Setting up Azure Site to Site VPN Endpoints can be a real treat sometimes. Recently I was setting up a site to site VPN between two Azure sites. One in the US West data center and the other was in the West Europe data center.
Now the annoyance when setting up a site to site VPN between two Azure sites is that you have to do some stuff in the Azure Portal (manage.windowsazure.com) and some stuff through PowerShell. You have to do this because (as of when I’m writing this) you have to create the dynamic routing gateway in the portal because PowerShell only supports creating a static routing gateway and you have to change the pre-shared key in PowerShell because the “Manage Key” button in PowerShell only supports showing you the key but not changing it.
Well when I was trying to get this setup I was trying to get it done as quickly as possible as I had other stuff to focus on that day. And apparently I wasn’t waiting long enough for the commands which the UI was running to actually finish before trying to run the PowerShell cmdlet Set-AzureVNetGatewayKey to change the pre-shared key. This then ended up causing problems for the commands which the UI had kicked off and the Gateway would only be half created and wouldn’t show up correctly, so I’d drop the gateway and try again.
Long story short I ended up starting the gateway creation then went to dinner. When I came back everything was done, and I could change the pre-shared key and get everything back up and running again without issue.
When creating site to site VPN links between Azure take your time. You’ll spend less time if you slow down than you would otherwise.