Virtual Network Gateways - List

Service:

Network Gateway

API Version:

2025-03-01

Gets all virtual network gateways by resource group.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworkGateways?api-version=2025-03-01

URI Parameters

Name	In	Required	Type	Description
resourceGroupName	path	True	string	The name of the resource group.
subscriptionId	path	True	string	The subscription credentials which uniquely identify the Microsoft Azure subscription. The subscription ID forms part of the URI for every service call.
api-version	query	True	string	Client API version.

Responses

Name	Type	Description
200 OK	VirtualNetworkGatewayListResult	Request successful. The operation returns a list of VirtualNetworkGateway resources.
Other Status Codes	CloudError	Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Description
user_impersonation	impersonate your user account

Examples

ListVirtualNetworkGatewaysinResourceGroup

Sample request

HTTP

GET https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways?api-version=2025-03-01

Python

from azure.identity import DefaultAzureCredential

from azure.mgmt.network import NetworkManagementClient

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-network
# USAGE
    python virtual_network_gateway_list.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = NetworkManagementClient(
        credential=DefaultAzureCredential(),
        subscription_id="subid",
    )

    response = client.virtual_network_gateways.list(
        resource_group_name="rg1",
    )
    for item in response:
        print(item)


# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2025-03-01/examples/VirtualNetworkGatewayList.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Go

