New-AzVpnConnection
Creates a IPSec connection that connects a VpnGateway to a remote customer branch represented in RM as a VpnSite.
Syntax
ByVpnGatewayNameByVpnSiteObject (Default)
New-AzVpnConnection
-ResourceGroupName <String>
-ParentResourceName <String>
-Name <String>
-VpnSite <PSVpnSite>
[-SharedKey <SecureString>]
[-ConnectionBandwidthInMbps <UInt32>]
[-IpSecPolicy <PSIpsecPolicy>]
[-VpnConnectionProtocolType <String>]
[-EnableBgp]
[-UseLocalAzureIpAddress]
[-UsePolicyBasedTrafficSelectors]
[-VpnSiteLinkConnection <PSVpnSiteLinkConnection[]>]
[-EnableInternetSecurity]
[-RoutingConfiguration <PSRoutingConfiguration>]
[-TrafficSelectorPolicy <PSTrafficSelectorPolicy[]>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
ByVpnGatewayNameByVpnSiteResourceId
New-AzVpnConnection
-ResourceGroupName <String>
-ParentResourceName <String>
-Name <String>
-VpnSiteId <String>
[-SharedKey <SecureString>]
[-ConnectionBandwidthInMbps <UInt32>]
[-IpSecPolicy <PSIpsecPolicy>]
[-VpnConnectionProtocolType <String>]
[-EnableBgp]
[-UseLocalAzureIpAddress]
[-UsePolicyBasedTrafficSelectors]
[-VpnSiteLinkConnection <PSVpnSiteLinkConnection[]>]
[-EnableInternetSecurity]
[-RoutingConfiguration <PSRoutingConfiguration>]
[-TrafficSelectorPolicy <PSTrafficSelectorPolicy[]>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
ByVpnGatewayObjectByVpnSiteObject
New-AzVpnConnection
-ParentObject <PSVpnGateway>
-Name <String>
-VpnSite <PSVpnSite>
[-SharedKey <SecureString>]
[-ConnectionBandwidthInMbps <UInt32>]
[-IpSecPolicy <PSIpsecPolicy>]
[-VpnConnectionProtocolType <String>]
[-EnableBgp]
[-UseLocalAzureIpAddress]
[-UsePolicyBasedTrafficSelectors]
[-VpnSiteLinkConnection <PSVpnSiteLinkConnection[]>]
[-EnableInternetSecurity]
[-RoutingConfiguration <PSRoutingConfiguration>]
[-TrafficSelectorPolicy <PSTrafficSelectorPolicy[]>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
ByVpnGatewayObjectByVpnSiteResourceId
New-AzVpnConnection
-ParentObject <PSVpnGateway>
-Name <String>
-VpnSiteId <String>
[-SharedKey <SecureString>]
[-ConnectionBandwidthInMbps <UInt32>]
[-IpSecPolicy <PSIpsecPolicy>]
[-VpnConnectionProtocolType <String>]
[-EnableBgp]
[-UseLocalAzureIpAddress]
[-UsePolicyBasedTrafficSelectors]
[-VpnSiteLinkConnection <PSVpnSiteLinkConnection[]>]
[-EnableInternetSecurity]
[-RoutingConfiguration <PSRoutingConfiguration>]
[-TrafficSelectorPolicy <PSTrafficSelectorPolicy[]>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
ByVpnGatewayResourceIdByVpnSiteObject
New-AzVpnConnection
-ParentResourceId <String>
-Name <String>
-VpnSite <PSVpnSite>
[-SharedKey <SecureString>]
[-ConnectionBandwidthInMbps <UInt32>]
[-IpSecPolicy <PSIpsecPolicy>]
[-VpnConnectionProtocolType <String>]
[-EnableBgp]
[-UseLocalAzureIpAddress]
[-UsePolicyBasedTrafficSelectors]
[-VpnSiteLinkConnection <PSVpnSiteLinkConnection[]>]
[-EnableInternetSecurity]
[-RoutingConfiguration <PSRoutingConfiguration>]
[-TrafficSelectorPolicy <PSTrafficSelectorPolicy[]>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
ByVpnGatewayResourceIdByVpnSiteResourceId
New-AzVpnConnection
-ParentResourceId <String>
-Name <String>
-VpnSiteId <String>
[-SharedKey <SecureString>]
[-ConnectionBandwidthInMbps <UInt32>]
[-IpSecPolicy <PSIpsecPolicy>]
[-VpnConnectionProtocolType <String>]
[-EnableBgp]
[-UseLocalAzureIpAddress]
[-UsePolicyBasedTrafficSelectors]
[-VpnSiteLinkConnection <PSVpnSiteLinkConnection[]>]
[-EnableInternetSecurity]
[-RoutingConfiguration <PSRoutingConfiguration>]
[-TrafficSelectorPolicy <PSTrafficSelectorPolicy[]>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Creates a IPSec connection that connects a VpnGateway to a remote customer branch represented in RM as a VpnSite.
