New-AzureRmVirtualNetworkGateway
Membuat gateway Microsoft Azure Virtual Network
Peringatan
Modul AzureRM PowerShell telah resmi tidak digunakan lagi per 29 Februari 2024. Pengguna disarankan untuk bermigrasi dari AzureRM ke modul Az PowerShell untuk memastikan dukungan dan pembaruan yang berkelanjutan.
Meskipun modul AzureRM mungkin masih berfungsi, modul tersebut tidak lagi dipertahankan atau didukung, menempatkan penggunaan berkelanjutan berdasarkan kebijaksanaan dan risiko pengguna. Silakan merujuk ke sumber daya migrasi kami untuk panduan tentang transisi ke modul Az.
Sintaks
New-AzureRmVirtualNetworkGateway
-Name <String>
-ResourceGroupName <String>
-Location <String>
[-IpConfigurations <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVirtualNetworkGatewayIpConfiguration]>]
[-GatewayType <String>]
[-VpnType <String>]
[-EnableBgp <Boolean>]
[-EnableActiveActiveFeature]
[-GatewaySku <String>]
[-GatewayDefaultSite <PSLocalNetworkGateway>]
[-VpnClientAddressPool <System.Collections.Generic.List`1[System.String]>]
[-VpnClientProtocol <System.Collections.Generic.List`1[System.String]>]
[-VpnClientRootCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRootCertificate]>]
[-VpnClientRevokedCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRevokedCertificate]>]
[-VpnClientIpsecPolicy <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSIpsecPolicy]>]
[-Asn <UInt32>]
[-PeerWeight <Int32>]
[-Tag <Hashtable>]
[-Force]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzureRmVirtualNetworkGateway
-Name <String>
-ResourceGroupName <String>
-Location <String>
[-IpConfigurations <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVirtualNetworkGatewayIpConfiguration]>]
[-GatewayType <String>]
[-VpnType <String>]
[-EnableBgp <Boolean>]
[-EnableActiveActiveFeature]
[-GatewaySku <String>]
[-GatewayDefaultSite <PSLocalNetworkGateway>]
[-VpnClientAddressPool <System.Collections.Generic.List`1[System.String]>]
[-VpnClientProtocol <System.Collections.Generic.List`1[System.String]>]
[-VpnClientRootCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRootCertificate]>]
[-VpnClientRevokedCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRevokedCertificate]>]
[-VpnClientIpsecPolicy <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSIpsecPolicy]>]
[-Asn <UInt32>]
[-PeerWeight <Int32>]
[-Tag <Hashtable>]
[-Force]
-RadiusServerAddress <String>
-RadiusServerSecret <SecureString>
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Deskripsi
Gateway Virtual Network adalah objek yang mewakili gateway Anda di Azure.
Cmdlet New-AzureRmVirtualNetworkGateway membuat objek gateway Anda di Azure berdasarkan konfigurasi Nama, Nama Grup Sumber Daya, Lokasi, dan IP, serta Jenis Gateway dan jika VPN, Jenis VPN. Anda juga dapat memberi nama SKU Gateway.
Jika Gateway ini digunakan untuk koneksi Titik-ke-Situs, Anda juga harus menyertakan Kumpulan Alamat Klien VPN tempat menetapkan alamat untuk menghubungkan klien dan Sertifikat Akar Klien VPN yang digunakan untuk mengautentikasi klien VPN yang tersambung ke Gateway.
Anda juga dapat memilih untuk menyertakan fitur lain seperti BGP dan Active-Active.
Contoh
1: Membuat Gateway Virtual Network
New-AzureRmResourceGroup -Location "UK West" -Name "vnet-gateway"
$subnet = New-AzureRMVirtualNetworkSubnetConfig -Name 'gatewaysubnet' -AddressPrefix '10.254.0.0/27'
$ngwpip = New-AzureRMPublicIpAddress -Name ngwpip -ResourceGroupName "vnet-gateway" -Location "UK West" -AllocationMethod Dynamic
$vnet = New-AzureRmVirtualNetwork -AddressPrefix "10.254.0.0/27" -Location "UK West" -Name vnet-gateway -ResourceGroupName "vnet-gateway" -Subnet $subnet
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -name 'gatewaysubnet' -VirtualNetwork $vnet
$ngwipconfig = New-AzureRMVirtualNetworkGatewayIpConfig -Name ngwipconfig -SubnetId $subnet.Id -PublicIpAddressId $ngwpip.Id
New-AzureRmVirtualNetworkGateway -Name myNGW -ResourceGroupName vnet-gateway -Location "UK West" -IpConfigurations $ngwIpConfig -GatewayType "Vpn" -VpnType "RouteBased" -GatewaySku "Basic"
Di atas akan membuat grup sumber daya, meminta Alamat IP Publik, membuat Jaringan Virtual dan subnet dan membuat Gateway Virtual Network di Azure.
