使用 Azure 门户配置 ExpressRoute 的虚拟网络网关Configure a virtual network gateway for ExpressRoute using the Azure portal

本文演示如何为预先存在的 VNet 添加虚拟网络网关。This article walks you through the steps to add a virtual network gateway for a pre-existing VNet. 本文将演示为预先存在的 VNet 添加虚拟网络 (VNet) 网关、重设其大小并进行删除的步骤。This article walks you through the steps to add, resize, and remove a virtual network (VNet) gateway for a pre-existing VNet. 此配置的步骤专用于使用 Resource Manager 部署模型创建的、将在 ExpressRoute 配置中使用的 VNet。The steps for this configuration are specifically for VNets that were created using the Resource Manager deployment model that will be used in an ExpressRoute configuration. 有关 ExpressRoute 的虚拟网络网关和网关配置设置的详细信息,请参阅关于 ExpressRoute 的虚拟网络网关For more information about virtual network gateways and gateway configuration settings for ExpressRoute, see About virtual network gateways for ExpressRoute.

开始之前Before beginning

此任务的步骤使用的 VNet 基于以下配置参考列表中的值。The steps for this task use a VNet based on the values in the following configuration reference list. 我们将此列表用于我们的示例步骤。We use this list in our example steps. 可以复制列表作为参考,并将列表中的值替换为自己的值。You can copy the list to use as a reference, replacing the values with your own.

配置参考列表Configuration reference list

  • 虚拟网络名称 = “TestVNet”Virtual Network Name = "TestVNet"
  • 虚拟网络地址空间 = 192.168.0.0/16Virtual Network address space = 192.168.0.0/16
  • 子网名称 =“FrontEnd”Subnet Name = "FrontEnd"
    • 子网地址范围 =“192.168.1.0/24”Subnet address space = "192.168.1.0/24"
  • 资源组 = “TestRG”Resource Group = "TestRG"
  • 位置=“中国东部”Location = "China East"
  • 网关子网名称:“GatewaySubnet”必须始终将网关子网命名为“GatewaySubnet”。Gateway Subnet name: "GatewaySubnet" You must always name a gateway subnet GatewaySubnet.
    • 网关子网地址空间 = “192.168.200.0/26”Gateway Subnet address space = "192.168.200.0/26"
  • 网关名称 =“ERGW”Gateway Name = "ERGW"
  • 网关公共 IP 名称 =“MyERGWVIP”Gateway Public IP Name = "MyERGWVIP"
  • 网关类型 =“ExpressRoute” ExpressRoute 配置需要此类型。Gateway type = "ExpressRoute" This type is required for an ExpressRoute configuration.

创建网关子网Create the gateway subnet

  1. 门户中,导航到要为其创建虚拟网关的 Resource Manager 虚拟网络。In the portal, navigate to the Resource Manager virtual network for which you want to create a virtual network gateway.

  2. 在 VNet 边栏选项卡的“设置”部分中,单击“子网”以展开“子网”边栏选项卡。In the Settings section of your VNet blade, click Subnets to expand the Subnets blade.

  3. 在“子网”边栏选项卡中,单击“+网关子网”打开“添加子网”边栏选项卡。On the Subnets blade, click +Gateway subnet to open the Add subnet blade.

    添加网关子网Add the gateway subnet

  4. 子网的“名称”自动填充为值“GatewaySubnet”。The Name for your subnet is automatically filled in with the value 'GatewaySubnet'. Azure 需要此值才能识别作为网关子网的子网。This value is required in order for Azure to recognize the subnet as the gateway subnet. 调整自动填充的地址范围值,使其匹配配置要求。Adjust the auto-filled Address range values to match your configuration requirements. 建议使用 /27 或更大(/26、/25 等)创建网关子网。We recommend creating a gateway subnet with a /27 or larger (/26, /25, etc.). 然后,单击“确定”保存这些值并创建网关子网。Then, click OK to save the values and create the gateway subnet.

