How can we improve Azure Networking?

Stop/Start Virtual Network Gateway - to don't pay when it not in use

There are two charges related to the Azure VPN service: the compute resource charge at $0.05/hour, and the egress data volume charge. Both are based on resource consumption, Unfortunately, even if the VPN tunnels are not connected, the gateway compute resource is still being consumed and will cost ~$38 monthly!
This is not really "Pay only for what you use".

Need functionality to “STOP” (and of course "START") a gateway if the customer is certain that the gateway will not be in use.

1,486 votes
Sign in
Sign in with: oidc
Signed in as (Sign out)
You have left! (?) (thinking…)
VlaR shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →


Sign in
Sign in with: oidc
Signed in as (Sign out)
  • Patrick Wingert commented  ·   ·  Flag as inappropriate

    Since I am using azure as a teaching lab for myself and others I also want to be able to start/stop the gateway. Until this functionality is added I have cancelled my subscription until this feature is implemented.

  • Maciej commented  ·   ·  Flag as inappropriate

    Come on Microsoft - how is it per hour charge if you charge when the feature is not in use and there is no way to stop it - unlike the VM. In my scenario I have a specific VM that needs to be reachable only during work hours - and that is when I need the VPN. But instead of paying for 8 hrs a day, I pay for 24? That is ridiculous!

  • The Rocksurian commented  ·   ·  Flag as inappropriate

    Not having the "STOP" on a Azure site-to-site VPN really isn't any good for development. We DO NOT need the gateway 24/7 we only need it on during testing. Once it goes LIVE we are happy to pay but the development lab is in a Credit subscription and we keep running out of credit as the gateway literally eats all the credit even though everything is spun down.
    MS come on be fair, we'll pay for it, honest, when we put it LIVE

  • Anonymous commented  ·   ·  Flag as inappropriate

    I have a VPN gateway connected to my on-premises netwirwork. I would like that have no charges if the gateway is disconnected.


  • Graham Bird commented  ·   ·  Flag as inappropriate

    Just to add more backing to this, I have a MSDN that is rendered useless with in 1/2 a month as the credit is used by the two gateways I need to have running to simulate our setup.

    As requested there should be a way to stop these gateways when I dont need them.

  • Андрей Миронов commented  ·   ·  Flag as inappropriate

    I have a VPN gateway to connect to my private VNet outside from Azure. I don't need to maintaint persistent connection from my laptop, but only occasionaly I need to connect to the private VNet, when I need to do something on the database.
    I'd like the ability to stop of turn off gateway when I don't need it to avoid unnecessary charges.

  • Rhys Goodwin commented  ·   ·  Flag as inappropriate

    Come on guys, pick up the pace. This is a basic feature. Imagine if I couldn't stop a VM!

    Azure needs to put more effort into making things accessible(and cheap) for people running labs. After all those are the people who are going to push your product.

    I will now look at powershell to delete and create gateways as I need them. This probably ultimately costs MS more compute cycles overall.


  • Andrew Gabriel commented  ·   ·  Flag as inappropriate

    When creating a development or test environment there really needs to be an option to stop the compute resources on Gateway machines, if you're only going to be using them for a few hours while you test something out. For example, I'm doing some Azure training over the course of a month, so the Gateways are always online regardless of whether or not I'm in a class. While not a lot, based on current consumption I will have used probably £30 of the £95 credit available under a Visual Studio Enterprise with MSDN (MPN) subscription. With regular virtual machines they'll be consuming while I'm actively learning and then they will be shutdown. Therefore my consumption will be in line with actual use. It would be nice to have gateways follow a similar model.

  • Jimmy Killeen commented  ·   ·  Flag as inappropriate

    Any further update on this feature? Really need it implemented to make it feasible for Dev\Test environments.

  • Christoph W. commented  ·   ·  Flag as inappropriate

    So it one and a half year now since this has been suggested and it's still not available.

    This feature is really important and I can't quite imagine the difficulty. We just want to start/stop the gateway temporarilly while not in use so that no costs accumulate while it is offline.

  • Neil B commented  ·   ·  Flag as inappropriate

    I too, would like to know if there has been any progress on this.

    I started using Azure recently to backup my web server and it's databases and have been impressed with it's cost effectiveness.

    I had also planned to use Azure to provide a failover domain controller but in the few days I've spent implementing and testing it, I've been slightly alarmed at the on going cost of the Virtual Network.

    I'd like to see a similar costing model as you have for compute hours where the Gateway Hours are charged only when the gateway is 'ON'. The solution should also persist the ip address and the shared key.

  • Chris commented  ·   ·  Flag as inappropriate

    Is it possible to get an update on if/when this will become available?

    If it is a long way out would you consider fast tracking a feature to allow reserving a static gateway IP. Then we could at least remove and later rebuild/reconfigure the gateway. The static IP is required because we VPN to on-premise hardware which is harder to reconfigure and is also controlled by firewall rules.

  • Chris commented  ·   ·  Flag as inappropriate

    I vote for a feature to Stop / Start a whole gateway. A start command should take no longer than 5 minutes and a gateway should have a persistent static IP.

    I would accept a minimal 'gateway reservation' charge that applies to a stopped gateway because with a stopped gateway we are still using the storage, reserving an IP and there will need to be some process to keep it patched.

  • Stefan de Kooter commented  ·   ·  Flag as inappropriate

    Gateway run hours should not be a separate cost besides the data transfer/connected hours. Since a GW can be deployed multi-tenant there shouldn't be a tenant -specific cost. When running a normal VM we don't pay separately for a hypervisor as well but only for the usage of the resource.
    So make the GW a shared resource, come up with a data transfer rate that covers the cost and scale that thing! offcourse the same goes for P2S VPNs. VPNaaS, not GW-VM-aaS.

Feedback and Knowledge Base