Set-AzVirtualNetworkGateway
Uppdateringar en virtuell nätverksgateway.
Syntax
Set-AzVirtualNetworkGateway
-VirtualNetworkGateway <PSVirtualNetworkGateway>
[-GatewaySku <String>]
[-GatewayDefaultSite <PSLocalNetworkGateway>]
[-VpnClientAddressPool <String[]>]
[-VpnClientProtocol <String[]>]
[-VpnAuthenticationType <String[]>]
[-VpnClientRootCertificates <PSVpnClientRootCertificate[]>]
[-VpnClientRevokedCertificates <PSVpnClientRevokedCertificate[]>]
[-VpnClientIpsecPolicy <PSIpsecPolicy[]>]
[-Asn <UInt32>]
[-PeerWeight <Int32>]
[-MinScaleUnit <Int32>]
[-MaxScaleUnit <Int32>]
[-IpConfigurationBgpPeeringAddresses <PSIpConfigurationBgpPeeringAddress[]>]
[-EnableActiveActiveFeature]
[-EnablePrivateIpAddress <Boolean>]
[-DisableActiveActiveFeature]
[-RadiusServerAddress <String>]
[-RadiusServerSecret <SecureString>]
[-RadiusServerList <PSRadiusServer[]>]
[-AadTenantUri <String>]
[-AadAudienceId <String>]
[-AadIssuerUri <String>]
[-RemoveAadAuthentication]
[-CustomRoute <String[]>]
[-NatRule <PSVirtualNetworkGatewayNatRule[]>]
[-BgpRouteTranslationForNat <Boolean>]
[-VirtualNetworkGatewayPolicyGroup <PSVirtualNetworkGatewayPolicyGroup[]>]
[-ClientConnectionConfiguration <PSClientConnectionConfiguration[]>]
[-AdminState <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Set-AzVirtualNetworkGateway
-VirtualNetworkGateway <PSVirtualNetworkGateway>
[-GatewaySku <String>]
[-GatewayDefaultSite <PSLocalNetworkGateway>]
[-VpnClientAddressPool <String[]>]
[-VpnClientProtocol <String[]>]
[-VpnAuthenticationType <String[]>]
[-VpnClientRootCertificates <PSVpnClientRootCertificate[]>]
[-VpnClientRevokedCertificates <PSVpnClientRevokedCertificate[]>]
[-VpnClientIpsecPolicy <PSIpsecPolicy[]>]
[-Asn <UInt32>]
[-PeerWeight <Int32>]
[-IpConfigurationBgpPeeringAddresses <PSIpConfigurationBgpPeeringAddress[]>]
[-EnableActiveActiveFeature]
[-EnablePrivateIpAddress <Boolean>]
[-DisableActiveActiveFeature]
[-RadiusServerAddress <String>]
[-RadiusServerSecret <SecureString>]
[-RadiusServerList <PSRadiusServer[]>]
[-AadTenantUri <String>]
[-AadAudienceId <String>]
[-AadIssuerUri <String>]
[-RemoveAadAuthentication]
[-CustomRoute <String[]>]
[-NatRule <PSVirtualNetworkGatewayNatRule[]>]
[-BgpRouteTranslationForNat <Boolean>]
[-VirtualNetworkGatewayPolicyGroup <PSVirtualNetworkGatewayPolicyGroup[]>]
[-ClientConnectionConfiguration <PSClientConnectionConfiguration[]>]
-Tag <Hashtable>
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Cmdleten Set-AzVirtualNetworkGateway uppdaterar en virtuell nätverksgateway.
Exempel
Exempel 1: Uppdatera asn för en virtuell nätverksgateway
$Gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -Asn 1337
Det första kommandot hämtar en virtuell nätverksgateway med namnet Gateway01 som tillhör resursgruppen ResourceGroup001 och lagrar den till variabeln med namnet $Gateway Det andra kommandot uppdaterar den virtuella nätverksgatewayen som lagras i variabeln $Gateway. Kommandot anger även ASN till 1337.
Exempel 2: Lägg till IPsec-princip till en virtuell nätverksgateway
$Gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
$vpnclientipsecpolicy = New-AzVpnClientIpsecPolicy -IpsecEncryption AES256 -IpsecIntegrity SHA256 -SALifeTime 86472 -SADataSize 429497 -IkeEncryption AES256 -IkeIntegrity SHA256 -DhGroup DHGroup2 -PfsGroup None
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -VpnClientIpsecPolicy $vpnclientipsecpolicy
Det första kommandot hämtar en virtuell nätverksgateway med namnet Gateway01 som tillhör resursgruppen ResourceGroup001 och lagrar den till variabeln med namnet $Gateway Det andra kommandot skapar vpn ipsec-principobjektet enligt angivna ipsec-parametrar. Det tredje kommandot uppdaterar den virtuella nätverksgatewayen som lagras i variabeln $Gateway. Kommandot anger också den anpassade vpn ipsec-principen som anges i $vpnclientipsecpolicy-objektet på virtuell nätverksgateway.
