New-AzureRmVirtualNetworkGateway

Módulo:

AzureRM.Network

Cria um Gateway de Rede Virtual

Aviso

O módulo do PowerShell do AzureRM foi oficialmente preterido em 29 de fevereiro de 2024. Os usuários são aconselhados a migrar do AzureRM para o módulo do Az PowerShell para garantir o suporte e as atualizações contínuas.

Embora o módulo AzureRM ainda possa funcionar, ele não é mais mantido ou suportado, colocando qualquer uso contínuo a critério e risco do usuário. Consulte nossos recursos de migração para obter diretrizes sobre a transição para o módulo Az.

Syntax

New-AzureRmVirtualNetworkGateway
   -Name <String>
   -ResourceGroupName <String>
   -Location <String>
   [-IpConfigurations <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVirtualNetworkGatewayIpConfiguration]>]
   [-GatewayType <String>]
   [-VpnType <String>]
   [-EnableBgp <Boolean>]
   [-EnableActiveActiveFeature]
   [-GatewaySku <String>]
   [-GatewayDefaultSite <PSLocalNetworkGateway>]
   [-VpnClientAddressPool <System.Collections.Generic.List`1[System.String]>]
   [-VpnClientProtocol <System.Collections.Generic.List`1[System.String]>]
   [-VpnClientRootCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRootCertificate]>]
   [-VpnClientRevokedCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRevokedCertificate]>]
   [-VpnClientIpsecPolicy <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSIpsecPolicy]>]
   [-Asn <UInt32>]
   [-PeerWeight <Int32>]
   [-Tag <Hashtable>]
   [-Force]
   [-AsJob]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

New-AzureRmVirtualNetworkGateway
   -Name <String>
   -ResourceGroupName <String>
   -Location <String>
   [-IpConfigurations <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVirtualNetworkGatewayIpConfiguration]>]
   [-GatewayType <String>]
   [-VpnType <String>]
   [-EnableBgp <Boolean>]
   [-EnableActiveActiveFeature]
   [-GatewaySku <String>]
   [-GatewayDefaultSite <PSLocalNetworkGateway>]
   [-VpnClientAddressPool <System.Collections.Generic.List`1[System.String]>]
   [-VpnClientProtocol <System.Collections.Generic.List`1[System.String]>]
   [-VpnClientRootCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRootCertificate]>]
   [-VpnClientRevokedCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRevokedCertificate]>]
   [-VpnClientIpsecPolicy <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSIpsecPolicy]>]
   [-Asn <UInt32>]
   [-PeerWeight <Int32>]
   [-Tag <Hashtable>]
   [-Force]
   -RadiusServerAddress <String>
   -RadiusServerSecret <SecureString>
   [-AsJob]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

O Gateway de Rede Virtual é o objeto que representa seu gateway no Azure. O cmdlet New-AzureRmVirtualNetworkGateway cria o objeto do seu gateway no Azure com base no Nome, Nome do Grupo de Recursos, Local e Configuração de IP, bem como no Tipo de Gateway e, se VPN, no Tipo de VPN. Você também pode nomear o SKU do Gateway. Se esse Gateway estiver sendo usado para conexões Ponto a Site, você também precisará incluir o Pool de Endereços de Cliente VPN a partir do qual atribuir endereços aos clientes que se conectam e o Certificado Raiz do Cliente VPN usado para autenticar clientes VPN que se conectam ao Gateway. Você também pode optar por incluir outros recursos, como BGP e Active-Active.

Exemplos

1: Criar um gateway de rede virtual

New-AzureRmResourceGroup -Location "UK West" -Name "vnet-gateway"
$subnet = New-AzureRMVirtualNetworkSubnetConfig -Name 'gatewaysubnet' -AddressPrefix '10.254.0.0/27'

$ngwpip = New-AzureRMPublicIpAddress -Name ngwpip -ResourceGroupName "vnet-gateway" -Location "UK West" -AllocationMethod Dynamic
$vnet = New-AzureRmVirtualNetwork -AddressPrefix "10.254.0.0/27" -Location "UK West" -Name vnet-gateway -ResourceGroupName "vnet-gateway" -Subnet $subnet
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -name 'gatewaysubnet' -VirtualNetwork $vnet
$ngwipconfig = New-AzureRMVirtualNetworkGatewayIpConfig -Name ngwipconfig -SubnetId $subnet.Id -PublicIpAddressId $ngwpip.Id

New-AzureRmVirtualNetworkGateway -Name myNGW -ResourceGroupName vnet-gateway -Location "UK West" -IpConfigurations $ngwIpConfig  -GatewayType "Vpn" -VpnType "RouteBased" -GatewaySku "Basic"

O acima criará um grupo de recursos, solicitará um Endereço IP Público, criará uma Rede Virtual e uma sub-rede e criará um Gateway de Rede Virtual no Azure. O gateway será chamado de "myNGW" dentro do grupo de recursos "vnet-gateway" no local "UK West" com as configurações de IP criadas anteriormente salvas na variável "ngwIPConfig", no tipo de gateway de "VPN", no tipo de vpn "RouteBased" e no sku "Basic".

2: Criar um gateway de rede virtual com configuração de raio externo

New-AzureRmResourceGroup -Location "UK West" -Name "vnet-gateway"
New-AzureRMVirtualNetworkSubnetConfig -Name 'gatewaysubnet' -AddressPrefix '10.254.0.0/27'

$ngwpip = New-AzureRMPublicIpAddress -Name ngwpip -ResourceGroupName "vnet-gateway" -Location "UK West" -AllocationMethod Dynamic
$vnet = New-AzureRmVirtualNetwork -AddressPrefix "10.254.0.0/27" -Location "UK West" -Name vnet-gateway -ResourceGroupName "vnet-gateway" -Subnet $subnet
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -name 'gatewaysubnet' -VirtualNetwork $vnet
$ngwipconfig = New-AzureRMVirtualNetworkGatewayIpConfig -Name ngwipconfig -SubnetId $subnet.Id -PublicIpAddressId $ngwpip.Id
$Secure_String_Pwd = ConvertTo-SecureString "TestRadiusServerPassword" -AsPlainText -Force

New-AzureRmVirtualNetworkGateway -Name myNGW -ResourceGroupName vnet-gateway -Location "UK West" -IpConfigurations $ngwIpConfig  -GatewayType "Vpn" -VpnType "RouteBased" -GatewaySku "Basic" -RadiusServerAddress "TestRadiusServer" -RadiusServerSecret $Secure_String_Pwd

O acima criará um grupo de recursos, solicitará um Endereço IP Público, criará uma Rede Virtual e uma sub-rede e criará um Gateway de Rede Virtual no Azure. O gateway será chamado de "myNGW" dentro do grupo de recursos "vnet-gateway" no local "UK West" com as configurações de IP criadas anteriormente salvas na variável "ngwIPConfig", no tipo de gateway de "VPN", no tipo de vpn "RouteBased" e no sku "Basic". Ele também adiciona um servidor radius externo com endereço "TestRadiusServer"

1: Criar um gateway de rede virtual com configurações P2S

New-AzureRmResourceGroup -Location "UK West" -Name "vnet-gateway"
$subnet = New-AzureRMVirtualNetworkSubnetConfig -Name 'gatewaysubnet' -AddressPrefix '10.254.0.0/27'

$ngwpip = New-AzureRMPublicIpAddress -Name ngwpip -ResourceGroupName "vnet-gateway" -Location "UK West" -AllocationMethod Dynamic
$vnet = New-AzureRmVirtualNetwork -AddressPrefix "10.254.0.0/27" -Location "UK West" -Name vnet-gateway -ResourceGroupName "vnet-gateway" -Subnet $subnet
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -name 'gatewaysubnet' -VirtualNetwork $vnet
$ngwipconfig = New-AzureRMVirtualNetworkGatewayIpConfig -Name ngwipconfig -SubnetId $subnet.Id -PublicIpAddressId $ngwpip.Id
$rootCert = New-AzureRmVpnClientRootCertificate -Name $clientRootCertName -PublicCertData $samplePublicCertData
$vpnclientipsecpolicy = New-AzureRmVpnClientIpsecPolicy -IpsecEncryption AES256 -IpsecIntegrity SHA256 -SALifeTimeSeconds 86471 -SADataSizeKilobytes 429496 -IkeEncryption AES256 -IkeIntegrity SHA384 -DhGroup DHGroup2 -PfsGroup PFS2

New-AzureRmVirtualNetworkGateway -Name myNGW -ResourceGroupName vnet-gateway -Location "UK West" -IpConfigurations $ngwIpConfig  -GatewayType "Vpn" -VpnType "RouteBased" -GatewaySku "VpnGw1" -VpnClientProtocol IkeV2 -VpnClientAddressPool 201.169.0.0/16 -VpnClientRootCertificates $rootCert -VpnClientIpsecPolicy $vpnclientipsecpolicy

O acima criará um grupo de recursos, solicitará um Endereço IP Público, criará uma Rede Virtual e uma sub-rede e criará um Gateway de Rede Virtual com configurações P2S, por exemplo, VpnProtocol, VpnClientAddressPool, VpnClientRootCertificates, VpnClientIpsecPolicy etc. no Azure. O gateway será chamado de "myNGW" dentro do grupo de recursos "vnet-gateway" no local "UK West" com as configurações de IP criadas anteriormente salvas na variável "ngwIPConfig", no tipo de gateway de "VPN", no tipo vpn "RouteBased" e no sku "VpnGw1". As configurações de VPN serão definidas no Gateway, como VpnProtocol definido como Ikev2, VpnClientAddressPool como "201.169.0.0/16", VpnClientRootCertificate definido como passado um: clientRootCertName e política vpn ipsec personalizada passada em object:$vpnclientipsecpolicy

Parâmetros

-AsJob

Executar cmdlet em segundo plano

Type:	SwitchParameter
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-Asn

Type:	UInt32
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-Confirm

Solicita sua confirmação antes de executar o cmdlet.

Type:	SwitchParameter
Aliases:	cf
Position:	Named
Default value:	False
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-DefaultProfile

As credenciais, a conta, o locatário e a assinatura usados para comunicação com o azure.

Type:	IAzureContextContainer
Aliases:	AzureRmContext, AzureCredential
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-EnableActiveActiveFeature

Habilita o recurso ativo-ativo.

Type:	SwitchParameter
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-EnableBgp

Type:	Boolean
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-Force

Força o comando a ser executado sem solicitar a confirmação do usuário.

Type:	SwitchParameter
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-GatewayDefaultSite

Type:	PSLocalNetworkGateway
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-GatewaySku

Type:	String
Accepted values:	Basic, Standard, HighPerformance, UltraPerformance, VpnGw1, VpnGw2, VpnGw3, VpnGw1AZ, VpnGw2AZ, VpnGw3AZ, ErGw1AZ, ErGw2AZ, ErGw3AZ
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-GatewayType

Type:	String
Accepted values:	Vpn, ExpressRoute
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-IpConfigurations

Type:	List<T>[PSVirtualNetworkGatewayIpConfiguration]
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-Location

Type:	String
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-Name

Type:	String
Aliases:	ResourceName
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-PeerWeight

Type:	Int32
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-RadiusServerAddress

Endereço do servidor Radius externo P2S.

Type:	String
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-RadiusServerSecret

Segredo do servidor Radius externo P2S.

Type:	SecureString
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-ResourceGroupName

Type:	String
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-Tag

Pares chave-valor na forma de uma tabela de hash. Por exemplo: @{key0="value0"; chave1=$null; key2="valor2"}

Type:	Hashtable
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-VpnClientAddressPool

Type:	List<T>[String]
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-VpnClientIpsecPolicy

Uma lista de diretivas IPSec para protocolos de encapsulamento de cliente VPN P2S.

Type:	List<T>[PSIpsecPolicy]
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-VpnClientProtocol

A lista de protocolos de encapsulamento de cliente VPN P2S

Type:	List<T>[String]
Accepted values:	SSTP, IkeV2, OpenVPN
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-VpnClientRevokedCertificates

Type:	List<T>[PSVpnClientRevokedCertificate]
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-VpnClientRootCertificates

Type:	List<T>[PSVpnClientRootCertificate]
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-VpnType

Type:	String
Accepted values:	PolicyBased, RouteBased
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False

-WhatIf

Mostra o que aconteceria se o cmdlet fosse executado. O cmdlet não é executado.

Type:	SwitchParameter
Aliases:	wi
Position:	Named
Default value:	False
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

Entradas

String

List<T>[[Microsoft.Azure.Commands.Network.Models.PSVirtualNetworkGatewayIpConfiguration, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

Boolean

PSLocalNetworkGateway

List<T>[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSVpnClientRootCertificate, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSVpnClientRevokedCertificate, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSIpsecPolicy, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

UInt32

Int32

Hashtable

SecureString

Saídas

PSVirtualNetworkGateway

Links Relacionados

• Get-AzureRmVirtualNetworkGateway
• Remove-AzureRmVirtualNetworkGateway
• Reset-AzureRmVirtualNetworkGateway
• Resize-AzureRmVirtualNetworkGateway
• Set-AzureRmVirtualNetworkGateway