Q. I deleted my Azure gateway and recreated however it no longer connects to my on-premises gateway, why?
A. A site-to-site VPN gateway between on-premises and Azure consists of a number of configurations. On the Azure side the following must be defined to represent the on-premises environment:
- The "local" network, which includes all the IP address spaces that are used on-premises and help Azure know which traffic, should be sent via the VPN connection instead of out to the Internet.
- The IP address of the on-premises VPN gateway which will be connected to from Azure.
The on-premises side is configured with the IP address space used in the Azure virtual network while the IP address of the Azure gateway and the pre-shared key used for the secure connection between on-premises and Azure. The IP address of the Azure gateway and the pre-shared key are created when the gateway is created in Azure. If you deleted the gateway in Azure and then recreated a new gateway, it is created with a new IP address and a new pre-shared key. Therefore, the reason the site-to-site VPN is no longer working is likely because your on-premises gateway is configured with the wrong Azure IP address and wrong pre-shared key. Update the on-premises gateway with the new Azure gateway IP and pre-shared key and it should work again.