    添加子网Adding the subnet

创建虚拟网络网关Create the virtual network gateway

  1. 在门户左侧单击 +,并在搜索框中键入“虚拟网关”。In the portal, on the left side, click + and type 'Virtual Network Gateway' in search. 在搜索返回结果中找到“虚拟网络网关”,并单击该条目。Locate Virtual network gateway in the search return and click the entry. 单击“虚拟网络网关”边栏选项卡底部的“创建”。On the Virtual network gateway blade, click Create at the bottom of the blade. 这会打开“创建虚拟网络网关”边栏选项卡。This opens the Create virtual network gateway blade.

  2. 在“创建虚拟网络网关” 边栏选项卡中,填写虚拟网络网关的值。On the Create virtual network gateway blade, fill in the values for your virtual network gateway.

    “创建虚拟网络网关”边栏选项卡字段Create virtual network gateway blade fields

  3. 名称:为网关命名。Name: Name your gateway. 这与为网关子网命名不同。This is not the same as naming a gateway subnet. 它是要创建的网关对象的名称。It's the name of the gateway object you are creating.

  4. 网关类型:选择“ExpressRoute”。Gateway type: Select ExpressRoute.

  5. SKU:从下拉列表中选择网关 SKU。SKU: Select the gateway SKU from the dropdown.

  6. 位置:调整“位置” 字段,使其指向虚拟网络所在的位置。Location: Adjust the Location field to point to the location where your virtual network is located. 如果该位置未指向虚拟网络所在的区域,该虚拟网络将不会显示在“选择虚拟网络”下拉列表中。If the location is not pointing to the region where your virtual network resides, the virtual network doesn't appear in the 'Choose a virtual network' dropdown.

  7. 选择要将此网关添加到其中的虚拟网络。Choose the virtual network to which you want to add this gateway. 单击“虚拟网络”打开“选择虚拟网络”边栏选项卡。Click Virtual network to open the Choose a virtual network blade. 选择 VNet。Select the VNet. 如果看不到 VNet,请确保“位置”字段指向虚拟网络所在的区域。If you don't see your VNet, make sure the Location field is pointing to the region in which your virtual network is located.

  8. 选择公共 IP 地址。Choose a public IP address. 单击“公共 IP 地址”打开“选择公共 IP 地址”边栏选项卡。Click Public IP address to open the Choose public IP address blade. 单击“+新建”打开“创建公共 IP 地址”边栏选项卡。Click +Create New to open the Create public IP address blade. 输入公共 IP 地址的名称。Input a name for your public IP address. 此边栏选项卡会创建一个公共 IP 地址对象,将向其动态分配公共 IP 地址。This blade creates a public IP address object to which a public IP address will be dynamically assigned. 单击“确定” 保存对此边栏选项卡所做的更改。Click OK to save your changes to this blade.

  9. 订阅:确保选择正确的订阅。Subscription: Verify that the correct subscription is selected.

  10. 资源组:此设置取决于所选的虚拟网络。Resource group: This setting is determined by the Virtual Network that you select.

  11. 指定上述设置后请不要调整“位置”。Don't adjust the Location after you've specified the previous settings.

  12. 验证设置。Verify the settings. 如果希望网关显示在仪表板上,可以在边栏选项卡底部选择“固定到仪表板”。If you want your gateway to appear on the dashboard, you can select Pin to dashboard at the bottom of the blade.

  13. 单击“创建” 开始创建网关。Click Create to begin creating the gateway. 此时会验证设置并部署网关。The settings are validated and the gateway deploys. 创建虚拟网络网关可能需要多达 45 分钟才能完成。Creating virtual network gateway can take up to 45 minutes to complete.

后续步骤Next steps

创建 VPN 网关之后,可以将 VNet 链接到 ExpressRoute 线路。After you have created the VPN Gateway, you can link your VNet to an ExpressRoute circuit. 请参阅将虚拟网络链接到 ExpressRoute 线路See Link a Virtual Network to an ExpressRoute circuit.