Update SKUs

update

format

Author: cherylmc

articles/vpn-gateway/media/tutorial-create-gateway-portal/address.png

@@ -6,13 +6,13 @@ author: cherylmc
 ms.author: cherylmc
 ms.service: vpn-gateway
 ms.topic: tutorial
-ms.date: 04/17/2024
+ms.date: 07/05/2024
 
 ---
 
-# Tutorial: Create and manage a VPN gateway by using the Azure portal
+# Tutorial: Create and manage a VPN gateway using the Azure portal
 
-This tutorial helps you create and manage a virtual network gateway (VPN gateway) by using the Azure portal. The VPN gateway is just one part of a connection architecture to help you securely access resources within a virtual network.
+This tutorial helps you create and manage a virtual network gateway (VPN gateway) using the Azure portal. The VPN gateway is one part of the connection architecture that helps you securely access resources within a virtual network using VPN Gateway.
 
 :::image type="content" source="./media/tutorial-create-gateway-portal/gateway-diagram.png" alt-text="Diagram that shows a virtual network and a VPN gateway." lightbox="./media/tutorial-create-gateway-portal/gateway-diagram-expand.png":::
 
@@ -36,66 +36,73 @@ You need an Azure account with an active subscription. If you don't have one, [c
 
 ## <a name="CreatVNet"></a>Create a virtual network
 
-Create a virtual network by using the following values:
+Create a virtual network using the following example values:
 
 * **Resource group:** TestRG1
 * **Name:** VNet1
-* **Region:** (US) East US
+* **Region:** (US) East US (or region of your choosing)
 * **IPv4 address space:** 10.1.0.0/16
 * **Subnet name:** FrontEnd
 * **Subnet address space:** 10.1.0.0/24
 
 [!INCLUDE [Create a VNet](../../includes/vpn-gateway-basic-vnet-rm-portal-include.md)]
 
-After you create your virtual network, you can optionally configure Azure DDoS Protection. Protection is simple to enable on any new or existing virtual network, and it requires no application or resource changes. For more information about Azure DDoS Protection, see [What is Azure DDoS Protection?](../ddos-protection/ddos-protection-overview.md).
+After you create your virtual network, you can optionally configure Azure DDoS Protection. Protection is simple to enable on any new or existing virtual network, and it requires no application or resource changes. For more information about Azure DDoS Protection, see [What is Azure DDoS Protection](../ddos-protection/ddos-protection-overview.md).
 
 ## Create a gateway subnet
 
 The virtual network gateway requires a specific subnet named **GatewaySubnet**. The gateway subnet is part of the IP address range for your virtual network and contains the IP addresses that the virtual network gateway resources and services use. Specify a gateway subnet that's /27 or larger.
 
 [!INCLUDE [Create gateway subnet](../../includes/vpn-gateway-create-gateway-subnet-portal-include.md)]
 
+[!INCLUDE [NSG warning](../../includes/vpn-gateway-no-nsg-include.md)]
+
 ## <a name="VNetGateway"></a>Create a VPN gateway
 
-In this step, you create the virtual network gateway (VPN gateway) for your virtual network. Creating a gateway can often take 45 minutes or more, depending on the selected gateway SKU.
+In this section, you create the virtual network gateway (VPN gateway) for your virtual network. Creating a gateway can often take 45 minutes or more, depending on the selected gateway SKU.
 
-Create a virtual network gateway by using the following values:
+Create a gateway using the following values:
 
 * **Name**: VNet1GW
-* **Region**: East US
 * **Gateway type**: VPN
-* **SKU**: VpnGw2
+* **SKU**: VpnGw2AZ
 * **Generation**: Generation 2
 * **Virtual network**: VNet1
 * **Gateway subnet address range**: 10.1.255.0/27
 * **Public IP address**: Create new
-* **Public IP address name**: VNet1GWpip
-
-For this exercise, you won't select a zone-redundant SKU. If you want to learn about zone-redundant SKUs, see [About zone-redundant virtual network gateways](about-zone-redundant-vnet-gateways.md). Additionally, these steps aren't intended to configure an active-active gateway. For more information, see [Configure active-active gateways](active-active-portal.md).
+* **Public IP address name:** VNet1GWpip1
+* **Public IP address SKU:** Standard
+* **Assignment:** Static
+* **Second Public IP address name:** VNet1GWpip2
 
-[!INCLUDE [Create a vpn gateway](../../includes/vpn-gateway-add-gw-portal-include.md)]
-[!INCLUDE [Configure PIP settings](../../includes/vpn-gateway-add-gw-pip-portal-include.md)]
+[!INCLUDE [Create a vpn gateway](../../includes/vpn-gateway-add-azgw-portal-include.md)]
+[!INCLUDE [Configure PIP settings](../../includes/vpn-gateway-add-azgw-pip-portal-include.md)]
 
 A gateway can take 45 minutes or more to fully create and deploy. You can see the deployment status on the **Overview** page for your gateway. After the gateway is created, you can view the IP address assigned to it by looking at the virtual network in the portal. The gateway appears as a connected device.
 
