assigned to the gateway resource?
+### How long does it take for a maintenance configuration policy to become effective after it's assigned to the gateway resource?
 
 It might take up to 24 hours for Network Gateways to follow the maintenance schedule after the maintenance policy is associated with the gateway resource.  
 
-### Are there any limitations on using customer-controlled maintenance based on the Basic SKU Public IP address?
+### Are there any limitations on using customer-controlled maintenance based on the Basic SKU public IP address?
 
-Yes. Gateway resources that use a Basic SKU Public IP address will only be able to have service updates following the customer-controlled maintenance schedule. For these gateways, Guest OS maintenance does NOT follow the customer-controlled maintenance schedule due to infrastructure limitations.
+Yes. Gateway resources that use a Basic SKU public IP address can have service updates only after the customer-controlled maintenance schedule. For these gateways, guest OS maintenance does *not* follow the customer-controlled maintenance schedule because of infrastructure limitations.
 
 ### How should I plan maintenance windows when using VPN and ExpressRoute in a coexistence scenario?
 
-When working with VPN and ExpressRoute in a coexistence scenario or whenever you have resources acting as backups, we recommend setting up separate maintenance windows. This approach ensures that maintenance doesn't affect your backup resources at the same time.
+When you work with VPN and ExpressRoute in a coexistence scenario or whenever you have resources that act as backups, we recommend setting up separate maintenance windows. This approach ensures that maintenance doesn't affect your backup resources at the same time.
 
-### I've scheduled a maintenance window for a future date for one of my resources. Will maintenance activities be paused on this resource until then?
+### I scheduled a maintenance window for a future date for one of my resources. Are maintenance activities paused on this resource until then?
 
-No, maintenance activities won't be paused on your resource during the period before the scheduled maintenance window. For the days not covered in your maintenance schedule, maintenance continues as usual on the resource.
+No, maintenance activities aren't paused on your resource during the period before the scheduled maintenance window. For the days not covered in your maintenance schedule, maintenance continues as usual on the resource.