Examples
Example 1
New-AzResourceGroup -Location "West US" -Name "testRG"
$virtualWan = New-AzVirtualWan -ResourceGroupName testRG -Name myVirtualWAN -Location "West US"
$virtualHub = New-AzVirtualHub -VirtualWan $virtualWan -ResourceGroupName "testRG" -Name "westushub" -AddressPrefix "10.0.0.1/24"
New-AzVpnGateway -ResourceGroupName "testRG" -Name "testvpngw" -VirtualHubId $virtualHub.Id -VpnGatewayScaleUnit 2
$vpnGateway = Get-AzVpnGateway -ResourceGroupName "testRG" -Name "testvpngw"
$vpnSiteAddressSpaces = New-Object string[] 2
$vpnSiteAddressSpaces[0] = "192.168.2.0/24"
$vpnSiteAddressSpaces[1] = "192.168.3.0/24"
$vpnSite = New-AzVpnSite -ResourceGroupName "testRG" -Name "testVpnSite" -Location "West US" -VirtualWan $virtualWan -IpAddress "1.2.3.4" -AddressSpace $vpnSiteAddressSpaces -DeviceModel "SomeDevice" -DeviceVendor "SomeDeviceVendor" -LinkSpeedInMbps "10"
New-AzVpnConnection -ResourceGroupName $vpnGateway.ResourceGroupName -ParentResourceName $vpnGateway.Name -Name "testConnection" -VpnSite $vpnSite -ConnectionBandwidthInMbps 20
RemoteVpnSite : Microsoft.Azure.Commands.Network.Models.PSResourceId
SharedKey :
VpnConnectionProtocolType : IKEv2
ConnectionStatus :
EgressBytesTransferred : 0
IngressBytesTransferred : 0
IpsecPolicies : {}
ConnectionBandwidth : 20
EnableBgp : False
UseLocalAzureIpAddress : False
ProvisioningState : testConnection
Name : ps9709
Etag : W/"4580a2e2-2fab-4cff-88eb-92013a76b5a8"
Id : /subscriptions/{subscriptionId}/resourceGroups/testRg/providers/Microsoft.Network/vpnGateways/testvpngw/vpnConnections/testConnection
RoutingConfiguration : {
"AssociatedRouteTable": {
"Id": "/subscriptions/{subscriptionId}/resourceGroups/testRg/providers/Microsoft.Network/virtualHubs/westushub/hubRouteTables/defaultRouteTable"
}
"PropagatedRouteTables": {
"Labels": [],
"Ids": [
{
"Id": "/subscriptions/{subscriptionId}/resourceGroups/testRg/providers/Microsoft.Network/virtualHubs/westushub/hubRouteTables/defaultRouteTable"
}
]
},
"VnetRoutes": {
"StaticRoutes": []
}
}
The above will create a resource group, Virtual WAN, Virtual Network, Virtual Hub and a VpnSite in West US in "testRG" resource group in Azure.
A VPN gateway will be created thereafter in the Virtual Hub with 2 scale units.
Once the gateway has been created, it is connected to the VpnSite using the New-AzVpnConnection command.
Example 2
New-AzResourceGroup -Location "West US" -Name "testRG"
$virtualWan = New-AzVirtualWan -ResourceGroupName testRG -Name myVirtualWAN -Location "West US"
$virtualHub = New-AzVirtualHub -VirtualWan $virtualWan -ResourceGroupName "testRG" -Name "westushub" -AddressPrefix "10.0.0.1/24"
New-AzVpnGateway -ResourceGroupName "testRG" -Name "testvpngw" -VirtualHubId $virtualHub.Id -VpnGatewayScaleUnit 2
$vpnGateway = Get-AzVpnGateway -ResourceGroupName "testRG" -Name "testvpngw"
$vpnSiteAddressSpaces = New-Object string[] 2
$vpnSiteAddressSpaces[0] = "192.168.2.0/24"
$vpnSiteAddressSpaces[1] = "192.168.3.0/24"
$vpnSiteLink1 = New-AzVpnSiteLink -Name "testVpnSiteLink1" -IpAddress "15.25.35.45" -LinkProviderName "SomeTelecomProvider" -LinkSpeedInMbps "10"
$vpnSiteLink2 = New-AzVpnSiteLink -Name "testVpnSiteLink2" -IpAddress "15.25.35.55" -LinkProviderName "SomeTelecomProvider2" -LinkSpeedInMbps "100"
$vpnSite = New-AzVpnSite -ResourceGroupName "testRG" -Name "testVpnSite" -Location "West US" -VirtualWan $virtualWan -AddressSpace $vpnSiteAddressSpaces -DeviceModel "SomeDevice" -DeviceVendor "SomeDeviceVendor" -VpnSiteLink @($vpnSiteLink1, $vpnSiteLink2)
$vpnSiteLinkConnection1 = New-AzVpnSiteLinkConnection -Name "testLinkConnection1" -VpnSiteLink $vpnSite.VpnSiteLinks[0] -ConnectionBandwidth 100
$vpnSiteLinkConnection2 = New-AzVpnSiteLinkConnection -Name "testLinkConnection2" -VpnSiteLink $vpnSite.VpnSiteLinks[1] -ConnectionBandwidth 10
New-AzVpnConnection -ResourceGroupName $vpnGateway.ResourceGroupName -ParentResourceName $vpnGateway.Name -Name "testConnection" -VpnSite $vpnSite -VpnSiteLinkConnection @($vpnSiteLinkConnection1, $vpnSiteLinkConnection2)
The above will create a resource group, Virtual WAN, Virtual Network, Virtual Hub and a VpnSite with 1 VpnSiteLinks in West US in "testRG" resource group in Azure.
A VPN gateway will be created thereafter in the Virtual Hub.
Once the gateway has been created, it is connected to the VpnSite using the New-AzVpnConnection command with 1 VpnSiteLinkConnections to the VpnSiteLink of the VpnSite.
Parameters
-AsJob
Run cmdlet in the background
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: cf
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ConnectionBandwidthInMbps
The bandwidth that needs to be handled by this connection in mbps.
Parameter properties
Type: UInt32
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Parameter properties
Type: IAzureContextContainer
Default value: None Supports wildcards: False DontShow: False Aliases: AzContext, AzureRmContext, AzureCredential
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-EnableBgp
Enable BGP for this connection
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-EnableInternetSecurity
Enable internet security for this connection
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-IpSecPolicy
The bandwidth that needs to be handled by this connection in mbps.
Parameter properties
Type: PSIpsecPolicy
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Name
The resource name.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False Aliases: ResourceName, VpnConnectionName
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ParentObject
The parent VpnGateway for this connection.
Parameter properties
Type: PSVpnGateway
Default value: None Supports wildcards: False DontShow: False Aliases: ParentVpnGateway, VpnGateway
Parameter sets
ByVpnGatewayObjectByVpnSiteObject
Position: Named Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
ByVpnGatewayObjectByVpnSiteResourceId
Position: Named Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
-ParentResourceId
The resource id of the parent VpnGateway for this connection.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False Aliases: ParentVpnGatewayId, VpnGatewayId
Parameter sets
ByVpnGatewayResourceIdByVpnSiteObject
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: True Value from remaining arguments: False
ByVpnGatewayResourceIdByVpnSiteResourceId
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: True Value from remaining arguments: False
-ParentResourceName
The resource group name.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False Aliases: ParentVpnGatewayName, VpnGatewayName
Parameter sets
ByVpnGatewayNameByVpnSiteObject
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByVpnGatewayNameByVpnSiteResourceId
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ResourceGroupName
The resource group name.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ByVpnGatewayNameByVpnSiteObject
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByVpnGatewayNameByVpnSiteResourceId
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-RoutingConfiguration
Routing configuration for this connection
Parameter properties
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-SharedKey
The shared key required to set this connection up.
Parameter properties
Type: SecureString
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-TrafficSelectorPolicy
A list of Traffic Selector policies.
Parameter properties
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: True Value from remaining arguments: False
-UseLocalAzureIpAddress
Use local azure ip address as source address while initiating connection.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-UsePolicyBasedTrafficSelectors
Use policy based traffic selectors for this connection.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-VpnConnectionProtocolType
Gateway connection protocol:IKEv1/IKEv2
Parameter properties
Type: String
Default value: None Accepted values: IKEv1, IKEv2 Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-VpnSite
The remote vpn site to which this hub virtual network connection is connected.
Parameter properties
Type: PSVpnSite
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ByVpnGatewayNameByVpnSiteObject
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByVpnGatewayObjectByVpnSiteObject
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByVpnGatewayResourceIdByVpnSiteObject
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-VpnSiteId
The remote vpn site to which this hub virtual network connection is connected.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ByVpnGatewayNameByVpnSiteResourceId
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByVpnGatewayObjectByVpnSiteResourceId
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ByVpnGatewayResourceIdByVpnSiteResourceId
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-VpnSiteLinkConnection
The list of VpnSiteLinkConnections that this VpnConnection have.
Parameter properties
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: wi
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters .
Outputs
