New-AzureRmVirtualNetworkGateway

Modul:

AzureRM.Network

Membuat gateway Microsoft Azure Virtual Network

Peringatan

Modul AzureRM PowerShell telah resmi tidak digunakan lagi per 29 Februari 2024. Pengguna disarankan untuk bermigrasi dari AzureRM ke modul Az PowerShell untuk memastikan dukungan dan pembaruan yang berkelanjutan.

Meskipun modul AzureRM mungkin masih berfungsi, modul tersebut tidak lagi dipertahankan atau didukung, menempatkan penggunaan berkelanjutan berdasarkan kebijaksanaan dan risiko pengguna. Silakan merujuk ke sumber daya migrasi kami untuk panduan tentang transisi ke modul Az.

Sintaks

New-AzureRmVirtualNetworkGateway
   -Name <String>
   -ResourceGroupName <String>
   -Location <String>
   [-IpConfigurations <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVirtualNetworkGatewayIpConfiguration]>]
   [-GatewayType <String>]
   [-VpnType <String>]
   [-EnableBgp <Boolean>]
   [-EnableActiveActiveFeature]
   [-GatewaySku <String>]
   [-GatewayDefaultSite <PSLocalNetworkGateway>]
   [-VpnClientAddressPool <System.Collections.Generic.List`1[System.String]>]
   [-VpnClientProtocol <System.Collections.Generic.List`1[System.String]>]
   [-VpnClientRootCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRootCertificate]>]
   [-VpnClientRevokedCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRevokedCertificate]>]
   [-VpnClientIpsecPolicy <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSIpsecPolicy]>]
   [-Asn <UInt32>]
   [-PeerWeight <Int32>]
   [-Tag <Hashtable>]
   [-Force]
   [-AsJob]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

New-AzureRmVirtualNetworkGateway
   -Name <String>
   -ResourceGroupName <String>
   -Location <String>
   [-IpConfigurations <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVirtualNetworkGatewayIpConfiguration]>]
   [-GatewayType <String>]
   [-VpnType <String>]
   [-EnableBgp <Boolean>]
   [-EnableActiveActiveFeature]
   [-GatewaySku <String>]
   [-GatewayDefaultSite <PSLocalNetworkGateway>]
   [-VpnClientAddressPool <System.Collections.Generic.List`1[System.String]>]
   [-VpnClientProtocol <System.Collections.Generic.List`1[System.String]>]
   [-VpnClientRootCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRootCertificate]>]
   [-VpnClientRevokedCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRevokedCertificate]>]
   [-VpnClientIpsecPolicy <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSIpsecPolicy]>]
   [-Asn <UInt32>]
   [-PeerWeight <Int32>]
   [-Tag <Hashtable>]
   [-Force]
   -RadiusServerAddress <String>
   -RadiusServerSecret <SecureString>
   [-AsJob]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Deskripsi

Gateway Virtual Network adalah objek yang mewakili gateway Anda di Azure. Cmdlet New-AzureRmVirtualNetworkGateway membuat objek gateway Anda di Azure berdasarkan konfigurasi Nama, Nama Grup Sumber Daya, Lokasi, dan IP, serta Jenis Gateway dan jika VPN, Jenis VPN. Anda juga dapat memberi nama SKU Gateway. Jika Gateway ini digunakan untuk koneksi Titik-ke-Situs, Anda juga harus menyertakan Kumpulan Alamat Klien VPN tempat menetapkan alamat untuk menghubungkan klien dan Sertifikat Akar Klien VPN yang digunakan untuk mengautentikasi klien VPN yang tersambung ke Gateway. Anda juga dapat memilih untuk menyertakan fitur lain seperti BGP dan Active-Active.

Contoh

1: Membuat Gateway Virtual Network

New-AzureRmResourceGroup -Location "UK West" -Name "vnet-gateway"
$subnet = New-AzureRMVirtualNetworkSubnetConfig -Name 'gatewaysubnet' -AddressPrefix '10.254.0.0/27'

$ngwpip = New-AzureRMPublicIpAddress -Name ngwpip -ResourceGroupName "vnet-gateway" -Location "UK West" -AllocationMethod Dynamic
$vnet = New-AzureRmVirtualNetwork -AddressPrefix "10.254.0.0/27" -Location "UK West" -Name vnet-gateway -ResourceGroupName "vnet-gateway" -Subnet $subnet
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -name 'gatewaysubnet' -VirtualNetwork $vnet
$ngwipconfig = New-AzureRMVirtualNetworkGatewayIpConfig -Name ngwipconfig -SubnetId $subnet.Id -PublicIpAddressId $ngwpip.Id

New-AzureRmVirtualNetworkGateway -Name myNGW -ResourceGroupName vnet-gateway -Location "UK West" -IpConfigurations $ngwIpConfig  -GatewayType "Vpn" -VpnType "RouteBased" -GatewaySku "Basic"

Di atas akan membuat grup sumber daya, meminta Alamat IP Publik, membuat Jaringan Virtual dan subnet dan membuat Gateway Virtual Network di Azure. Gateway akan disebut "myNGW" dalam grup sumber daya "vnet-gateway" di lokasi "UK Barat" dengan konfigurasi IP yang dibuat sebelumnya disimpan dalam variabel "ngwIPConfig," jenis gateway "VPN," jenis vpn "RouteBased," dan sku "Basic."

2: Membuat Gateway Virtual Network dengan Konfigurasi Radius Eksternal

New-AzureRmResourceGroup -Location "UK West" -Name "vnet-gateway"
New-AzureRMVirtualNetworkSubnetConfig -Name 'gatewaysubnet' -AddressPrefix '10.254.0.0/27'

$ngwpip = New-AzureRMPublicIpAddress -Name ngwpip -ResourceGroupName "vnet-gateway" -Location "UK West" -AllocationMethod Dynamic
$vnet = New-AzureRmVirtualNetwork -AddressPrefix "10.254.0.0/27" -Location "UK West" -Name vnet-gateway -ResourceGroupName "vnet-gateway" -Subnet $subnet
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -name 'gatewaysubnet' -VirtualNetwork $vnet
$ngwipconfig = New-AzureRMVirtualNetworkGatewayIpConfig -Name ngwipconfig -SubnetId $subnet.Id -PublicIpAddressId $ngwpip.Id
$Secure_String_Pwd = ConvertTo-SecureString "TestRadiusServerPassword" -AsPlainText -Force

New-AzureRmVirtualNetworkGateway -Name myNGW -ResourceGroupName vnet-gateway -Location "UK West" -IpConfigurations $ngwIpConfig  -GatewayType "Vpn" -VpnType "RouteBased" -GatewaySku "Basic" -RadiusServerAddress "TestRadiusServer" -RadiusServerSecret $Secure_String_Pwd

Di atas akan membuat grup sumber daya, meminta Alamat IP Publik, membuat Jaringan Virtual dan subnet dan membuat Gateway Virtual Network di Azure. Gateway akan disebut "myNGW" dalam grup sumber daya "vnet-gateway" di lokasi "UK Barat" dengan konfigurasi IP yang dibuat sebelumnya disimpan dalam variabel "ngwIPConfig," jenis gateway "VPN," jenis vpn "RouteBased," dan sku "Basic." Ini juga menambahkan server radius eksternal dengan alamat "TestRadiusServer"

1: Membuat Gateway Virtual Network dengan pengaturan P2S

New-AzureRmResourceGroup -Location "UK West" -Name "vnet-gateway"
$subnet = New-AzureRMVirtualNetworkSubnetConfig -Name 'gatewaysubnet' -AddressPrefix '10.254.0.0/27'

$ngwpip = New-AzureRMPublicIpAddress -Name ngwpip -ResourceGroupName "vnet-gateway" -Location "UK West" -AllocationMethod Dynamic
$vnet = New-AzureRmVirtualNetwork -AddressPrefix "10.254.0.0/27" -Location "UK West" -Name vnet-gateway -ResourceGroupName "vnet-gateway" -Subnet $subnet
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -name 'gatewaysubnet' -VirtualNetwork $vnet
$ngwipconfig = New-AzureRMVirtualNetworkGatewayIpConfig -Name ngwipconfig -SubnetId $subnet.Id -PublicIpAddressId $ngwpip.Id
$rootCert = New-AzureRmVpnClientRootCertificate -Name $clientRootCertName -PublicCertData $samplePublicCertData
$vpnclientipsecpolicy = New-AzureRmVpnClientIpsecPolicy -IpsecEncryption AES256 -IpsecIntegrity SHA256 -SALifeTimeSeconds 86471 -SADataSizeKilobytes 429496 -IkeEncryption AES256 -IkeIntegrity SHA384 -DhGroup DHGroup2 -PfsGroup PFS2

New-AzureRmVirtualNetworkGateway -Name myNGW -ResourceGroupName vnet-gateway -Location "UK West" -IpConfigurations $ngwIpConfig  -GatewayType "Vpn" -VpnType "RouteBased" -GatewaySku "VpnGw1" -VpnClientProtocol IkeV2 -VpnClientAddressPool 201.169.0.0/16 -VpnClientRootCertificates $rootCert -VpnClientIpsecPolicy $vpnclientipsecpolicy

Di atas akan membuat grup sumber daya, meminta Alamat IP Publik, membuat Jaringan Virtual dan subnet dan membuat Gateway Jaringan Virtual dengan pengaturan P2S misalnya VpnProtocol,VpnClientAddressPool,VpnClientRootCertificates,VpnClientIpsecPolicy dll di Azure. Gateway akan disebut "myNGW" dalam grup sumber daya "vnet-gateway" di lokasi "UK Barat" dengan konfigurasi IP yang dibuat sebelumnya disimpan dalam variabel "ngwIPConfig," jenis gateway "VPN," jenis vpn "RouteBased," dan sku "VpnGw1." Pengaturan vpn akan diatur di Gateway seperti VpnProtocol yang ditetapkan sebagai Ikev2, VpnClientAddressPool sebagai "201.169.0.0/16", VpnClientRootCertificate ditetapkan sebagai lulus satu: clientRootCertName dan kebijakan ipsec vpn kustom yang diteruskan dalam objek:$vpnclientipsecpolicy

Parameter

-AsJob

Jalankan cmdlet di latar belakang

Jenis:	SwitchParameter
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	False
Terima karakter wildcard:	False

-Asn

Jenis:	UInt32
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	True
Terima karakter wildcard:	False

-Confirm

Meminta Anda mengonfirmasi sebelum menjalankan cmdlet.

Jenis:	SwitchParameter
Alias:	cf
Position:	Named
Nilai default:	False
Diperlukan:	False
Terima input alur:	False
Terima karakter wildcard:	False

-DefaultProfile

Kredensial, akun, penyewa, dan langganan yang digunakan untuk komunikasi dengan azure.

Jenis:	IAzureContextContainer
Alias:	AzureRmContext, AzureCredential
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	False
Terima karakter wildcard:	False

-EnableActiveActiveFeature

Mengaktifkan fitur aktif-aktif.

Jenis:	SwitchParameter
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	False
Terima karakter wildcard:	False

-EnableBgp

Jenis:	Boolean
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	True
Terima karakter wildcard:	False

-Force

Memaksa perintah untuk dijalankan tanpa meminta konfirmasi pengguna.

Jenis:	SwitchParameter
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	False
Terima karakter wildcard:	False

-GatewayDefaultSite

Jenis:	PSLocalNetworkGateway
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	True
Terima karakter wildcard:	False

-GatewaySku

Jenis:	String
Nilai yang diterima:	Basic, Standard, HighPerformance, UltraPerformance, VpnGw1, VpnGw2, VpnGw3, VpnGw1AZ, VpnGw2AZ, VpnGw3AZ, ErGw1AZ, ErGw2AZ, ErGw3AZ
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	True
Terima karakter wildcard:	False

-GatewayType

Jenis:	String
Nilai yang diterima:	Vpn, ExpressRoute
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	True
Terima karakter wildcard:	False

-IpConfigurations

Jenis:	List<T>[PSVirtualNetworkGatewayIpConfiguration]
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	True
Terima karakter wildcard:	False

-Location

Jenis:	String
Position:	Named
Nilai default:	None
Diperlukan:	True
Terima input alur:	True
Terima karakter wildcard:	False

-Name

Jenis:	String
Alias:	ResourceName
Position:	Named
Nilai default:	None
Diperlukan:	True
Terima input alur:	True
Terima karakter wildcard:	False

-PeerWeight

Jenis:	Int32
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	True
Terima karakter wildcard:	False

-RadiusServerAddress

Alamat server Radius Eksternal P2S.

Jenis:	String
Position:	Named
Nilai default:	None
Diperlukan:	True
Terima input alur:	True
Terima karakter wildcard:	False

-RadiusServerSecret

Rahasia server Radius Eksternal P2S.

Jenis:	SecureString
Position:	Named
Nilai default:	None
Diperlukan:	True
Terima input alur:	True
Terima karakter wildcard:	False

-ResourceGroupName

Jenis:	String
Position:	Named
Nilai default:	None
Diperlukan:	True
Terima input alur:	True
Terima karakter wildcard:	False

-Tag

Pasangan kunci-nilai dalam bentuk tabel hash. Misalnya: @{key0="value0"; key1=$null; key2="value2"}

Jenis:	Hashtable
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	True
Terima karakter wildcard:	False

-VpnClientAddressPool

Jenis:	List<T>[String]
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	True
Terima karakter wildcard:	False

-VpnClientIpsecPolicy

Daftar kebijakan IPSec untuk protokol penerowongan klien VPN P2S.

Jenis:	List<T>[PSIpsecPolicy]
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	True
Terima karakter wildcard:	False

-VpnClientProtocol

Daftar protokol penerowongan klien VPN P2S

Jenis:	List<T>[String]
Nilai yang diterima:	SSTP, IkeV2, OpenVPN
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	True
Terima karakter wildcard:	False

-VpnClientRevokedCertificates

Jenis:	List<T>[PSVpnClientRevokedCertificate]
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	True
Terima karakter wildcard:	False

-VpnClientRootCertificates

Jenis:	List<T>[PSVpnClientRootCertificate]
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	True
Terima karakter wildcard:	False

-VpnType

Jenis:	String
Nilai yang diterima:	PolicyBased, RouteBased
Position:	Named
Nilai default:	None
Diperlukan:	False
Terima input alur:	True
Terima karakter wildcard:	False

-WhatIf

Menunjukkan apa yang akan terjadi jika cmdlet berjalan. Cmdlet tidak dijalankan.

Jenis:	SwitchParameter
Alias:	wi
Position:	Named
Nilai default:	False
Diperlukan:	False
Terima input alur:	False
Terima karakter wildcard:	False

Input

String

List<T>[[Microsoft.Azure.Commands.Network.Models.PSVirtualNetworkGatewayIpConfiguration, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

Boolean

PSLocalNetworkGateway

List<T>[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSVpnClientRootCertificate, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSVpnClientRevokedCertificate, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSIpsecPolicy, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

UInt32

Int32

Hashtable

SecureString

Output

PSVirtualNetworkGateway

Link Terkait

• Get-AzureRmVirtualNetworkGateway
• Remove-AzureRmVirtualNetworkGateway
• Reset-AzureRmVirtualNetworkGateway
• Mengubah ukuran-AzureRmVirtualNetworkGateway
• Set-AzureRmVirtualNetworkGateway