Follow these instructions to deploy PCG in your Microsoft Azure VNet.

The VNet in which you deploy a PCG can act as a Transit VNet to which other VNets can connect (known as Compute VNets). This VNet can also manage VMs and act as a self-managed VNet.

Follow these instructions to deploy a PCG. If you want to link to an existing Transit VNet, see Link to a Transit VPC or VNet.

Prerequisites

  • Your public cloud accounts must be already added into CSM.
  • The VNet on which you are deploying PCG must have the required subnets appropriately adjusted for High Availability: uplink, downlink, and management.

Procedure

  1. Log in to CSM using an account with the Enterprise Administrator role.
  2. Click Clouds > Azure and go to the VNets tab.
  3. Click a VNet where you want to deploy PCG.
  4. Click Deploy Gateways. The Deploy Primary Gateway wizard opens.
  5. For General Properties, use the following guidelines:
    Option Description
    SSH Public Key Provide an SSH public key that can be validated while deploying PCG. This is required for each PCG deployment.
    Quarantine Policy on the Associated VNet Leave this in the default disabled mode when you first deploy PCG. You can change this value after onboarding VMs. See Manage Quarantine Policy in the NSX-T Data Center Administration Guide for details.
    Local Storage Account

    When you add a Microsoft Azure subscription to CSM, a list of your Microsoft Azure Storage Accounts is available to CSM. Select the Storage Account from the drop-down menu. When proceeding with deploying PCG, CSM copies the publicly available VHD of the PCG into this Storage Account of the selected region.

    Note: If the VHD image has been copied to this storage account in the region already for a previous PCG deployment, then the image is used from this location for subsequent deployments to reduce the overall deployment time.
    VHD URL If you want to use a different PCG image that is not available from the public VMware repository, you can enter the URL of the PCG’s VHD here. The VHD must be present in the same account and region where this VNet is created.
    Note: The VHD must be in the correct URL format. We recommend that you use the Click to copy option in Microsoft Azure.
    Proxy Server Select a proxy server to use for internet-bound traffic from this PCG. The proxy servers are configured in CSM. You can select the same proxy server as CSM if one, or select a different proxy server from CSM, or select No Proxy Server.

    See (Optional) Configure Proxy Servers for details on how to configure proxy servers in CSM.

    Advanced The advanced DNS settings provide flexibility in selecting DNS servers for resolving NSX-T Data Center management components.
    Obtain via Public Cloud Provider's DHCP

    Select this option if you want to use Microsoft Azure DNS settings. This is the default DNS setting if you do not pick either of the options to override it.

    Override Public Cloud Provider's DNS Server Select this option if you want to manually provide the IP address of one or more DNS servers to resolve NSX-T Data Center appliances as well as the workload VMs in this VNet.
    Use Public Cloud Provider's DNS server only for NSX-T Data Center Appliances

    Select this option if you want to use the Microsoft Azure DNS server for resolving the NSX-T Data Center management components. With this setting, you can use two DNS servers: one for PCG that resolves NSX-T Data Center appliances; the other for the VNet that resolves your workload VMs in this VNet.

  6. Click Next.
  7. For Subnets, use the following guidelines:
    Option Description
    Enable HA for NSX Cloud Gateway Select this option to enable High Availability.
    Subnets Select this option to enable High Availability.
    Public IP on Mgmt NIC Select Allocate New IP address to provide a public IP address to the management NIC. You can manually provide the public IP address if you want to reuse a free public IP address.
    Public IP on Uplink NIC Select Allocate New IP address to provide a public IP address to the uplink NIC. You can manually provide the public IP address if you want to reuse a free public IP address.

What to do next

Onboard your workload VMs. See Onboarding and Managing Workload VMs in the NSX-T Data Center Administration Guide for the Day-N workflow.