Gateway akan disebut "myNGW" dalam grup sumber daya "vnet-gateway" di lokasi "UK Barat" dengan konfigurasi IP yang dibuat sebelumnya disimpan dalam variabel "ngwIPConfig," jenis gateway "VPN," jenis vpn "RouteBased," dan sku "Basic."
2: Membuat Gateway Virtual Network dengan Konfigurasi Radius Eksternal
New-AzureRmResourceGroup -Location "UK West" -Name "vnet-gateway"
New-AzureRMVirtualNetworkSubnetConfig -Name 'gatewaysubnet' -AddressPrefix '10.254.0.0/27'
$ngwpip = New-AzureRMPublicIpAddress -Name ngwpip -ResourceGroupName "vnet-gateway" -Location "UK West" -AllocationMethod Dynamic
$vnet = New-AzureRmVirtualNetwork -AddressPrefix "10.254.0.0/27" -Location "UK West" -Name vnet-gateway -ResourceGroupName "vnet-gateway" -Subnet $subnet
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -name 'gatewaysubnet' -VirtualNetwork $vnet
$ngwipconfig = New-AzureRMVirtualNetworkGatewayIpConfig -Name ngwipconfig -SubnetId $subnet.Id -PublicIpAddressId $ngwpip.Id
$Secure_String_Pwd = ConvertTo-SecureString "TestRadiusServerPassword" -AsPlainText -Force
New-AzureRmVirtualNetworkGateway -Name myNGW -ResourceGroupName vnet-gateway -Location "UK West" -IpConfigurations $ngwIpConfig -GatewayType "Vpn" -VpnType "RouteBased" -GatewaySku "Basic" -RadiusServerAddress "TestRadiusServer" -RadiusServerSecret $Secure_String_Pwd
Di atas akan membuat grup sumber daya, meminta Alamat IP Publik, membuat Jaringan Virtual dan subnet dan membuat Gateway Virtual Network di Azure.
Gateway akan disebut "myNGW" dalam grup sumber daya "vnet-gateway" di lokasi "UK Barat" dengan konfigurasi IP yang dibuat sebelumnya disimpan dalam variabel "ngwIPConfig," jenis gateway "VPN," jenis vpn "RouteBased," dan sku "Basic." Ini juga menambahkan server radius eksternal dengan alamat "TestRadiusServer"
1: Membuat Gateway Virtual Network dengan pengaturan P2S
New-AzureRmResourceGroup -Location "UK West" -Name "vnet-gateway"
$subnet = New-AzureRMVirtualNetworkSubnetConfig -Name 'gatewaysubnet' -AddressPrefix '10.254.0.0/27'
$ngwpip = New-AzureRMPublicIpAddress -Name ngwpip -ResourceGroupName "vnet-gateway" -Location "UK West" -AllocationMethod Dynamic
$vnet = New-AzureRmVirtualNetwork -AddressPrefix "10.254.0.0/27" -Location "UK West" -Name vnet-gateway -ResourceGroupName "vnet-gateway" -Subnet $subnet
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -name 'gatewaysubnet' -VirtualNetwork $vnet
$ngwipconfig = New-AzureRMVirtualNetworkGatewayIpConfig -Name ngwipconfig -SubnetId $subnet.Id -PublicIpAddressId $ngwpip.Id
$rootCert = New-AzureRmVpnClientRootCertificate -Name $clientRootCertName -PublicCertData $samplePublicCertData
$vpnclientipsecpolicy = New-AzureRmVpnClientIpsecPolicy -IpsecEncryption AES256 -IpsecIntegrity SHA256 -SALifeTimeSeconds 86471 -SADataSizeKilobytes 429496 -IkeEncryption AES256 -IkeIntegrity SHA384 -DhGroup DHGroup2 -PfsGroup PFS2
New-AzureRmVirtualNetworkGateway -Name myNGW -ResourceGroupName vnet-gateway -Location "UK West" -IpConfigurations $ngwIpConfig -GatewayType "Vpn" -VpnType "RouteBased" -GatewaySku "VpnGw1" -VpnClientProtocol IkeV2 -VpnClientAddressPool 201.169.0.0/16 -VpnClientRootCertificates $rootCert -VpnClientIpsecPolicy $vpnclientipsecpolicy
Di atas akan membuat grup sumber daya, meminta Alamat IP Publik, membuat Jaringan Virtual dan subnet dan membuat Gateway Jaringan Virtual dengan pengaturan P2S misalnya VpnProtocol,VpnClientAddressPool,VpnClientRootCertificates,VpnClientIpsecPolicy dll di Azure.
Gateway akan disebut "myNGW" dalam grup sumber daya "vnet-gateway" di lokasi "UK Barat" dengan konfigurasi IP yang dibuat sebelumnya disimpan dalam variabel "ngwIPConfig," jenis gateway "VPN," jenis vpn "RouteBased," dan sku "VpnGw1." Pengaturan vpn akan diatur di Gateway seperti VpnProtocol yang ditetapkan sebagai Ikev2, VpnClientAddressPool sebagai "201.169.0.0/16", VpnClientRootCertificate ditetapkan sebagai lulus satu: clientRootCertName dan kebijakan ipsec vpn kustom yang diteruskan dalam objek:$vpnclientipsecpolicy
Parameter
-AsJob
Jalankan cmdlet di latar belakang
Jenis: SwitchParameter
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: False
Terima karakter wildcard: False
-Asn
Jenis: UInt32
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: True
Terima karakter wildcard: False
-Confirm
Meminta Anda mengonfirmasi sebelum menjalankan cmdlet.
Jenis: SwitchParameter
Alias: cf
Position: Named
Nilai default: False
Diperlukan: False
Terima input alur: False
Terima karakter wildcard: False
-DefaultProfile
Kredensial, akun, penyewa, dan langganan yang digunakan untuk komunikasi dengan azure.
Jenis: IAzureContextContainer
Alias: AzureRmContext, AzureCredential
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: False
Terima karakter wildcard: False
-EnableActiveActiveFeature
Mengaktifkan fitur aktif-aktif.
Jenis: SwitchParameter
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: False
Terima karakter wildcard: False
-EnableBgp
Jenis: Boolean
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: True
Terima karakter wildcard: False
-Force
Memaksa perintah untuk dijalankan tanpa meminta konfirmasi pengguna.
Jenis: SwitchParameter
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: False
Terima karakter wildcard: False
-GatewayDefaultSite
Jenis: PSLocalNetworkGateway
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: True
Terima karakter wildcard: False
-GatewaySku
Jenis: String
Nilai yang diterima: Basic, Standard, HighPerformance, UltraPerformance, VpnGw1, VpnGw2, VpnGw3, VpnGw1AZ, VpnGw2AZ, VpnGw3AZ, ErGw1AZ, ErGw2AZ, ErGw3AZ
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: True
Terima karakter wildcard: False
-GatewayType
Jenis: String
Nilai yang diterima: Vpn, ExpressRoute
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: True
Terima karakter wildcard: False
-IpConfigurations
-Location
Jenis: String
Position: Named
Nilai default: None
Diperlukan: True
Terima input alur: True
Terima karakter wildcard: False
-Name
Jenis: String
Alias: ResourceName
Position: Named
Nilai default: None
Diperlukan: True
Terima input alur: True
Terima karakter wildcard: False
-PeerWeight
Jenis: Int32
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: True
Terima karakter wildcard: False
-RadiusServerAddress
Alamat server Radius Eksternal P2S.
Jenis: String
Position: Named
Nilai default: None
Diperlukan: True
Terima input alur: True
Terima karakter wildcard: False
-RadiusServerSecret
Rahasia server Radius Eksternal P2S.
Jenis: SecureString
Position: Named
Nilai default: None
Diperlukan: True
Terima input alur: True
Terima karakter wildcard: False
-ResourceGroupName
Jenis: String
Position: Named
Nilai default: None
Diperlukan: True
Terima input alur: True
Terima karakter wildcard: False
-Tag
Pasangan kunci-nilai dalam bentuk tabel hash. Misalnya: @{key0="value0"; key1=$null; key2="value2"}
Jenis: Hashtable
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: True
Terima karakter wildcard: False
-VpnClientAddressPool
Jenis: List<T> [ String ]
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: True
Terima karakter wildcard: False
-VpnClientIpsecPolicy
Daftar kebijakan IPSec untuk protokol penerowongan klien VPN P2S.
Jenis: List<T> [ PSIpsecPolicy ]
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: True
Terima karakter wildcard: False
-VpnClientProtocol
Daftar protokol penerowongan klien VPN P2S
Jenis: List<T> [ String ]
Nilai yang diterima: SSTP, IkeV2, OpenVPN
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: True
Terima karakter wildcard: False
-VpnClientRevokedCertificates
-VpnClientRootCertificates
-VpnType
Jenis: String
Nilai yang diterima: PolicyBased, RouteBased
Position: Named
Nilai default: None
Diperlukan: False
Terima input alur: True
Terima karakter wildcard: False
-WhatIf
Menunjukkan apa yang akan terjadi jika cmdlet berjalan.
Cmdlet tidak dijalankan.
Jenis: SwitchParameter
Alias: wi
Position: Named
Nilai default: False
Diperlukan: False
Terima input alur: False
Terima karakter wildcard: False
String
List<T> [ [ Microsoft.Azure.Commands.Network.Models.PSVirtualNetworkGatewayIpConfiguration, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null ] ]
Boolean
PSLocalNetworkGateway
List<T> [ [ System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 ] ]
List<T> [ [ Microsoft.Azure.Commands.Network.Models.PSVpnClientRootCertificate, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null ] ]
List<T> [ [ Microsoft.Azure.Commands.Network.Models.PSVpnClientRevokedCertificate, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null ] ]
List<T> [ [ Microsoft.Azure.Commands.Network.Models.PSIpsecPolicy, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null ] ]
UInt32
Int32
Hashtable
SecureString
Output
PSVirtualNetworkGateway