# AZ-700 Lab 03 # **M03 - Unit 4: Configure an ExpressRoute Gateway** ## **Exercise Scenario** To connect your Azure virtual network to your on-premises network using ExpressRoute, you must first create a virtual network gateway. A virtual network gateway serves two key purposes: * To exchange IP routes between the networks * To route network traffic between them **Note:** The interactive lab simulations previously available for this exercise have been retired. **Estimated Time:** 60 minutes (includes approximately 45 minutes of deployment wait time) --- ## **Gateway Types** When creating a virtual network gateway, several settings must be configured. One essential setting is `-GatewayType`, which determines whether the gateway is used for ExpressRoute or VPN traffic. The two gateway types are: * **VPN** – Use this gateway type to send encrypted traffic over the public internet. Commonly referred to as a *VPN Gateway*, it supports Site-to-Site, Point-to-Site, and VNet-to-VNet connections. * **ExpressRoute** – Use this gateway type for private, dedicated connections. This is referred to as an *ExpressRoute Gateway* and is specifically used when configuring ExpressRoute. **Note:** Each virtual network can have only one virtual network gateway per gateway type. For example, you can have one gateway with `-GatewayType VPN` and another with `-GatewayType ExpressRoute` in the same virtual network. --- ## **Job Skills** In this lab, you will: * Create a virtual network and gateway subnet * Create a virtual network gateway --- ## **Task 1: Create the VNet and Gateway Subnet** 1. In the Azure portal, in the **Search resources, services, and docs** box, enter `virtual network`, then select **Virtual networks** from the results. 2. On the **Virtual networks** page, select **\+ Create**. 3. In the **Create virtual network** pane, on the **Basics** tab, enter the following values: | Setting | Value | | --- | --- | | Virtual Network Name | CoreServicesVNet | | Resource Group | ContosoResourceGroup | | Location | East US | 4. Select **Next: IP Addresses**. 5. In the **IP Addresses** tab, under *IPv4 address space*, enter: `10.20.0.0/16`, then select **\+ Add subnet**. 6. In the **Add subnet** pane, enter: | Setting | Value | | --- | --- | | Subnet purpose | Virtual Network Gateway | | Gateway Subnet address | 10.20.0.0/27 | *Note:* The subnet name will be auto-filled as `GatewaySubnet`. 7. Select **Add**. 8. On the **Create virtual network** page, select **Review + Create**. 9. After validation passes, select **Create**. **Note:** If you're using a dual-stack virtual network and plan to use IPv6 private peering over ExpressRoute, select **Add IPv6 address space** and enter the required range. --- ## **Task 2: Create the Virtual Network Gateway** 1. In the Azure portal, in **Search resources, services and docs**, enter `virtual network gateway`, then select **Virtual network gateways** from the results. 2. On the **Virtual network gateways** page, select **\+ Create**. 3. In the **Create virtual network gateway** page, use the following configuration: | Setting | Value | | --- | --- | | **Resource Group** | ContosoResourceGroup | | **Name** | CoreServicesVnetGateway | | **Region** | East US | | **Gateway type** | ExpressRoute | | **SKU** | Standard | | **Virtual network** | CoreServicesVNet | | **Public IP address** | Create new | | **Public IP name** | CoreServicesVnetGateway-IP | 4. Select **Review + Create**. 5. After validation, select **Create**. 6. Once deployment completes (this may take up to 45 minutes), select **Go to resource**. --- ## **Extend Your Learning with Copilot** Use Microsoft Copilot to explore more about Azure networking tools and options. Try these prompts in the Edge browser or visit [copilot.microsoft.com](https://copilot.microsoft.com): * *How is Azure ExpressRoute different from Virtual WAN? Can they be used together? Provide examples.* * *What are the key considerations when choosing between ExpressRoute Provider Model and ExpressRoute Direct?* * *Create a comparison table of ExpressRoute SKUs and their features.* --- ## **Learn More with Self-Paced Training** * **Introduction to Azure ExpressRoute** Learn what Azure ExpressRoute is and the functionality it provides. * **Design and Implement ExpressRoute** Understand how to design and implement ExpressRoute, ExpressRoute Global Reach, and ExpressRoute FastPath. --- ## **Key Takeaways** * **Azure ExpressRoute** enables private, dedicated connections between your on-premises network and Azure/Microsoft 365 services. * Microsoft guarantees **99.95% availability** for ExpressRoute connections. * Traffic travels over a private, dedicated circuit—third parties cannot intercept the traffic. * ExpressRoute connections can be established through four models: * CloudExchange Co-location * Point-to-Point Ethernet * Any-to-Any (IPVPN) * ExpressRoute Direct * ExpressRoute features are determined by the **SKU**: Local, Standard, and Premium.