az network vpn-server-config ipsec-policy
Note
This reference is part of the virtual-wan extension for the Azure CLI (version 2.55.0 or higher). The extension will automatically install the first time you run an az network vpn-server-config ipsec-policy command. Learn more about extensions.
Manage VPN server configuration IPSec policies.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az network vpn-server-config ipsec-policy add |
Add an IPSec policy to a VPN server configuration. |
Extension | GA |
| az network vpn-server-config ipsec-policy list |
List VPN server configuration IPSec policies. |
Extension | GA |
| az network vpn-server-config ipsec-policy remove |
Remove an IPSec policy from a VPN server configuration. |
Extension | GA |
| az network vpn-server-config ipsec-policy wait |
Place the CLI in a waiting state until a condition of the IPSec policy of a VPN server configuration is met. |
Extension | GA |
az network vpn-server-config ipsec-policy add
Add an IPSec policy to a VPN server configuration.
az network vpn-server-config ipsec-policy add --dh-group {DHGroup1, DHGroup14, DHGroup2, DHGroup2048, DHGroup24, ECP256, ECP384, None}
--ike-encryption {AES128, AES192, AES256, DES, DES3, GCMAES128, GCMAES256}
--ike-integrity {GCMAES128, GCMAES256, MD5, SHA1, SHA256, SHA384}
--ipsec-encryption {AES128, AES192, AES256, DES, DES3, GCMAES128, GCMAES192, GCMAES256, None}
--ipsec-integrity {GCMAES128, GCMAES192, GCMAES256, MD5, SHA1, SHA256}
--name
--pfs-group {ECP256, ECP384, None, PFS1, PFS14, PFS2, PFS2048, PFS24, PFSMM}
--resource-group
--sa-data-size
--sa-lifetime
[--no-wait]Required Parameters
DH Groups used in IKE Phase 1 for initial SA.
| Property | Value |
|---|---|
| Parameter group: | IP Security Arguments |
| Accepted values: | DHGroup1, DHGroup14, DHGroup2, DHGroup2048, DHGroup24, ECP256, ECP384, None |
IKE encryption algorithm (IKE phase 2).
| Property | Value |
|---|---|
| Parameter group: | IP Security Arguments |
| Accepted values: | AES128, AES192, AES256, DES, DES3, GCMAES128, GCMAES256 |
IKE integrity algorithm (IKE phase 2).
| Property | Value |
|---|---|
| Parameter group: | IP Security Arguments |
| Accepted values: | GCMAES128, GCMAES256, MD5, SHA1, SHA256, SHA384 |
IPSec encryption algorithm (IKE phase 1).
| Property | Value |
|---|---|
| Parameter group: | IP Security Arguments |
| Accepted values: | AES128, AES192, AES256, DES, DES3, GCMAES128, GCMAES192, GCMAES256, None |
IPSec integrity algorithm (IKE phase 1).
| Property | Value |
|---|---|
| Parameter group: | IP Security Arguments |
| Accepted values: | GCMAES128, GCMAES192, GCMAES256, MD5, SHA1, SHA256 |
Name of the Vpn server configuration.
The Pfs Groups used in IKE Phase 2 for new child SA.
| Property | Value |
|---|---|
| Parameter group: | IP Security Arguments |
| Accepted values: | ECP256, ECP384, None, PFS1, PFS14, PFS2, PFS2048, PFS24, PFSMM |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site-to-site VPN tunnel.
| Property | Value |
|---|---|
| Parameter group: | IP Security Arguments |
IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site-to-site VPN tunnel.
| Property | Value |
|---|---|
| Parameter group: | IP Security Arguments |
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network vpn-server-config ipsec-policy list
List VPN server configuration IPSec policies.
az network vpn-server-config ipsec-policy list --name
--resource-groupRequired Parameters
Name of the Vpn server configuration.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network vpn-server-config ipsec-policy remove
Remove an IPSec policy from a VPN server configuration.
az network vpn-server-config ipsec-policy remove --index
--name
--resource-group
[--no-wait]Required Parameters
List index of the ipsec policy(starting with 0).
| Property | Value |
|---|---|
| Parameter group: | IP Security Arguments |
Name of the Vpn server configuration.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network vpn-server-config ipsec-policy wait
Place the CLI in a waiting state until a condition of the IPSec policy of a VPN server configuration is met.
az network vpn-server-config ipsec-policy wait --name
--resource-group
[--created]
[--custom]
[--deleted]
[--exists]
[--interval]
[--timeout]
[--updated]Required Parameters
Name of the Vpn server configuration.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Wait until created with 'provisioningState' at 'Succeeded'.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
Wait until deleted.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Wait until the resource exists.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Polling interval in seconds.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | 30 |
Maximum wait in seconds.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | 3600 |
Wait until updated with provisioningState at 'Succeeded'.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
