New-AzVpnGatewayNatRule
Creates a NAT rule on a VpnGateway which can be associated with VpnSiteLinkConnection.
Syntax
New-AzVpnGatewayNatRule
-ResourceGroupName <String>
-ParentResourceName <String>
-Name <String>
[-Type <String>]
[-Mode <String>]
-InternalMapping <String[]>
-ExternalMapping <String[]>
[-InternalPortRange <String[]>]
[-ExternalPortRange <String[]>]
[-IpConfigurationId <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzVpnGatewayNatRule
-ParentObject <PSVpnGateway>
-Name <String>
[-Type <String>]
[-Mode <String>]
-InternalMapping <String[]>
-ExternalMapping <String[]>
[-InternalPortRange <String[]>]
[-ExternalPortRange <String[]>]
[-IpConfigurationId <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzVpnGatewayNatRule
-ParentResourceId <String>
-Name <String>
[-Type <String>]
[-Mode <String>]
-InternalMapping <String[]>
-ExternalMapping <String[]>
[-InternalPortRange <String[]>]
[-ExternalPortRange <String[]>]
[-IpConfigurationId <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
Creates a NAT rule on a VpnGateway which can be associated with VpnGateway.
Examples
Example 1
New-AzResourceGroup -Location "West US" -Name "testRG"
$virtualWan = New-AzVirtualWan -ResourceGroupName testRG -Name myVirtualWAN -Location "West US"
$virtualHub = New-AzVirtualHub -VirtualWan $virtualWan -ResourceGroupName "testRG" -Name "westushub" -AddressPrefix "10.0.0.1/24"
New-AzVpnGateway -ResourceGroupName "testRG" -Name "testvpngw" -VirtualHubId $virtualHub.Id -VpnGatewayScaleUnit 2
$vpnGateway = Get-AzVpnGateway -ResourceGroupName "testRG" -Name "testvpngw"
New-AzVpnGatewayNatRule -ResourceGroupName $vpnGateway.ResourceGroupName -ParentResourceName $vpnGateway.Name -Name "testNatRule" -Type Static -Mode EgressSnat -InternalMapping "10.0.0.1/26" -ExternalMapping "192.168.0.0/26" -InternalPortRange "100-100" -ExternalPortRange "200-200"
Type : Static
Mode : EgressSnat
VpnConnectionProtocolType : IKEv2
InternalMappings : 10.0.0.1/26
ExternalMappings : 192.168.0.0/26
InternalPortRange : 100-100
ExternalPortRange : 200-200
IpConfigurationId :
IngressVpnSiteLinkConnections : [Microsoft.Azure.Commands.Network.Models.PSResourceId]
EgressVpnSiteLinkConnections : [Microsoft.Azure.Commands.Network.Models.PSResourceId]
ProvisioningState : Provisioned
Name : ps9709
Etag : W/"4580a2e2-2fab-4cff-88eb-92013a76b5a8"
Id : /subscriptions/{subscriptionId}/resourceGroups/testRg/providers/Microsoft.Network/vpnGateways/testvpngw/natRules/testNatRuleThe above will create a resource group, Virtual WAN, Virtual Network, Virtual Hub. Then, we will create VpnGateway under that Virtual Hub. Then, using this command: New-AzVpnGatewayNatRule, NAT rule can be createdand associated with created VpnGateway.
Parameters
-AsJob
Run cmdlet in the background
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ExternalMapping
The list of private IP address subnet external mappings for NAT
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ExternalPortRange
The list of external port range mappings for NAT subnets
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-InternalMapping
The list of private IP address subnet internal mappings for NAT
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-InternalPortRange
The list of internal port range mappings for NAT subnets
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-IpConfigurationId
The IP Configuration ID this NAT rule applies to
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Mode
The Source NAT direction of a VPN NAT
| Type: | String |
| Accepted values: | EgressSnat, IngressSnat |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Name
The resource name.
| Type: | String |
| Aliases: | ResourceName, VpnGatewayNatRuleName |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ParentObject
The parent VpnGateway for this NAT Rule.
| Type: | PSVpnGateway |
| Aliases: | ParentVpnGateway, VpnGateway |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ParentResourceId
The resource id of the parent VpnGateway for this NAT Rule.
| Type: | String |
| Aliases: | ParentVpnGatewayId, VpnGatewayId |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ParentResourceName
The resource group name.
| Type: | String |
| Aliases: | ParentVpnGatewayName, VpnGatewayName |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResourceGroupName
The resource group name.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Type
The type of NAT rule for VPN NAT
| Type: | String |
| Accepted values: | Static, Dynamic |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Outputs
Azure PowerShell
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for