There is a bug in the Azure Portal that prevents you from selecting a virtual network when you pick the Basic Tier of the virtual network gateway, and you are forced into selecting the more expensive VpnGw1. I’ll show you how to workaround this bug in this post.
I recently ran a hands-on Azure class in London. Part of the class required deploying & configuring a VPN gateway in the West Europe region. I always use the Basic tier because:
- It’s cheaper – $26.79 for Basic versus $141.36 for VpnGw1 per month
- That’s what most (by a long shot) of my customers deploy in production because it meets their needs.
I’ve had a customer in Northern Ireland report the same problem in North Europe.
The process goes like this:
- You select VPN gateway type
- Select Route-Based
- Select Basic as the SKU
- Then you attempt to select the virtual network that you want to use – it already has a gateway subnet
- You cannot continue because the virtual network is greyed out
The error shown is:
The following issues must be fixed to use this virtual network: The VPN gateway cannot have a basic SKU in order for it to coexist with an existing ExpressRoute gateway.
In all cases so far, the subscriptions have been either brand new CSP/trial subscriptions with no previous resources, or my lab subscription where I’ve used a new virtual network to demonstrate this scenario – and I have never deployed ExpressRoute in any subscription.
Credit where credit is due – some of my attendees last week figured out how to beat the UI bug.
- Close the Choose Virtual Network blade if it is open.
- Select the VpnGw1 tier gateway in the Create Virtual Network Gateway blade – don’t worry, you won’t be creating it if you don’t want to pay the price.
- Click Choose A Virtual Network
- Select your virtual network
- Change the SKU of the gateway back to Basic
- Finish the wizard
I know – it’s a daft UI bug, but the above workaround works.