1

I'm using ARM template to create:

  • virtual private network
  • gateway
  • public ip for gateway

According to all tutorials, I'm trying to create subnet for a gateway and then attach this gateway to subnet by id. Unfortunately I'm getting quite strange error response: 

   {
        "error": {
            "code": "InvalidTemplateDeployment",
            "message": "The template deployment 'shared' is not valid according to the validation procedure. The tracking id is '01a1ff01-14ec-4dd3-93f7-5392aca02532'. See inner errors for details. Please see https://aka.ms/arm-deploy     for usage details.",
            "details": [
                {
                    "code": "GatewaySubnet",
                    "message": "Subnet with name 'GatewaySubnet' can be used only for the Gateway resource.",
                    "details": []
                }
            ]
        }
    }

I want to create this subnet to be used by gateway. Later in template this gateway is referencing this subnet. I couldn't find anything suspicious..

Here's the template (the whole template is much bigger but I've hopefully extracted only network-related info). If you need anything more please let me know. I didn't specify everything but I hope that's enough. 

   {
      "apiVersion": "2016-03-30",
      "type": "Microsoft.Network/virtualNetworks",
      "name": "[parameters('networkSettings').virtualNetworkName]",
      "location": "[resourceGroup().location]",
      "properties": {
        "addressSpace": {
          "addressPrefixes": [
            "[parameters('networkSettings').addressPrefix]"
          ]
        },
        "subnets": [
          {
            "name": "[parameters('networkSettings').subnet.master.name]",
            "properties": {
              "addressPrefix": "[parameters('networkSettings').subnet.master.prefix]"
            }
          },
          {  
            "name":"GatewaySubnet",
             "properties":{  
                "addressPrefix":"[parameters('networkSettings').subnet.gateway.prefix]"
              }
          }
        ]
      }
    },
    {  
      "apiVersion":"2016-03-30",
      "type":"Microsoft.Network/publicIPAddresses",
      "name":"[parameters('networkSettings').subnet.gateway.publicIp]",
      "location":"[resourceGroup().location]",
      "properties":{  
         "publicIPAllocationMethod":"Dynamic"
      }
    },
{  
    "apiVersion": "2016-03-30",
    "type":"Microsoft.Network/networkInterfaces",
    "name":"[parameters('networkSettings').subnet.gateway.name]",
    "location":"[resourceGroup().location]",
    "dependsOn":[  
       "[concat('Microsoft.Network/publicIPAddresses/', parameters('networkSettings').subnet.gateway.publicIp)]",
       "[concat('Microsoft.Network/virtualNetworks/', parameters('networkSettings').virtualNetworkName)]"
    ],
    "properties":{  
       "ipConfigurations":[  
          {  
             "properties":{  
                "privateIPAllocationMethod":"Dynamic",
                "subnet":{
                   "id":"[variables('gatewaySubnetRef')]"
                },
                "publicIPAddress":{  
                   "id":"[resourceId('Microsoft.Network/publicIPAddresses',parameters('networkSettings').subnet.gateway.publicIp)]"
                }
             },
             "name":"vnetGatewayConfig"
          }
    ],
    "sku": {
      "name": "[parameters('networkSettings').subnet.gateway.sku]",
      "tier": "[parameters('networkSettings').subnet.gateway.sku]"
      },            
    "gatewayType":"Vpn",
    "vpnType":"RouteBased",
    "enableBgp":"false",
    "vpnClientConfiguration":{  
       "vpnClientAddressPool":{  
          "addressPrefixes":[  
             "[parameters('networkSettings').subnet.gateway.vpnClientAddressPoolPrefix]"
          ]
       },
       "vpnClientRootCertificates":[  
          {  
             "name": "[parameters('networkSettings').subnet.gateway.clientRootCertName]",
             "properties":{
                "PublicCertData": 
                "[parameters('networkSettings').subnet.gateway.clientRootCertData]"
             }
          }
       ]
     }
    }
}
Tomasz Gawlik
  • 333
  • 1
  • 5
  • 16

1 Answers1

0

Half way through the template you have got a network interface and PIP being assigned to the gatewaySubnet 

"properties":{  
    "privateIPAllocationMethod":"Dynamic",
    "subnet":{
       "id":"[variables('gatewaySubnetRef')]"
    },
    "publicIPAddress":{  
       "id":"[resourceId('Microsoft.Network/publicIPAddresses',parameters('networkSettings').subnet.gateway.publicIp)]"
    }

The deployment is failing because it is only expecting to have the VPN gateway in that subnet. I presume you were meaning to put the "[parameters('networkSettings').subnet.master.prefix]" there instead.

There is no need to create a public IP for the gateway it has one by default.

Michael B
  • 11,887
  • 6
  • 38
  • 74
  • I was referring to the example from: https://github.com/Azure/azure-quickstart-templates/blob/f16ae43e7d52001942fc70821ce89c16857448cf/101-point-to-site/azuredeploy.json There is a gateway which has publicIPAddress: `gatewayPublicIPName`. Just above the same name is used to create publicIPAddress. But I'll try without publicId now. Will it be dynamic by default ? – Tomasz Gawlik Jun 24 '16 at 13:01