Do something like this.
Azure VPN jitter is hilarious anyway.
Exactly what I do! Works a treat.
Holy crap! That’s genius!!!
Not a bad idea. I assume you only maintain the 2 network interfaces though right? I’ve been struggling to find a way to get 3 interfaces on a VM size - trust, untrust and management.
That’s a relief on one hand as our small business customers would have little patience for this kind of sudden hike, and though everyone is kindly providing alternatives e.g Wireguard and Opnsense that’s a bit more of a project than we’re willing to take on to migrate several hundred customers over to a 3rd party product with an unknown level of support.
On the other hand it puts my ticket in a dire state as both myself and the support rep have gotten mightily stuck with a VPN that runs at barely a twentieth of its advertised speed. The only other symptom we’ve found is it’s running very high on CPU utilisation, which makes no sense when even a single user downloading one file from the VM at the other end of the VPN can slow it to a crawl. I’m wondering if the infrastructure work you mentioned could be a factor.
Thank you for being willing to come out of the shadows and clear this up so directly and quickly. We appreciate you folks!
Is the backend change still underway? I’m currently not seeing the basic SKU in the portal.
are you sure? I just tried creating one with powershell (sku = basic) and I get this in return: New-AzVirtualNetworkGateway: Virtual network gateway Sku specified is not valid for gateway /subscriptions//resourceGroups//providers/Microsoft.Network/virtualNetworkGateways/ with DeploymentType VMScaleSet. The allowed Skus are VpnGw1AZ,VpnGw2AZ,VpnGw3AZ,VpnGw4AZ,VpnGw5AZ,VpnGw1,VpnGw2,VpnGw3,VpnGw4,VpnGw5.
StatusCode: 400
ReasonPhrase: Bad Request
ErrorCode: InvalidGatewaySkuSpecifiedForGatewayDeploymentType
Edit: seems they are being deprecated: https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-skus-legacy
Edit 2: seems it had to do with a different kind of PIP, when choosing Basic and dynmic allocated it seems to now run the command…
Cloud providers are basically drug dealers
This! You forgot, “and offer subpar service and support where you don’t matter and it’s never their fault.”
It has some rough areas. But agree, it’s a pretty cheap alternative.
No we have an existing VNG which is poorly performing, one of our ideas was to delete and recreate the VNG to see if that would fix it, that’s when we found the deployment option from the portal was gone and it has to be done via Powershell now, which we did and it made no difference.
When we queried as part of the ticket we raised later they told us the SKU is to be retired, explaining why they’re hiding it from the portal.
If you’re still paying for it, it’s still supported.
Hey OP, If you would be willing to DM me the Support case number, I’m also an FTE whose job is to focus on our support experience, I’ll look into the case number see what I can do to get it moving along.
Not my experience at all. Now we are not small and we have dedicated support but everything we have is very performative. We are very happy with our Azure products.
Can get far on the free tier. Bet it runs fine on an A1 or similar. Mine runs on a raspberry pi and can stream video 
oh would love to keep you in the loop now and then, as the support experience is … well … very bad at the moment :
I’m glad that is working for you. Are you using PaaS services or VMs? I have found VMs to be mostly stable. But PaaS things are a disaster and network issues are even more so. Per Microsoft “we do not log packet/flow details due to volume and customer privacy/compliance so our ability to know precise details after the fact is not possible” means if you have a competing workload that causes extreme packet loss they don’t have the visibility to tell you what is going on and properly move workloads away from the noise. Just “build it in a different region” and run active/active is the solution as you’re not able to catch a packet capture with the tools they provide on PaaS things. By the time you get escalated, which takes weeks if not months the noise is gone. To return at a later date.