Create a Virtual Network Gateway

This guide walks you through the steps to create a Virtual Network Gateway in Azure. Virtual network gateways are used to send network traffic between your Azure Virtual Network and your on-premises networks.

Prerequisites

An active Azure subscription.
A virtual network (VNet) configured in Azure.
A dedicated subnet named GatewaySubnet for the gateway. This subnet must be named exactly GatewaySubnet and cannot contain any other resources.

Steps to Create a Virtual Network Gateway

1. Navigate to Virtual Network Gateways in Azure Portal

Sign in to the Azure portal. In the search bar at the top, type "Virtual network gateways" and select it from the search results.

2. Create a New Gateway

On the "Virtual network gateways" page, click the + Create button.

Azure Portal - Create Virtual Network Gateway Button

Click '+ Create' to start the gateway creation process.

3. Configure Basic Settings

Fill out the following fields in the Basics tab:

Subscription: Select your Azure subscription.
Resource group: Choose an existing resource group or create a new one.
Name: Provide a unique name for your virtual network gateway (e.g., VNetGateway-EastUS).
Region: Select the same region as your virtual network.
Gateway type: Select VPN for Site-to-Site VPN or VNet-to-VNet connections, or ExpressRoute for dedicated private connections. For this guide, we'll assume VPN.
VPN type: Choose RouteBased unless you have specific requirements for PolicyBased.
SKU: Select a SKU that meets your performance and feature requirements. Common choices include VpnGw1, VpnGw2, etc. Higher SKUs offer better performance.
Generation: Usually Generation1 or Generation2. Generation2 offers enhanced performance.
Virtual network: Select the virtual network to which you want to associate the gateway.

Azure Portal - Virtual Network Gateway Basic Settings

Configuring the basic settings for the virtual network gateway.

4. Configure Public IP Address

In the Public IP address tab:

Public IP address name: Create a new public IP address or select an existing one. A new one is recommended for clarity.
Ensure Assignment is set to Dynamic.

Azure Portal - Virtual Network Gateway Public IP Settings

Configuring the public IP address for the gateway.

5. Review and Create

Navigate to the Review + create tab. Azure will validate your configuration. Once validation passes, click the Create button.

The deployment process can take 30-45 minutes or more. You can monitor the deployment progress in the Azure portal notifications.

Important: Ensure that the GatewaySubnet exists in your virtual network before creating the gateway. If it doesn't exist, you will need to create it first.

Next Steps

Once the gateway is deployed, you can proceed to:

Configure a connection to your on-premises network using a Site-to-Site VPN.
Configure a VNet-to-VNet connection to another Azure virtual network.
Configure an ExpressRoute circuit.

For detailed instructions on configuring connections, refer to the respective documentation pages.

Back to Virtual Networks Next: Network Peering