-[!INCLUDE [NSG warning](../../includes/vpn-gateway-no-nsg-include.md)]
-
-## <a name="view"></a>View the public IP address
-
-You can view the gateway public IP address on the **Overview** page for your gateway. The public IP address is used when you configure a site-to-site connection to your VPN gateway.
+## <a name="view"></a>View public IP address
 
-:::image type="content" source="./media/tutorial-create-gateway-portal/address.png" alt-text="Screenshot that shows the Overview page used to view the Public IP address field." lightbox="./media/tutorial-create-gateway-portal/address.png":::
+To view public IP addresses associated to your virtual network gateway, navigate to your gateway in the portal.
 
-To see more information about the public IP address object, select the name/IP address link next to **Public IP address**.
+1. On the portal page for your virtual network gateway, under **Settings**, open the **Properties** page.
+1. To view more information about the IP address object, click the associated IP address link.
 
 ## <a name="resize"></a>Resize a gateway SKU
 
 There are specific rules for resizing versus changing a gateway SKU. In this section, you resize the SKU. For more information, see [Resize or change gateway SKUs](about-gateway-skus.md#resizechange).
 
-[!INCLUDE [resize a gateway](../../includes/vpn-gateway-resize-gw-portal-include.md)]
+The basic steps are:
+
+1. Go to the **Configuration** page for your virtual network gateway.
+1. On the right side of the page, select the dropdown arrow to show a list of available SKUs. Notice that the list only populates SKUs that you're able to use to resize your current SKU. If you don't see the SKU you want to use, instead of resizing, you have to change to a new SKU.
+1. Select the SKU from the dropdown list and save your changes.
 
 ## <a name="reset"></a>Reset a gateway
 
+Gateway resets behave differently, depending on your gateway configuration. For more information, see [Reset a VPN gateway or a connection](reset-gateway.md).
+
+The basic steps are:
+
 [!INCLUDE [reset a gateway](../../includes/vpn-gateway-reset-gw-portal-include.md)]
 
 ## Clean up resources
@@ -104,9 +111,7 @@ If you're not going to continue to use this application or go to the next tutori
 these resources.
 
 1. Enter the name of your resource group in the **Search** box at the top of the portal and select it from the search results.
-
 1. Select **Delete resource group**.
-
 1. Enter your resource group for **TYPE THE RESOURCE GROUP NAME** and select **Delete**.
 
 ## Next steps

articles/vpn-gateway/tutorial-create-gateway-portal.md

@@ -57,6 +57,8 @@ After you create your virtual network, you can optionally configure Azure DDoS P
 
 [!INCLUDE [Create gateway subnet](../../includes/vpn-gateway-create-gateway-subnet-portal-include.md)]
 
+[!INCLUDE [NSG warning](../../includes/vpn-gateway-no-nsg-include.md)]
+
 ## <a name="VNetGateway"></a>Create a VPN gateway
 
 In this step, you create the virtual network gateway for your virtual network. Creating a gateway can often take 45 minutes or more, depending on the selected gateway SKU.
@@ -81,17 +83,16 @@ Create a virtual network gateway (VPN gateway) by using the following values:
 
 [!INCLUDE [Configure PIP settings](../../includes/vpn-gateway-add-gw-pip-portal-include.md)]
 
-You can see the deployment status on the **Overview** page for your gateway. A gateway can take up to 45 minutes to fully create and deploy. After the gateway is created, you can view the IP address that was assigned to it by looking at the virtual network in the portal. The gateway appears as a connected device.
+A gateway can take 45 minutes or more to fully create and deploy. You can see the deployment status on the **Overview** page for your gateway. After the gateway is created, you can view the IP address assigned to it by looking at the virtual network in the portal. The gateway appears as a connected device.
 
 [!INCLUDE [NSG warning](../../includes/vpn-gateway-no-nsg-include.md)]
 
 ### <a name="view"></a>View the public IP address
 
-You can view the gateway public IP address on the **Overview** page for your gateway.
-
-:::image type="content" source="./media/tutorial-create-gateway-portal/address.png" alt-text="Screenshot that shows the public IP address." lightbox= "./media/tutorial-create-gateway-portal/address.png":::
+To view public IP addresses associated to your virtual network gateway, navigate to your gateway in the portal.
 
-To see more information about the public IP address object, select the name/IP address link next to **Public IP address**.
+1. On the portal page for your virtual network gateway, under **Settings**, open the **Properties** page.
+1. To view more information about the IP address object, click the associated IP address link.
 
