Last active
July 25, 2025 20:28
-
-
Save dmauser/dcb8c5b7ce52a4f1536dd7b2d4045609 to your computer and use it in GitHub Desktop.
Sample AZ VNG VPN deployment on non-AZ region
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Variables | |
| rg=lab-vpngw | |
| gwname=az-vng-vpn | |
| gwsize=VpnGw1AZ | |
| asn=65515 | |
| vnet=hub-vnet | |
| location=westus | |
| addressprefix=10.0.0.0/24 | |
| mainprefix=10.0.0.0/27 | |
| gwsubnetprefix=10.0.0.32/27 | |
| #Create Resource Group | |
| echo "Creating Resource Group: $rg in location: $location" | |
| az group create --name $rg --location $location -o none | |
| #Create a VNet and Gateway subnet | |
| echo "Creating vNet and VPN Gateway Subnet" | |
| az network vnet create \ | |
| --name $vnet \ | |
| --address-prefixes $addressprefix \ | |
| --resource-group $rg \ | |
| --location $location \ | |
| --subnet-name main \ | |
| --subnet-prefixes $mainprefix \ | |
| --output none | |
| # GatewaySubnet | |
| # Create GatewaySubnet | |
| az network vnet subnet create \ | |
| --name GatewaySubnet \ | |
| --resource-group $rg \ | |
| --vnet-name $vnet \ | |
| --address-prefix $gwsubnetprefix \ | |
| --output none | |
| # Create Public IP: | |
| echo "Creating Public IP for VPN Gateway: $gwname-pip1" | |
| az network public-ip create --name $gwname-pip1 --resource-group $rg --sku Standard -o none | |
| # Create the Virtual Network Gateway | |
| echo "Creating VPN Gateway: $gwname with size: $gwsize" | |
| az network vnet-gateway create \ | |
| --name $gwname \ | |
| --public-ip-addresses $gwname-pip1 \ | |
| --resource-group $rg \ | |
| --vnet $vnet \ | |
| --gateway-type Vpn \ | |
| --vpn-type RouteBased \ | |
| --sku $gwsize \ | |
| --asn $asn \ | |
| --no-wait \ | |
| --location $location \ | |
| --output none | |
| # Loop script to validate when vng gateway is created | |
| while true; do | |
| status=$(az network vnet-gateway show --name $gwname --resource-group $rg --query provisioningState -o tsv) | |
| if [ "$status" == "Succeeded" ]; then | |
| echo "VPN Gateway $gwname is successfully created." | |
| break | |
| else | |
| echo "Waiting for VPN Gateway $gwname to be created..." | |
| sleep 30 | |
| fi | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment