Line edits2

Author: lootle1

learn-pr/azure/intro-to-azure-vpn-gateway/includes/3-how-vpn-gateway-works.md

@@ -1,7 +1,7 @@
 You can deploy only one VPN gateway in each Azure virtual network. Even though you're limited to a single VPN gateway, you can configure this gateway to connect to multiple locations, including other Azure virtual networks or on-premises datacenters.
 
 > [!NOTE]
-> A virtual network gateway is composed of two or more special VMs that are deployed to a specific subnet called the *gateway subnet*. Virtual network gateway VMs host routing tables and run specific gateway services. These VMs that constitute the gateway are created when you create the virtual network gateway and are managed automatically by Azure and do not require administrative attention.
+> A virtual network gateway is composed of two or more special VMs that are deployed to a specific subnet called the *gateway subnet*. Virtual network gateway VMs host routing tables and run specific gateway services. When you create the virtual network gateway, it creates these VMs that constitute the gateway. Azure manages them automatically, and they don't require administrative attention.
 
 ## VPN gateway types
 
@@ -25,7 +25,7 @@ The source and destination of the tunneled networks are declared in the VPN poli
 
 ## Route-based VPN gateways
 
-With route-based Azure VPN gateways, an IPsec tunnel functions as a network interface or virtual tunnel interface (VTI). IP routing (static routes or dynamic routing protocols) determines which tunnel interfaces will transmit each packet. Route-based VPNs are the preferred connection method for on-premises devices because they are more resilient to topology changes such as the creation of new subnets. A route-based VPN is far more suitable for Adatum, because it will allow connections to be made to Azure IaaS resources on virtual networks if new subnets are added without having to reconfigure the Azure VPN gateway.
+With route-based Azure VPN gateways, an IPsec tunnel functions as a network interface or virtual tunnel interface (VTI). IP routing (static routes or dynamic routing protocols) determines which tunnel interfaces will transmit each packet. Route-based VPNs are the preferred connection method for on-premises devices because they're more resilient to topology changes such as the creation of new subnets. A route-based VPN is far more suitable for Adatum, because it will allow connections to be made to Azure IaaS resources on virtual networks if new subnets are added without having to reconfigure the Azure VPN gateway.
 
 Use a route-based VPN gateway if you need any of the following types of connectivity:
 
@@ -40,7 +40,7 @@ Key features of route-based VPN gateways in Azure include:
 - Uses any-to-any (wildcard) traffic selectors.
 - Can use dynamic routing protocols, where routing/forwarding tables direct traffic to different IPsec tunnels.
 
-When configured to use dynamic routing, the source and destination networks are not statically defined because they are in policy-based VPNs or even in route-based VPNs with static routing. Instead, data packets are encrypted based on network routing tables that are created dynamically using routing protocols such as Border Gateway Protocol (BGP).
+When configured to use dynamic routing, the source and destination networks aren't statically defined because they are in policy-based VPNs or even in route-based VPNs with static routing. Instead, data packets are encrypted based on network routing tables that are created dynamically using routing protocols such as Border Gateway Protocol (BGP).
 
 Azure VPN gateways only support the use pre-shared key method of authentication. Both route-based and policy-based types also rely on Internet Key Exchange (IKE) in either version 1 or version 2 and Internet Protocol Security (IPsec). IKE is used to set up a security association (an agreement of the encryption) between two endpoints. This association is then passed to the IPsec suite, which encrypts and decrypts data packets encapsulated in the VPN tunnel.
 
@@ -55,14 +55,14 @@ When you create a virtual network gateway, you need to specify a gateway SKU. Yo
 | VpnGw2/Az | 30 | 1 Gbps | Supported |
 | VpnGw3/Az  | 30 | 1.25 Gbps | Supported |
 
-This table shows Generation1 SKUs. When working with Generation1 SKUs, you can migrate between the VpnGw1, VpnGw2, and VpnGw3 SKUs as necessary. You cannot migrate from the Basic SKU without removing and redeploying the VPN gateway. You can also create VPN gateways using Generation 2 SKUs. For the latest information about SKUs, throughput, and supported features, reference the links in the Summary section of this module.
+This table shows Generation1 SKUs. When working with Generation1 SKUs, you can migrate between the VpnGw1, VpnGw2, and VpnGw3 SKUs as necessary. You can't migrate from the Basic SKU without removing and redeploying the VPN gateway. You can also create VPN gateways using Generation 2 SKUs. For the latest information about SKUs, throughput, and supported features, reference the links in the Summary section of this module.
 
 ## VPN gateway requirements
 
 The following Azure resources need to be present before you can deploy an operational VPN gateway:
 
 - **Virtual network**: An Azure virtual network with enough address space for the additional subnet that you'll need for the VPN gateway. The address space for this virtual network must not overlap with the on-premises network to which you'll be connecting.
-- **GatewaySubnet**: A subnet called GatewaySubnet for the VPN gateway. Requires at least a /27 address mask. This subnet cannot be used for any other services.
+- **GatewaySubnet**: A subnet called GatewaySubnet for the VPN gateway. Requires at least a /27 address mask. This subnet can't be used for any other services.
 - **Public IP address**: A Basic-SKU dynamic public IP address if using a non-zone-aware gateway. This address provides a public-routable IP address as the target for your on-premises VPN device. This IP address is dynamic, but it won't change unless you delete and re-create the VPN gateway.
 - **Local network gateway**: Create a local network gateway to define the on-premises network's configuration, where the VPN gateway will connect and to what it will connect. This configuration includes the on-premises VPN device's public IPv4 address and the on-premises routable networks. This information is used by the VPN gateway to route packets that are destined for on-premises networks through the IPsec tunnel.
 

learn-pr/azure/intro-to-azure-vpn-gateway/includes/4-vpn-gateway-scenarios.md

@@ -13,7 +13,7 @@ Because Adatum is likely to deploy more subnets on its virtual networks and to a
 
 ## When not to use Azure VPN Gateway
 
-Azure VPN Gateway is not always the best solution for connecting an on-premises environment to the cloud. Azure ExpressRoute is a dedicated, high-speed private connection between an on-premises network and Microsoft cloud services, including Microsoft Azure and Microsoft 365. Azure ExpressRoute is most suitable for organizations that need to quickly and reliably transfer large volumes of data between their on-premises workload and their cloud workload.
+Azure VPN Gateway isn't always the best solution for connecting an on-premises environment to the cloud. Azure ExpressRoute is a dedicated, high-speed private connection between an on-premises network and Microsoft cloud services, including Microsoft Azure and Microsoft 365. Azure ExpressRoute is most suitable for organizations that need to quickly and reliably transfer large volumes of data between their on-premises workload and their cloud workload.
 
 Adatum should choose Azure ExpressRoute over Azure VPN Gateway as a method of connecting your on-premises environment to Azure if the following factors are true: