New-AzVpnClientIpsecParameter
This command allows the users to create the Vpn ipsec parameters object specifying one or all values such as IpsecEncryption,IpsecIntegrity,IkeEncryption,IkeIntegrity,DhGroup,PfsGroup to set on the existing VPN gateway.
Syntax
Default (Default)
New-AzVpnClientIpsecParameter
[-SALifeTime <Int32>]
[-SADataSize <Int32>]
[-IpsecEncryption <String>]
[-IpsecIntegrity <String>]
[-IkeEncryption <String>]
[-IkeIntegrity <String>]
[-DhGroup <String>]
[-PfsGroup <String>]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
Description
This command allows the users to create the Vpn ipsec parameters object specifying one or all values such as IpsecEncryption,IpsecIntegrity,IkeEncryption,IkeIntegrity,DhGroup,PfsGroup to set on the existing VPN gateway.
Examples
Example 1
$vpnclientipsecparams1 = New-AzVpnClientIpsecParameter -IpsecEncryption AES256 -IpsecIntegrity SHA256 -SALifeTime 86473 -SADataSize 429498 -IkeEncryption AES256 -IkeIntegrity SHA384 -DhGroup DHGroup2 -PfsGroup PFS2
$setvpnIpsecParams = Set-AzVpnClientIpsecParameter -VirtualNetworkGatewayName $rname -ResourceGroupName $rgname -VpnClientIPsecParameter $vpnclientipsecparams1
New-AzVpnClientIpsecParameter cmdlet is used to create the vpn ipsec parameters object of using the passed one or all parameters' values which user can set for any existing Virtual network gateway in ResourceGroup.
This created VpnClientIPsecParameters object is passed to Set-AzVpnClientIpsecParameter command to set the specified Vpn ipsec custom policy on Virtual network gateway as shown in above example. This command returns object of VpnClientIPsecParameters which shows set parameters.
Parameters
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Parameter properties
Type: IAzureContextContainer
Default value: None Supports wildcards: False DontShow: False Aliases: AzContext, AzureRmContext, AzureCredential
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-DhGroup
The VpnClient DH Groups used in IKE Phase 1 for initial SA.
Parameter properties
Type: String
Default value: None Accepted values: DHGroup24, ECP384, ECP256, DHGroup14, DHGroup2 Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-IkeEncryption
The VpnClient IKE encryption algorithm (IKE Phase 2)
Parameter properties
Type: String
Default value: None Accepted values: GCMAES256, GCMAES128, AES256, AES128 Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-IkeIntegrity
The VpnClient IKE integrity algorithm (IKE Phase 2)
Parameter properties
Type: String
Default value: None Accepted values: SHA384, SHA256 Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-IpsecEncryption
The VpnClient IPSec encryption algorithm (IKE Phase 1)
Parameter properties
Type: String
Default value: None Accepted values: GCMAES256, GCMAES128, AES256, AES128 Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-IpsecIntegrity
The VpnClient IPSec integrity algorithm (IKE Phase 1)
Parameter properties
Type: String
Default value: None Accepted values: GCMAES256, GCMAES128, SHA256 Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-PfsGroup
The VpnClient PFS Groups used in IKE Phase 2 for new child SA
Parameter properties
Type: String
Default value: None Accepted values: PFS24, PFSMM, ECP384, ECP256, PFS14, PFS2, None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-SADataSize
The VpnClient IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB
Parameter properties
Type: Int32
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-SALifeTime
The VpnClient IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds
Parameter properties
Type: Int32
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters .
None
Outputs