az network vnet-gateway vpn-client ipsec-policy
Manage the VPN client connection ipsec-policy for P2S client connection of the virtual network gateway.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az network vnet-gateway vpn-client ipsec-policy set |
Set the VPN client connection ipsec policy per P2S client connection of the virtual network gateway. |
Core | Preview |
| az network vnet-gateway vpn-client ipsec-policy show |
Get the VPN client connection ipsec policy per P2S client connection of the virtual network gateway. |
Core | Preview |
| az network vnet-gateway vpn-client ipsec-policy wait |
Place the CLI in a waiting state until a condition is met. |
Core | GA |
az network vnet-gateway vpn-client ipsec-policy set
This command is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Set the VPN client connection ipsec policy per P2S client connection of the virtual network gateway.
az network vnet-gateway vpn-client ipsec-policy set --dh-group {DHGroup1, DHGroup14, DHGroup2, DHGroup2048, DHGroup24, ECP256, ECP384, None}
--ike-encryption {AES128, AES192, AES256, DES, DES3, GCMAES128, GCMAES256}
--ike-integrity {GCMAES128, GCMAES256, MD5, SHA1, SHA256, SHA384}
--ipsec-encryption {AES128, AES192, AES256, DES, DES3, GCMAES128, GCMAES192, GCMAES256, None}
--ipsec-integrity {GCMAES128, GCMAES192, GCMAES256, MD5, SHA1, SHA256}
--pfs-group {ECP256, ECP384, None, PFS1, PFS14, PFS2, PFS2048, PFS24, PFSMM}
--sa-lifetime
--sa-max-size
[--ids]
[--name]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--resource-group]
[--subscription]Examples
Set the VPN client connection ipsec policy per P2S client connection of the virtual network gateway.
az network vnet-gateway vpn-client ipsec-policy set -g MyResourceGroup -n MyVnetGateway --dh-group DHGroup14 --ike-encryption AES256 --ike-integrity SHA384 --ipsec-encryption DES3 --ipsec-integrity GCMAES256 --pfs-group PFS2048 --sa-lifetime 27000 --sa-max-size 102400000Required Parameters
The DH Groups used for initial SA.
| Property | Value |
|---|---|
| Parameter group: | IKE Phase 1 Arguments |
| Accepted values: | DHGroup1, DHGroup14, DHGroup2, DHGroup2048, DHGroup24, ECP256, ECP384, None |
The IKE encryption algorithm.
| Property | Value |
|---|---|
| Parameter group: | IKE Phase 2 Arguments |
| Accepted values: | AES128, AES192, AES256, DES, DES3, GCMAES128, GCMAES256 |
The IKE integrity algorithm.
| Property | Value |
|---|---|
| Parameter group: | IKE Phase 2 Arguments |
| Accepted values: | GCMAES128, GCMAES256, MD5, SHA1, SHA256, SHA384 |
The IPSec encryption algorithm.
| Property | Value |
|---|---|
| Parameter group: | IKE Phase 1 Arguments |
| Accepted values: | AES128, AES192, AES256, DES, DES3, GCMAES128, GCMAES192, GCMAES256, None |
The IPSec integrity algorithm.
| Property | Value |
|---|---|
| Parameter group: | IKE Phase 1 Arguments |
| Accepted values: | GCMAES128, GCMAES192, GCMAES256, MD5, SHA1, SHA256 |
The Pfs Groups used for new child SA.
| Property | Value |
|---|---|
| Parameter group: | IKE Phase 2 Arguments |
| Accepted values: | ECP256, ECP384, None, PFS1, PFS14, PFS2, PFS2048, PFS24, PFSMM |
The lifetime in seconds for P2S client.
| Property | Value |
|---|---|
| Parameter group: | Security Association Arguments |
The payload size in KB for P2S client.
| Property | Value |
|---|---|
| Parameter group: | Security Association Arguments |
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of the VNet gateway.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network vnet-gateway vpn-client ipsec-policy show
This command is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Get the VPN client connection ipsec policy per P2S client connection of the virtual network gateway.
az network vnet-gateway vpn-client ipsec-policy show [--ids]
[--name]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--resource-group]
[--subscription]Examples
Get the VPN client connection ipsec policy per P2S client connection of the virtual network gateway.
az network vnet-gateway vpn-client ipsec-policy show -g MyResourceGroup -n MyVnetGatewayOptional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of the VNet gateway.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network vnet-gateway vpn-client ipsec-policy wait
Place the CLI in a waiting state until a condition is met.
az network vnet-gateway vpn-client ipsec-policy wait [--created]
[--custom]
[--deleted]
[--exists]
[--ids]
[--interval]
[--name]
[--resource-group]
[--subscription]
[--timeout]
[--updated]Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Wait until created with 'provisioningState' at 'Succeeded'.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
Wait until deleted.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Wait until the resource exists.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Polling interval in seconds.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | 30 |
Name of the VNet gateway.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Maximum wait in seconds.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | 3600 |
Wait until updated with provisioningState at 'Succeeded'.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
