Best practices

Azure Virtual Network Gateway with basic sku

Compliance Frameworks


A VPN gateway is a type of virtual network gateway that sends encrypted traffic between your virtual network and your on-premises location across a public connection. Production workloads need to be monitored and should have an SLA with Microsoft. These capabilities will not be available when using Basic SKUs for any deployed product. For more info, see
  • Recommended Mitigation

    It is recommended to upgrade the basic Azure Virtual Network Gateway. Please note that the Basic SKU is a legacy SKU and has feature limitations. In order to move from Basic to another SKU, you must delete the Basic SKU VPN gateway and create a new gateway with the desired Generation and SKU size combination.