package armnetwork_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v8"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/b24c97bfc136b01dd46a1c8ddcecd0bb5a1ab152/specification/network/resource-manager/Microsoft.Network/stable/2025-03-01/examples/VirtualNetworkGatewayList.json
func ExampleVirtualNetworkGatewaysClient_NewListPager() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewVirtualNetworkGatewaysClient().NewListPager("rg1", nil)
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.VirtualNetworkGatewayListResult = armnetwork.VirtualNetworkGatewayListResult{
		// 	Value: []*armnetwork.VirtualNetworkGateway{
		// 		{
		// 			Name: to.Ptr("vpngw1"),
		// 			Type: to.Ptr("Microsoft.Network/virtualNetworkGateways"),
		// 			ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw1"),
		// 			Location: to.Ptr("loc1"),
		// 			Etag: to.Ptr("W/\"00000000-0000-0000-0000-000000000000\""),
		// 			Properties: &armnetwork.VirtualNetworkGatewayPropertiesFormat{
		// 				Active: to.Ptr(false),
		// 				AllowRemoteVnetTraffic: to.Ptr(false),
		// 				AllowVirtualWanTraffic: to.Ptr(false),
		// 				BgpSettings: &armnetwork.BgpSettings{
		// 					Asn: to.Ptr[int64](65515),
		// 					BgpPeeringAddress: to.Ptr("10.0.0.14"),
		// 					PeerWeight: to.Ptr[int32](0),
		// 				},
		// 				CustomRoutes: &armnetwork.AddressSpace{
		// 					AddressPrefixes: []*string{
		// 						to.Ptr("101.168.0.6/32")},
		// 					},
		// 					DisableIPSecReplayProtection: to.Ptr(false),
		// 					EnableBgp: to.Ptr(false),
		// 					EnableBgpRouteTranslationForNat: to.Ptr(false),
		// 					EnablePrivateIPAddress: to.Ptr(false),
		// 					GatewayType: to.Ptr(armnetwork.VirtualNetworkGatewayTypeVPN),
		// 					IPConfigurations: []*armnetwork.VirtualNetworkGatewayIPConfiguration{
		// 						{
		// 							ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw1/ipConfigurations/default"),
		// 							Name: to.Ptr("default"),
		// 							Etag: to.Ptr("W/\"00000000-0000-0000-0000-000000000000\""),
		// 							Properties: &armnetwork.VirtualNetworkGatewayIPConfigurationPropertiesFormat{
		// 								PrivateIPAllocationMethod: to.Ptr(armnetwork.IPAllocationMethodDynamic),
		// 								ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
		// 								PublicIPAddress: &armnetwork.SubResource{
		// 									ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/vpngw1-ip"),
		// 								},
		// 								Subnet: &armnetwork.SubResource{
		// 									ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/GatewaySubnet"),
		// 								},
		// 							},
		// 					}},
		// 					NatRules: []*armnetwork.VirtualNetworkGatewayNatRule{
		// 						{
		// 							ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw1/natRules/natRule1"),
		// 							Name: to.Ptr("natRule1"),
		// 							Etag: to.Ptr("W/\"00ae2b69-88e7-4b3a-b66a-cfa2244e0801\""),
		// 							Properties: &armnetwork.VirtualNetworkGatewayNatRuleProperties{
		// 								Type: to.Ptr(armnetwork.VPNNatRuleTypeStatic),
		// 								ExternalMappings: []*armnetwork.VPNNatRuleMapping{
		// 									{
		// 										AddressSpace: to.Ptr("50.0.0.0/24"),
		// 								}},
		// 								InternalMappings: []*armnetwork.VPNNatRuleMapping{
		// 									{
		// 										AddressSpace: to.Ptr("10.10.0.0/24"),
		// 								}},
		// 								Mode: to.Ptr(armnetwork.VPNNatRuleModeEgressSnat),
		// 								ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
		// 							},
		// 						},
		// 						{
		// 							ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw1/natRules/natRule2"),
		// 							Name: to.Ptr("natRule2"),
		// 							Etag: to.Ptr("W/\"00ae2b69-88e7-4b3a-b66a-cfa2244e0801\""),
		// 							Properties: &armnetwork.VirtualNetworkGatewayNatRuleProperties{
		// 								Type: to.Ptr(armnetwork.VPNNatRuleTypeStatic),
		// 								ExternalMappings: []*armnetwork.VPNNatRuleMapping{
		// 									{
		// 										AddressSpace: to.Ptr("30.0.0.0/24"),
		// 								}},
		// 								InternalMappings: []*armnetwork.VPNNatRuleMapping{
		// 									{
		// 										AddressSpace: to.Ptr("20.10.0.0/24"),
		// 								}},
		// 								Mode: to.Ptr(armnetwork.VPNNatRuleModeIngressSnat),
		// 								ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
		// 							},
		// 					}},
		// 					ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
		// 					ResourceGUID: to.Ptr("00000000-0000-0000-0000-000000000000"),
		// 					SKU: &armnetwork.VirtualNetworkGatewaySKU{
		// 						Name: to.Ptr(armnetwork.VirtualNetworkGatewaySKUNameVPNGw1),
		// 						Capacity: to.Ptr[int32](2),
		// 						Tier: to.Ptr(armnetwork.VirtualNetworkGatewaySKUTierVPNGw1),
		// 					},
		// 					VirtualNetworkGatewayMigrationStatus: &armnetwork.VirtualNetworkGatewayMigrationStatus{
		// 						ErrorMessage: to.Ptr(""),
		// 						Phase: to.Ptr(armnetwork.VirtualNetworkGatewayMigrationPhase("")),
		// 						State: to.Ptr(armnetwork.VirtualNetworkGatewayMigrationState("")),
		// 					},
		// 					VPNClientConfiguration: &armnetwork.VPNClientConfiguration{
		// 						VPNClientProtocols: []*armnetwork.VPNClientProtocol{
		// 						},
		// 						VPNClientRevokedCertificates: []*armnetwork.VPNClientRevokedCertificate{
		// 						},
		// 						VPNClientRootCertificates: []*armnetwork.VPNClientRootCertificate{
		// 						},
		// 					},
		// 					VPNGatewayGeneration: to.Ptr(armnetwork.VPNGatewayGenerationNone),
		// 					VPNType: to.Ptr(armnetwork.VPNTypeRouteBased),
		// 				},
		// 			},
		// 			{
		// 				Name: to.Ptr("vpngw2"),
		// 				Type: to.Ptr("Microsoft.Network/virtualNetworkGateways"),
		// 				ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw2"),
		// 				Location: to.Ptr("loc2"),
		// 				Etag: to.Ptr("W/\"00000000-0000-0000-0000-000000000000\""),
		// 				Properties: &armnetwork.VirtualNetworkGatewayPropertiesFormat{
		// 					Active: to.Ptr(false),
		// 					AllowRemoteVnetTraffic: to.Ptr(false),
		// 					AllowVirtualWanTraffic: to.Ptr(false),
		// 					BgpSettings: &armnetwork.BgpSettings{
		// 						Asn: to.Ptr[int64](65515),
		// 						BgpPeeringAddress: to.Ptr("10.1.0.46"),
		// 						PeerWeight: to.Ptr[int32](0),
		// 					},
		// 					CustomRoutes: &armnetwork.AddressSpace{
		// 						AddressPrefixes: []*string{
		// 							to.Ptr("101.168.0.6/32")},
		// 						},
		// 						DisableIPSecReplayProtection: to.Ptr(false),
		// 						EnableBgp: to.Ptr(false),
		// 						EnableBgpRouteTranslationForNat: to.Ptr(false),
		// 						EnablePrivateIPAddress: to.Ptr(true),
		// 						GatewayType: to.Ptr(armnetwork.VirtualNetworkGatewayTypeVPN),
		// 						IPConfigurations: []*armnetwork.VirtualNetworkGatewayIPConfiguration{
		// 							{
		// 								ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw2/ipConfigurations/default"),
		// 								Name: to.Ptr("default"),
		// 								Etag: to.Ptr("W/\"00000000-0000-0000-0000-000000000000\""),
		// 								Properties: &armnetwork.VirtualNetworkGatewayIPConfigurationPropertiesFormat{
		// 									PrivateIPAddress: to.Ptr("10.1.0.7"),
		// 									PrivateIPAllocationMethod: to.Ptr(armnetwork.IPAllocationMethodDynamic),
		// 									ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
		// 									PublicIPAddress: &armnetwork.SubResource{
		// 										ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/vpngw2-ip"),
		// 									},
		// 									Subnet: &armnetwork.SubResource{
		// 										ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/GatewaySubnet"),
		// 									},
		// 								},
		// 						}},
		// 						NatRules: []*armnetwork.VirtualNetworkGatewayNatRule{
		// 							{
		// 								ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw2/natRules/natRule1"),
		// 								Name: to.Ptr("natRule1"),
		// 								Etag: to.Ptr("W/\"00ae2b69-88e7-4b3a-b66a-cfa2244e0801\""),
		// 								Properties: &armnetwork.VirtualNetworkGatewayNatRuleProperties{
		// 									Type: to.Ptr(armnetwork.VPNNatRuleTypeStatic),
		// 									ExternalMappings: []*armnetwork.VPNNatRuleMapping{
		// 										{
		// 											AddressSpace: to.Ptr("50.0.0.0/24"),
		// 									}},
		// 									InternalMappings: []*armnetwork.VPNNatRuleMapping{
		// 										{
		// 											AddressSpace: to.Ptr("10.10.0.0/24"),
		// 									}},
		// 									Mode: to.Ptr(armnetwork.VPNNatRuleModeEgressSnat),
		// 									ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
		// 								},
		// 							},
		// 							{
		// 								ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw2/natRules/natRule2"),
		// 								Name: to.Ptr("natRule2"),
		// 								Etag: to.Ptr("W/\"00ae2b69-88e7-4b3a-b66a-cfa2244e0801\""),
		// 								Properties: &armnetwork.VirtualNetworkGatewayNatRuleProperties{
		// 									Type: to.Ptr(armnetwork.VPNNatRuleTypeStatic),
		// 									ExternalMappings: []*armnetwork.VPNNatRuleMapping{
		// 										{
		// 											AddressSpace: to.Ptr("30.0.0.0/24"),
		// 									}},
		// 									InternalMappings: []*armnetwork.VPNNatRuleMapping{
		// 										{
		// 											AddressSpace: to.Ptr("20.10.0.0/24"),
		// 									}},
		// 									Mode: to.Ptr(armnetwork.VPNNatRuleModeIngressSnat),
		// 									ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
		// 								},
		// 						}},
		// 						ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
		// 						ResourceGUID: to.Ptr("00000000-0000-0000-0000-000000000000"),
		// 						SKU: &armnetwork.VirtualNetworkGatewaySKU{
		// 							Name: to.Ptr(armnetwork.VirtualNetworkGatewaySKUNameVPNGw1),
		// 							Capacity: to.Ptr[int32](2),
		// 							Tier: to.Ptr(armnetwork.VirtualNetworkGatewaySKUTierVPNGw1),
		// 						},
		// 						VirtualNetworkGatewayMigrationStatus: &armnetwork.VirtualNetworkGatewayMigrationStatus{
		// 							ErrorMessage: to.Ptr(""),
		// 							Phase: to.Ptr(armnetwork.VirtualNetworkGatewayMigrationPhase("")),
		// 							State: to.Ptr(armnetwork.VirtualNetworkGatewayMigrationState("")),
		// 						},
		// 						VPNClientConfiguration: &armnetwork.VPNClientConfiguration{
		// 							RadiusServers: []*armnetwork.RadiusServer{
		// 								{
		// 									RadiusServerAddress: to.Ptr("10.2.0.0"),
		// 									RadiusServerScore: to.Ptr[int64](20),
		// 							}},
		// 							VPNClientProtocols: []*armnetwork.VPNClientProtocol{
		// 								to.Ptr(armnetwork.VPNClientProtocolOpenVPN)},
		// 								VPNClientRevokedCertificates: []*armnetwork.VPNClientRevokedCertificate{
		// 								},
		// 								VPNClientRootCertificates: []*armnetwork.VPNClientRootCertificate{
		// 								},
		// 							},
		// 							VPNGatewayGeneration: to.Ptr(armnetwork.VPNGatewayGenerationNone),
		// 							VPNType: to.Ptr(armnetwork.VPNTypeRouteBased),
		// 						},
		// 				}},
		// 			}
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");
require("dotenv/config");

/**
 * This sample demonstrates how to Gets all virtual network gateways by resource group.
 *
 * @summary Gets all virtual network gateways by resource group.
 * x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2025-03-01/examples/VirtualNetworkGatewayList.json
 */
async function listVirtualNetworkGatewaysinResourceGroup() {
  const subscriptionId = process.env["NETWORK_SUBSCRIPTION_ID"] || "subid";
  const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
  const credential = new DefaultAzureCredential();
  const client = new NetworkManagementClient(credential, subscriptionId);
  const resArray = new Array();
  for await (const item of client.virtualNetworkGateways.list(resourceGroupName)) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

dotnet

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Models;
using Azure.ResourceManager.Network.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Network;

// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2025-03-01/examples/VirtualNetworkGatewayList.json
// this example is just showing the usage of "VirtualNetworkGateways_List" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "subid";
string resourceGroupName = "rg1";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);

// get the collection of this VirtualNetworkGatewayResource
VirtualNetworkGatewayCollection collection = resourceGroupResource.GetVirtualNetworkGateways();

// invoke the operation and iterate over the result
await foreach (VirtualNetworkGatewayResource item in collection.GetAllAsync())
{
    // the variable item is a resource, you could call other operations on this instance as well
    // but just for demo, we get its data from this resource instance
    VirtualNetworkGatewayData resourceData = item.Data;
    // for demo we just print out the id
    Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}

Console.WriteLine("Succeeded");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:

200

{
  "value": [
    {
      "name": "vpngw1",
      "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw1",
      "etag": "W/\"00000000-0000-0000-0000-000000000000\"",
      "type": "Microsoft.Network/virtualNetworkGateways",
      "location": "loc1",
      "properties": {
        "provisioningState": "Succeeded",
        "resourceGuid": "00000000-0000-0000-0000-000000000000",
        "virtualNetworkGatewayMigrationStatus": {
          "state": "",
          "phase": "",
          "errorMessage": ""
        },
        "ipConfigurations": [
          {
            "name": "default",
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw1/ipConfigurations/default",
            "etag": "W/\"00000000-0000-0000-0000-000000000000\"",
            "properties": {
              "provisioningState": "Succeeded",
              "privateIPAllocationMethod": "Dynamic",
              "publicIPAddress": {
                "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/vpngw1-ip"
              },
              "subnet": {
                "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/GatewaySubnet"
              }
            }
          }
        ],
        "natRules": [
          {
            "name": "natRule1",
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw1/natRules/natRule1",
            "etag": "W/\"00ae2b69-88e7-4b3a-b66a-cfa2244e0801\"",
            "properties": {
              "provisioningState": "Succeeded",
              "type": "Static",
              "mode": "EgressSnat",
              "internalMappings": [
                {
                  "addressSpace": "10.10.0.0/24"
                }
              ],
              "externalMappings": [
                {
                  "addressSpace": "50.0.0.0/24"
                }
              ]
            }
          },
          {
            "name": "natRule2",
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw1/natRules/natRule2",
            "etag": "W/\"00ae2b69-88e7-4b3a-b66a-cfa2244e0801\"",
            "properties": {
              "provisioningState": "Succeeded",
              "type": "Static",
              "mode": "IngressSnat",
              "internalMappings": [
                {
                  "addressSpace": "20.10.0.0/24"
                }
              ],
              "externalMappings": [
                {
                  "addressSpace": "30.0.0.0/24"
                }
              ]
            }
          }
        ],
        "enableBgpRouteTranslationForNat": false,
        "sku": {
          "name": "VpnGw1",
          "tier": "VpnGw1",
          "capacity": 2
        },
        "gatewayType": "Vpn",
        "vpnType": "RouteBased",
        "vpnGatewayGeneration": "None",
        "enableBgp": false,
        "enablePrivateIpAddress": false,
        "activeActive": false,
        "disableIPSecReplayProtection": false,
        "vpnClientConfiguration": {
          "vpnClientProtocols": [],
          "vpnClientRootCertificates": [],
          "vpnClientRevokedCertificates": []
        },
        "bgpSettings": {
          "asn": 65515,
          "bgpPeeringAddress": "10.0.0.14",
          "peerWeight": 0
        },
        "customRoutes": {
          "addressPrefixes": [
            "101.168.0.6/32"
          ]
        },
        "allowVirtualWanTraffic": false,
        "allowRemoteVnetTraffic": false
      }
    },
    {
      "name": "vpngw2",
      "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw2",
      "etag": "W/\"00000000-0000-0000-0000-000000000000\"",
      "type": "Microsoft.Network/virtualNetworkGateways",
      "location": "loc2",
      "properties": {
        "provisioningState": "Succeeded",
        "resourceGuid": "00000000-0000-0000-0000-000000000000",
        "virtualNetworkGatewayMigrationStatus": {
          "state": "",
          "phase": "",
          "errorMessage": ""
        },
        "ipConfigurations": [
          {
            "name": "default",
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw2/ipConfigurations/default",
            "etag": "W/\"00000000-0000-0000-0000-000000000000\"",
            "properties": {
              "provisioningState": "Succeeded",
              "privateIPAllocationMethod": "Dynamic",
              "privateIPAddress": "10.1.0.7",
              "publicIPAddress": {
                "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/vpngw2-ip"
              },
              "subnet": {
                "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/GatewaySubnet"
              }
            }
          }
        ],
        "natRules": [
          {
            "name": "natRule1",
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw2/natRules/natRule1",
            "etag": "W/\"00ae2b69-88e7-4b3a-b66a-cfa2244e0801\"",
            "properties": {
              "provisioningState": "Succeeded",
              "type": "Static",
              "mode": "EgressSnat",
              "internalMappings": [
                {
                  "addressSpace": "10.10.0.0/24"
                }
              ],
              "externalMappings": [
                {
                  "addressSpace": "50.0.0.0/24"
                }
              ]
            }
          },
          {
            "name": "natRule2",
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworkGateways/vpngw2/natRules/natRule2",
            "etag": "W/\"00ae2b69-88e7-4b3a-b66a-cfa2244e0801\"",
            "properties": {
              "provisioningState": "Succeeded",
              "type": "Static",
              "mode": "IngressSnat",
              "internalMappings": [
                {
                  "addressSpace": "20.10.0.0/24"
                }
              ],
              "externalMappings": [
                {
                  "addressSpace": "30.0.0.0/24"
                }
              ]
            }
          }
        ],
        "enableBgpRouteTranslationForNat": false,
        "sku": {
          "name": "VpnGw1",
          "tier": "VpnGw1",
          "capacity": 2
        },
        "gatewayType": "Vpn",
        "vpnType": "RouteBased",
        "vpnGatewayGeneration": "None",
        "enableBgp": false,
        "enablePrivateIpAddress": true,
        "activeActive": false,
        "disableIPSecReplayProtection": false,
        "vpnClientConfiguration": {
          "vpnClientProtocols": [
            "OpenVPN"
          ],
          "vpnClientRootCertificates": [],
          "vpnClientRevokedCertificates": [],
          "radiusServers": [
            {
              "radiusServerAddress": "10.2.0.0",
              "radiusServerScore": 20
            }
          ]
        },
        "bgpSettings": {
          "asn": 65515,
          "bgpPeeringAddress": "10.1.0.46",
          "peerWeight": 0
        },
        "customRoutes": {
          "addressPrefixes": [
            "101.168.0.6/32"
          ]
        },
        "allowVirtualWanTraffic": false,
        "allowRemoteVnetTraffic": false
      }
    }
  ]
}

Definitions

Name	Description
AddressSpace	AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network.
adminState	Property to indicate if the Express Route Gateway serves traffic when there are multiple Express Route Gateways in the vnet
BgpSettings	BGP settings details.
CloudError	An error response from the service.
CloudErrorBody	An error response from the service.
DhGroup	The DH Groups used in IKE Phase 1 for initial SA.
ExtendedLocation	ExtendedLocation complex type.
ExtendedLocationTypes	The type of the extended location.
IkeEncryption	The IKE encryption algorithm (IKE phase 2).
IkeIntegrity	The IKE integrity algorithm (IKE phase 2).
IPAllocationMethod	IP address allocation method.
IpamPoolPrefixAllocation	IpamPool prefix allocation reference.
IPConfigurationBgpPeeringAddress	Properties of IPConfigurationBgpPeeringAddress.
IpsecEncryption	The IPSec encryption algorithm (IKE phase 1).
IpsecIntegrity	The IPSec integrity algorithm (IKE phase 1).
IpsecPolicy	An IPSec Policy configuration for a virtual network gateway connection.
ManagedServiceIdentity	Identity for the resource.
PfsGroup	The Pfs Groups used in IKE Phase 2 for new child SA.
ProvisioningState	The current provisioning state.
RadiusServer	Radius Server Settings.
resiliencyModel	Property to indicate if the Express Route Gateway has resiliency model of MultiHomed or SingleHomed
ResourceIdentityType	The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
SubResource	Reference to another subresource.
UserAssignedIdentities	The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
VirtualNetworkGateway	A common class for general resource information.
VirtualNetworkGatewayAutoScaleBounds
VirtualNetworkGatewayAutoScaleConfiguration	Virtual Network Gateway Autoscale Configuration details
VirtualNetworkGatewayIPConfiguration	IP configuration for virtual network gateway.
VirtualNetworkGatewayListResult	Response for the ListVirtualNetworkGateways API service call.
VirtualNetworkGatewayMigrationPhase	Represent the current migration phase of gateway.
VirtualNetworkGatewayMigrationState	Represent the current state of gateway migration.
VirtualNetworkGatewayMigrationStatus	Migration status for the Virtual Network Gateway.
VirtualNetworkGatewayNatRule	VirtualNetworkGatewayNatRule Resource.
VirtualNetworkGatewayPolicyGroup	Parameters for VirtualNetworkGatewayPolicyGroup.
VirtualNetworkGatewayPolicyGroupMember	Vpn Client Connection configuration PolicyGroup member
VirtualNetworkGatewaySku	VirtualNetworkGatewaySku details.
VirtualNetworkGatewaySkuName	Gateway SKU name.
VirtualNetworkGatewaySkuTier	Gateway SKU tier.
VirtualNetworkGatewayType	The type of this virtual network gateway.
VngClientConnectionConfiguration	A vpn client connection configuration for client connection configuration.
VpnAuthenticationType	VPN authentication types for the virtual network gateway..
VpnClientConfiguration	VpnClientConfiguration for P2S client.
VpnClientProtocol	VpnClientProtocols for Virtual network gateway.
VpnClientRevokedCertificate	VPN client revoked certificate of virtual network gateway.
VpnClientRootCertificate	VPN client root certificate of virtual network gateway.
VpnGatewayGeneration	The generation for this VirtualNetworkGateway. Must be None if gatewayType is not VPN.
VpnNatRuleMapping	Vpn NatRule mapping.
VpnNatRuleMode	The Source NAT direction of a VPN NAT.
VpnNatRuleType	The type of NAT rule for VPN NAT.
VpnPolicyMemberAttributeType	The Vpn Policy member attribute type.
VpnType	The type of this virtual network gateway.

AddressSpace

Object

AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network.

Name	Type	Description
addressPrefixes	string[]	A list of address blocks reserved for this virtual network in CIDR notation.
ipamPoolPrefixAllocations	IpamPoolPrefixAllocation[]	A list of IPAM Pools allocating IP address prefixes.

adminState

Enumeration

Property to indicate if the Express Route Gateway serves traffic when there are multiple Express Route Gateways in the vnet

Value	Description
Enabled
Disabled

BgpSettings

Object

BGP settings details.

Name	Type	Description
asn	integer (int64) minimum: 0 maximum: 4294967295	The BGP speaker's ASN.
bgpPeeringAddress	string	The BGP peering address and BGP identifier of this BGP speaker.
bgpPeeringAddresses	IPConfigurationBgpPeeringAddress[]	BGP peering address with IP configuration ID for virtual network gateway.
peerWeight	integer (int32)	The weight added to routes learned from this BGP speaker.

CloudError

Object

An error response from the service.

Name	Type	Description
error	CloudErrorBody	Cloud error body.

CloudErrorBody

Object

An error response from the service.

Name	Type	Description
code	string	An identifier for the error. Codes are invariant and are intended to be consumed programmatically.
details	CloudErrorBody[]	A list of additional details about the error.
message	string	A message describing the error, intended to be suitable for display in a user interface.
target	string	The target of the particular error. For example, the name of the property in error.

DhGroup

Enumeration

The DH Groups used in IKE Phase 1 for initial SA.

Value	Description
None
DHGroup1
DHGroup2
DHGroup14
DHGroup2048
ECP256
ECP384
DHGroup24

ExtendedLocation

Object

ExtendedLocation complex type.

Name	Type	Description
name	string	The name of the extended location.
type	ExtendedLocationTypes	The type of the extended location.

ExtendedLocationTypes

Enumeration

The type of the extended location.

Value	Description
EdgeZone

IkeEncryption

Enumeration

The IKE encryption algorithm (IKE phase 2).

Value	Description
DES
DES3
AES128
AES192
AES256
GCMAES256
GCMAES128

IkeIntegrity

Enumeration

The IKE integrity algorithm (IKE phase 2).

Value	Description
MD5
SHA1
SHA256
SHA384
GCMAES256
GCMAES128

IPAllocationMethod

Enumeration

IP address allocation method.

Value	Description
Static
Dynamic

IpamPoolPrefixAllocation

Object

IpamPool prefix allocation reference.

Name	Type	Description
allocatedAddressPrefixes	string[]	List of assigned IP address prefixes in the IpamPool of the associated resource.
numberOfIpAddresses	string	Number of IP addresses to allocate.
pool.id	string (arm-id)	Resource id of the associated Azure IpamPool resource.

IPConfigurationBgpPeeringAddress

Object

Properties of IPConfigurationBgpPeeringAddress.

Name	Type	Description
customBgpIpAddresses	string[]	The list of custom BGP peering addresses which belong to IP configuration.
defaultBgpIpAddresses	string[]	The list of default BGP peering addresses which belong to IP configuration.
ipconfigurationId	string	The ID of IP configuration which belongs to gateway.
tunnelIpAddresses	string[]	The list of tunnel public IP addresses which belong to IP configuration.

IpsecEncryption

Enumeration

The IPSec encryption algorithm (IKE phase 1).

Value	Description
None
DES
DES3
AES128
AES192
AES256
GCMAES128
GCMAES192
GCMAES256

IpsecIntegrity

Enumeration

The IPSec integrity algorithm (IKE phase 1).

Value	Description
MD5
SHA1
SHA256
GCMAES128
GCMAES192
GCMAES256

IpsecPolicy

Object

An IPSec Policy configuration for a virtual network gateway connection.

Name	Type	Description
dhGroup	DhGroup	The DH Group used in IKE Phase 1 for initial SA.
ikeEncryption	IkeEncryption	The IKE encryption algorithm (IKE phase 2).
ikeIntegrity	IkeIntegrity	The IKE integrity algorithm (IKE phase 2).
ipsecEncryption	IpsecEncryption	The IPSec encryption algorithm (IKE phase 1).
ipsecIntegrity	IpsecIntegrity	The IPSec integrity algorithm (IKE phase 1).
pfsGroup	PfsGroup	The Pfs Group used in IKE Phase 2 for new child SA.
saDataSizeKilobytes	integer (int32)	The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel.
saLifeTimeSeconds	integer (int32)	The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel.

ManagedServiceIdentity

Object

Identity for the resource.

Name	Type	Description
principalId	string	The principal id of the system assigned identity. This property will only be provided for a system assigned identity.
tenantId	string	The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.
type	ResourceIdentityType	The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
userAssignedIdentities	UserAssignedIdentities	The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

PfsGroup

Enumeration

The Pfs Groups used in IKE Phase 2 for new child SA.

Value	Description
None
PFS1
PFS2
PFS2048
ECP256
ECP384
PFS24
PFS14
PFSMM

ProvisioningState

Enumeration

The current provisioning state.

Value	Description
Succeeded
Updating
Deleting
Failed

RadiusServer

Object

Radius Server Settings.

Name	Type	Description
radiusServerAddress	string	The address of this radius server.
radiusServerScore	integer (int64)	The initial score assigned to this radius server.
radiusServerSecret	string	The secret used for this radius server. We will no longer return radiusServerSecret in VirtualNetworkGateway Create/Update/Get/List/UpdateTags APIs response. Please use VirtualNetworkGateway ListRadiusSecrets API to fetch radius server secrets.

resiliencyModel

Enumeration

Property to indicate if the Express Route Gateway has resiliency model of MultiHomed or SingleHomed

Value	Description
SingleHomed
MultiHomed

ResourceIdentityType

Enumeration

The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.

Value	Description
SystemAssigned
UserAssigned
SystemAssigned, UserAssigned
None

SubResource

Object

Reference to another subresource.

Name	Type	Description
id	string	Resource ID.

UserAssignedIdentities

Object

The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

Name	Type	Description

VirtualNetworkGateway

Object

A common class for general resource information.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
extendedLocation	ExtendedLocation	The extended location of type local virtual network gateway.
id	string	Resource ID.
identity	ManagedServiceIdentity	The identity of the virtual network gateway, if configured.
location	string	Resource location.
name	string	Resource name.
properties.activeActive	boolean	ActiveActive flag.
properties.adminState	adminState	Property to indicate if the Express Route Gateway serves traffic when there are multiple Express Route Gateways in the vnet
properties.allowRemoteVnetTraffic	boolean	Configure this gateway to accept traffic from other Azure Virtual Networks. This configuration does not support connectivity to Azure Virtual WAN.
properties.allowVirtualWanTraffic	boolean	Configures this gateway to accept traffic from remote Virtual WAN networks.
properties.autoScaleConfiguration	VirtualNetworkGatewayAutoScaleConfiguration	Autoscale configuration for virutal network gateway
properties.bgpSettings	BgpSettings	Virtual network gateway's BGP speaker settings.
properties.customRoutes	AddressSpace	The reference to the address space resource which represents the custom routes address space specified by the customer for virtual network gateway and VpnClient.
properties.disableIPSecReplayProtection	boolean	disableIPSecReplayProtection flag.
properties.enableBgp	boolean	Whether BGP is enabled for this virtual network gateway or not.
properties.enableBgpRouteTranslationForNat	boolean	EnableBgpRouteTranslationForNat flag.
properties.enableDnsForwarding	boolean	Whether dns forwarding is enabled or not.
properties.enableHighBandwidthVpnGateway	boolean	To enable Advanced Connectivity feature for VPN gateway
properties.enablePrivateIpAddress	boolean	Whether private IP needs to be enabled on this gateway for connections or not.
properties.gatewayDefaultSite	SubResource	The reference to the LocalNetworkGateway resource which represents local network site having default routes. Assign Null value in case of removing existing default site setting.
properties.gatewayType	VirtualNetworkGatewayType	The type of this virtual network gateway.
properties.inboundDnsForwardingEndpoint	string	The IP address allocated by the gateway to which dns requests can be sent.
properties.ipConfigurations	VirtualNetworkGatewayIPConfiguration[]	IP configurations for virtual network gateway.
properties.natRules	VirtualNetworkGatewayNatRule[]	NatRules for virtual network gateway.
properties.provisioningState	ProvisioningState	The provisioning state of the virtual network gateway resource.
properties.resiliencyModel	resiliencyModel	Property to indicate if the Express Route Gateway has resiliency model of MultiHomed or SingleHomed
properties.resourceGuid	string	The resource GUID property of the virtual network gateway resource.
properties.sku	VirtualNetworkGatewaySku	The reference to the VirtualNetworkGatewaySku resource which represents the SKU selected for Virtual network gateway.
properties.vNetExtendedLocationResourceId	string	Customer vnet resource id. VirtualNetworkGateway of type local gateway is associated with the customer vnet.
properties.virtualNetworkGatewayMigrationStatus	VirtualNetworkGatewayMigrationStatus	The reference to the VirtualNetworkGatewayMigrationStatus which represents the status of migration.
properties.virtualNetworkGatewayPolicyGroups	VirtualNetworkGatewayPolicyGroup[]	The reference to the VirtualNetworkGatewayPolicyGroup resource which represents the available VirtualNetworkGatewayPolicyGroup for the gateway.
properties.vpnClientConfiguration	VpnClientConfiguration	The reference to the VpnClientConfiguration resource which represents the P2S VpnClient configurations.
properties.vpnGatewayGeneration	VpnGatewayGeneration	The generation for this VirtualNetworkGateway. Must be None if gatewayType is not VPN.
properties.vpnType	VpnType	The type of this virtual network gateway.
tags	object	Resource tags.
type	string	Resource type.

VirtualNetworkGatewayAutoScaleBounds

Object

Name	Type	Description
max	integer	Maximum Scale Units for Autoscale configuration
min	integer	Minimum scale Units for Autoscale configuration

VirtualNetworkGatewayAutoScaleConfiguration

Object

Virtual Network Gateway Autoscale Configuration details

Name	Type	Description
bounds	VirtualNetworkGatewayAutoScaleBounds	The bounds of the autoscale configuration

VirtualNetworkGatewayIPConfiguration

Object

IP configuration for virtual network gateway.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
name	string	The name of the resource that is unique within a resource group. This name can be used to access the resource.
properties.privateIPAddress	string	Private IP Address for this gateway.
properties.privateIPAllocationMethod	IPAllocationMethod	The private IP address allocation method.
properties.provisioningState	ProvisioningState	The provisioning state of the virtual network gateway IP configuration resource.
properties.publicIPAddress	SubResource	The reference to the public IP resource.
properties.subnet	SubResource	The reference to the subnet resource.

VirtualNetworkGatewayListResult

Object

Response for the ListVirtualNetworkGateways API service call.

Name	Type	Description
nextLink	string	The URL to get the next set of results.
value	VirtualNetworkGateway[]	A list of VirtualNetworkGateway resources that exists in a resource group.

VirtualNetworkGatewayMigrationPhase

Enumeration

Represent the current migration phase of gateway.

Value	Description
None	No migration phase set on gateway.
Prepare	Gateway is going through prepare migration or prepare has failed. Please see state and error details for more information.
PrepareSucceeded	Prepare succeeded on gateway.
Execute	Gateway is going through execute migration or execute has failed. Please see state and error details for more information.
ExecuteSucceeded	Execute succeeded on gateway.
Commit	Gateway is going through commit migration or commit has failed. Please see state and error details for more information.
CommitSucceeded	Commit succeeded, represent migration is complete for the gateway.
AbortSucceeded	Represent abort succeeded on gateway, start with prepare to retrigger migration.
Abort	Gateway is going through abort migration or abort has failed. Please see state and error details for more information.

VirtualNetworkGatewayMigrationState

Enumeration

Represent the current state of gateway migration.

Value	Description
None
InProgress
Succeeded
Failed

VirtualNetworkGatewayMigrationStatus

Object

Migration status for the Virtual Network Gateway.

Name	Type	Description
errorMessage	string	Error if any occurs during migration.
phase	VirtualNetworkGatewayMigrationPhase	Represent the current migration phase of gateway.
state	VirtualNetworkGatewayMigrationState	Represent the current state of gateway migration.

VirtualNetworkGatewayNatRule

Object

VirtualNetworkGatewayNatRule Resource.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
name	string	The name of the resource that is unique within a resource group. This name can be used to access the resource.
properties.externalMappings	VpnNatRuleMapping[]	The private IP address external mapping for NAT.
properties.internalMappings	VpnNatRuleMapping[]	The private IP address internal mapping for NAT.
properties.ipConfigurationId	string	The IP Configuration ID this NAT rule applies to.
properties.mode	VpnNatRuleMode	The Source NAT direction of a VPN NAT.
properties.provisioningState	ProvisioningState	The provisioning state of the NAT Rule resource.
properties.type	VpnNatRuleType	The type of NAT rule for VPN NAT.
type	string	Resource type.

VirtualNetworkGatewayPolicyGroup

Object

Parameters for VirtualNetworkGatewayPolicyGroup.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
name	string	The name of the resource that is unique within a resource group. This name can be used to access the resource.
properties.isDefault	boolean	Shows if this is a Default VirtualNetworkGatewayPolicyGroup or not.
properties.policyMembers	VirtualNetworkGatewayPolicyGroupMember[]	Multiple PolicyMembers for VirtualNetworkGatewayPolicyGroup.
properties.priority	integer (int32)	Priority for VirtualNetworkGatewayPolicyGroup.
properties.provisioningState	ProvisioningState	The provisioning state of the VirtualNetworkGatewayPolicyGroup resource.
properties.vngClientConnectionConfigurations	SubResource[]	List of references to vngClientConnectionConfigurations.

VirtualNetworkGatewayPolicyGroupMember

Object

Vpn Client Connection configuration PolicyGroup member

Name	Type	Description
attributeType	VpnPolicyMemberAttributeType	The Vpn Policy member attribute type.
attributeValue	string	The value of Attribute used for this VirtualNetworkGatewayPolicyGroupMember.
name	string	Name of the VirtualNetworkGatewayPolicyGroupMember.

VirtualNetworkGatewaySku

Object

VirtualNetworkGatewaySku details.

Name	Type	Description
capacity	integer (int32)	The capacity.
name	VirtualNetworkGatewaySkuName	Gateway SKU name.
tier	VirtualNetworkGatewaySkuTier	Gateway SKU tier.

VirtualNetworkGatewaySkuName

Enumeration

Gateway SKU name.

Value	Description
Basic
HighPerformance
Standard
UltraPerformance
VpnGw1
VpnGw2
VpnGw3
VpnGw4
VpnGw5
VpnGw1AZ
VpnGw2AZ
VpnGw3AZ
VpnGw4AZ
VpnGw5AZ
ErGw1AZ
ErGw2AZ
ErGw3AZ
ErGwScale

VirtualNetworkGatewaySkuTier

Enumeration

Gateway SKU tier.

Value	Description
Basic
HighPerformance
Standard
UltraPerformance
VpnGw1
VpnGw2
VpnGw3
VpnGw4
VpnGw5
VpnGw1AZ
VpnGw2AZ
VpnGw3AZ
VpnGw4AZ
VpnGw5AZ
ErGw1AZ
ErGw2AZ
ErGw3AZ
ErGwScale

VirtualNetworkGatewayType

Enumeration

The type of this virtual network gateway.

Value	Description
Vpn
ExpressRoute
LocalGateway

VngClientConnectionConfiguration

Object

A vpn client connection configuration for client connection configuration.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
name	string	The name of the resource that is unique within a resource group. This name can be used to access the resource.
properties.provisioningState	ProvisioningState	The provisioning state of the VngClientConnectionConfiguration resource.
properties.virtualNetworkGatewayPolicyGroups	SubResource[]	List of references to virtualNetworkGatewayPolicyGroups
properties.vpnClientAddressPool	AddressSpace	The reference to the address space resource which represents Address space for P2S VpnClient.

VpnAuthenticationType

Enumeration

VPN authentication types for the virtual network gateway..

Value	Description
Certificate
Radius
AAD

VpnClientConfiguration

Object

VpnClientConfiguration for P2S client.

Name	Type	Description
aadAudience	string	The AADAudience property of the VirtualNetworkGateway resource for vpn client connection used for AAD authentication.
aadIssuer	string	The AADIssuer property of the VirtualNetworkGateway resource for vpn client connection used for AAD authentication.
aadTenant	string	The AADTenant property of the VirtualNetworkGateway resource for vpn client connection used for AAD authentication.
radiusServerAddress	string	The radius server address property of the VirtualNetworkGateway resource for vpn client connection.
radiusServerSecret	string	The radius secret property of the VirtualNetworkGateway resource for vpn client connection. We will no longer return radiusServerSecret in VirtualNetworkGateway Create/Update/Get/List/UpdateTags APIs response. Please use VirtualNetworkGateway ListRadiusSecrets API to fetch radius server secrets.
radiusServers	RadiusServer[]	The radiusServers property for multiple radius server configuration.
vngClientConnectionConfigurations	VngClientConnectionConfiguration[]	per ip address pool connection policy for virtual network gateway P2S client.
vpnAuthenticationTypes	VpnAuthenticationType[]	VPN authentication types for the virtual network gateway..
vpnClientAddressPool	AddressSpace	The reference to the address space resource which represents Address space for P2S VpnClient.
vpnClientIpsecPolicies	IpsecPolicy[]	VpnClientIpsecPolicies for virtual network gateway P2S client.
vpnClientProtocols	VpnClientProtocol[]	VpnClientProtocols for Virtual network gateway.
vpnClientRevokedCertificates	VpnClientRevokedCertificate[]	VpnClientRevokedCertificate for Virtual network gateway.
vpnClientRootCertificates	VpnClientRootCertificate[]	VpnClientRootCertificate for virtual network gateway.

VpnClientProtocol

Enumeration

VpnClientProtocols for Virtual network gateway.

Value	Description
IkeV2
SSTP
OpenVPN

VpnClientRevokedCertificate

Object

VPN client revoked certificate of virtual network gateway.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
name	string	The name of the resource that is unique within a resource group. This name can be used to access the resource.
properties.provisioningState	ProvisioningState	The provisioning state of the VPN client revoked certificate resource.
properties.thumbprint	string	The revoked VPN client certificate thumbprint.

VpnClientRootCertificate

Object

VPN client root certificate of virtual network gateway.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
name	string	The name of the resource that is unique within a resource group. This name can be used to access the resource.
properties.provisioningState	ProvisioningState	The provisioning state of the VPN client root certificate resource.
properties.publicCertData	string	The certificate public data.

VpnGatewayGeneration

Enumeration

The generation for this VirtualNetworkGateway. Must be None if gatewayType is not VPN.

Value	Description
None
Generation1
Generation2

VpnNatRuleMapping

Object

Vpn NatRule mapping.

Name	Type	Description
addressSpace	string	Address space for Vpn NatRule mapping.
portRange	string	Port range for Vpn NatRule mapping.

VpnNatRuleMode

Enumeration

The Source NAT direction of a VPN NAT.

Value	Description
EgressSnat
IngressSnat

VpnNatRuleType

Enumeration

The type of NAT rule for VPN NAT.

Value	Description
Static
Dynamic

VpnPolicyMemberAttributeType

Enumeration

The Vpn Policy member attribute type.

Value	Description
CertificateGroupId
AADGroupId
RadiusAzureGroupId

VpnType

Enumeration

The type of this virtual network gateway.

Value	Description
PolicyBased
RouteBased