How Can I Turn On enableprivateipaddress Flag For Virtual Network Gateway?

0
votes

I'm following these tutorials to enable a site-to-site connection on Windows Azure. I'm trying to connect a VPN to a virtual machine so I can access it via private IP.

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-multi-site-to-site-resource-manager-portal#part3 https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-classic-portal

While creating the connection for the device to the virtual private gateway, I am getting the following error:

Failed to update the configuration for connection
...Error:UseLocalAzureIpAddress cannot be set...virtual network 
gateway...does note have 'EnablePrivateIpAddress' flag set.

enter image description here

Also, I have tried to enable it under Virtual Private Gateway -> Configuration but there is no option for private IP.

Does anyone know how I can enable this either through the Azure portal or powershell?

1
azureazure-virtual-machineazure-powershellazure-virtual-networkazure-vpn

1 Answers

2
votes

As the hint on the right of the Use Azure Private IP Address tab. It's only supported on AZ SKUs. You have to deploy the Zone-redundant VPN gateways to enable this feature.

enter image description here

Also, VpnGw1AZ, VpnGw2AZ, VpnGw3AZ, VpnGw4AZ, and VpnGw5AZ are the zone resilient versions of VpnGw1, VpnGw2, VpnGw3, VpnGw4, and VpnGw5.

Please note that

Zone-redundant gateways and zonal gateways both rely on the Azure public IP resource Standard SKU. The configuration of the Azure public IP resource determines whether the gateway that you deploy is zone-redundant, or zonal. If you create a public IP resource with a Basic SKU, the gateway will not have any zone redundancy, and the gateway resources will be regional.

Reference: https://docs.microsoft.com/en-us/azure/vpn-gateway/about-zone-redundant-vnet-gateways