 ## <a name="LocalNetworkGateway"></a>Create a local network gateway
 

articles/vpn-gateway/tutorial-site-to-site-portal.md

@@ -0,0 +1,28 @@
+---
+ author: cherylmc
+ ms.service: vpn-gateway
+ ms.topic: include
+ ms.date: 06/24/2024
+ ms.author: cherylmc
+
+# The numbers in this include are correct. They add on to sections in multiple articles that are already numbered.
+---
+3. Specify the values for **Public IP address**. These settings specify the public IP address objects that will be associated to the VPN gateway. A public IP address is assigned to each public IP address object when the VPN gateway is created. The only time the assigned public IP address changes is when the gateway is deleted and re-created. IP addresses don't change across resizing, resetting, or other internal maintenance/upgrades of your VPN gateway.
+
+   :::image type="content" source="./media/vpn-gateway-add-azgw-pip-portal/active-az-values.png" alt-text="Screenshot that shows the Public IP address field." lightbox="./media/vpn-gateway-add-gw-pip-portal/pip-values.png":::
+
+   * **Public IP address type**: If this option appears, select **Standard**.
+
+   * **Public IP address**: Leave **Create new** selected.
+   * **Public IP address name**: In the text box, enter a name for your public IP address instance.
+   * **Public IP address SKU**: Setting is autoselected to Standard SKU.
+   * **Assignment**: The assignment is typically autoselected and should be Static.
+   * **Availability zone**: Select Zone-redundant, unless you know you want to specify a zone.
+   * **Enable active-active mode**: Select **Enabled**. This creates an [active-active](../articles/vpn-gateway/vpn-gateway-highlyavailable.md#active-active-vpn-gateways) gateway configuration.
+   * **Second public IP address:** Select **Create new**.
+   * **Public IP address name**: In the text box, enter a name for your public IP address instance.
+   * **Public IP address SKU**: Setting is autoselected to Standard SKU.
+   * **Availability zone**: Select Zone-redundant, unless you know you want to specify a zone.
+   * **Configure BGP:** Select Disabled unless your configuration specifically requires this setting. If you do require this setting, the default ASN is 65515, although this value can be changed.
+4. Select **Review + create** to run validation.
+5. After validation passes, select **Create** to deploy the VPN gateway.

includes/media/vpn-gateway-add-azgw-pip-portal/active-az-values.png

@@ -0,0 +1,28 @@
+---
+ author: cherylmc
+ ms.service: vpn-gateway
+ ms.topic: include
+ ms.date: 06/17/2024
+ ms.author: cherylmc
+---
+
+
+1. In **Search resources, services, and docs (G+/)**, enter **virtual network gateway**. Locate **Virtual network gateway** in the **Marketplace** search results and select it to open the **Create virtual network gateway** page.
+
+2. On the **Basics** tab, fill in the values for **Project details** and **Instance details**.
+
+   :::image type="content" source="./media/vpn-gateway-add-azgw-portal/instance-details.png" alt-text="Screenshot that shows the Instance fields." lightbox="./media/vpn-gateway-add-azgw-portal/instance-details.png":::
+
+   * **Subscription**: Select the subscription you want to use from the dropdown list.
+   * **Resource group**: This value is autofilled when you select your virtual network on this page.
+   * **Name**: This is the name of the gateway object you're creating. This is different than the gateway subnet to which gateway resources will be deployed.
+   * **Region**: Select the region in which you want to create this resource. The region for the gateway must be the same as the virtual network.
+   * **Gateway type**: Select **VPN**. VPN gateways use the virtual network gateway type **VPN**.
+   * **SKU**: From the dropdown list, select the gateway SKU that supports the features you want to use. We suggest selecting an **AZ** SKU such as VpnGw2AZ. At this time, The Basic SKU can only be configured using Azure CLI or PowerShell. For more information about SKUs, see [Gateway SKUs](../articles/vpn-gateway/vpn-gateway-about-vpn-gateway-settings.md#gwsku).
+   * **Generation**: Select **Generation2** from the dropdown.
+   * **Virtual network**: From the dropdown list, select the virtual network to which you want to add this gateway. If you can't see the virtual network you want to use, make sure you selected the correct subscription and region in the previous settings.
+   * **Gateway subnet address range** or **Subnet**: The gateway subnet is required to create a VPN gateway.
+
+     Currently, this field can show different settings options, depending on the virtual network address space and whether you already created a subnet named **GatewaySubnet** for your virtual network.
+
+     If you don't have a gateway subnet *and* you don't see the option to create one on this page, go back to your virtual network and create the gateway subnet. Then, return to this page and configure the VPN gateway.