Exempel 3: Lägga till/uppdatera taggar till en befintlig virtuell nätverksgateway
$Gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -Tag @{ testtagKey="SomeTagKey"; testtagValue="SomeKeyValue" }
Name : Gateway001
ResourceGroupName : ResourceGroup001
Location : westus
Id : /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001
Etag : W/"00000000-0000-0000-0000-000000000000"
ResourceGuid : 00000000-0000-0000-0000-000000000000
ProvisioningState : Succeeded
Tags :
Name Value
============ ============
testtagValue SomeKeyValue
testtagKey SomeTagKey
IpConfigurations : [
{
"PrivateIpAllocationMethod": "Dynamic",
"Subnet": {
"Id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworks/MyVnet/subnets/GatewaySubnet"
},
"PublicIpAddress": {
"Id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/publicIPAddresses/Gateway001Ip"
},
"Name": "vng1ipConfig",
"Etag": "W/\"00000000-0000-0000-0000-000000000000\"",
"Id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/Gateway001IpConfig"
}
]
GatewayType : Vpn
VpnType : RouteBased
EnableBgp : False
ActiveActive : False
GatewayDefaultSite : null
Sku : {
"Capacity": 2,
"Name": "VpnGw1",
"Tier": "VpnGw1"
}
VpnClientConfiguration : null
BgpSettings : {
"Asn": 65515,
"BgpPeeringAddress": "1.2.3.4",
"PeerWeight": 0
}
Det första kommandot hämtar en virtuell nätverksgateway med namnet Gateway01 som tillhör resursgruppen ResourceGroup001 och lagrar den till variabeln med namnet $Gateway Det andra kommandot uppdaterar den virtuella nätverksgatewayen Gateway01 med taggarna @{ testtagKey="SomeTagKey"; testtagValue="SomeKeyValue" }.
Exempel 4: Lägga till/uppdatera AAD-autentiseringskonfiguration för VpnClient för en befintlig virtuell nätverksgateway
$Gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -AadTenantUri "https://login.microsoftonline.com/0ab2c4f4-81e6-44cc-a0b2-b3a47a1443f4" -AadIssuerUri "https://sts.windows.net/0ab2c4f4-81e6-44cc-a0b2-b3a47a1443f4/" -AadAudienceId "a21fce82-76af-45e6-8583-a08cb3b956f9"
Name : Gateway001
ResourceGroupName : ResourceGroup001
Location : westus
Id : /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001
Etag : W/"00000000-0000-0000-0000-000000000000"
ResourceGuid : 00000000-0000-0000-0000-000000000000
ProvisioningState : Succeeded
Tags :
Name Value
============ ============
testtagValue SomeKeyValue
testtagKey SomeTagKey
IpConfigurations : [
{
"PrivateIpAllocationMethod": "Dynamic",
"Subnet": {
"Id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworks/MyVnet/subnets/GatewaySubnet"
},
"PublicIpAddress": {
"Id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/publicIPAddresses/Gateway001Ip"
},
"Name": "vng1ipConfig",
"Etag": "W/\"00000000-0000-0000-0000-000000000000\"",
"Id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/Gateway001IpConfig"
}
]
GatewayType : Vpn
VpnType : RouteBased
EnableBgp : False
ActiveActive : False
GatewayDefaultSite : null
Sku : {
"Capacity": 2,
"Name": "VpnGw1",
"Tier": "VpnGw1"
}
vpnClientConfiguration : {
"vpnClientProtocols": [
"OpenVPN"
],
"vpnClientAddressPool": {
"addressPrefixes": [
"101.10.0.0/16"
]
},
"vpnClientRootCertificates": "",
"vpnClientRevokedCertificates": "",
"radiusServerAddress": "",
"radiusServerSecret": "",
"aadTenantUri": "https://login.microsoftonline.com/0ab2c4f4-81e6-44cc-a0b2-b3a47a1443f4\",
"aadAudienceId": "a21fce82-76af-45e6-8583-a08cb3b956g9\",
"aadIssuerUri": "https://sts.windows.net/0ab2c4f4-81e6-44cc-a0b2-b3a47a1443f4/\"
},
BgpSettings : {
"Asn": 65515,
"BgpPeeringAddress": "1.2.3.4",
"PeerWeight": 0
}
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -VpnClientRootCertificates $rootCert -RemoveAadAuthentication
Det första kommandot hämtar en virtuell nätverksgateway med namnet Gateway01 som tillhör resursgruppen ResourceGroup001 och lagrar den till variabeln med namnet $Gateway Det andra kommandot uppdaterar den virtuella nätverksgatewayen Gateway01 med AAD-autentiseringskonfigurationerna params:aadTenantUri, aadAudienceId, aadIssuerUri för VpnClient. Det tredje kommandot tar bort AAD-autentiseringskonfigurationen från VpnClient för den virtuella nätverksgatewayen.
Exempel 5: Lägg till/uppdatera IpConfigurationBgpPeeringAddresses till en befintlig virtuell nätverksgateway
$Gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
$ipconfigurationId1 = '/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default'
$addresslist1 = @('169.254.21.25')
$gw1ipconfBgp1 = New-AzIpConfigurationBgpPeeringAddressObject -IpConfigurationId $ipconfigurationId1 -CustomAddress $addresslist1
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -IpConfigurationBgpPeeringAddresses $gw1ipconfBgp1
Name : Gateway001
ResourceGroupName : ResourceGroup001
Location : westcentralus
Id : /subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001
Etag : W/"a08f13d3-6106-44e0-9127-e35e6f9793d5"
ResourceGuid : 30993429-a1ed-42ca-9862-9156b013626e
ProvisioningState : Succeeded
Tags :
IpConfigurations : [
{
"PrivateIpAllocationMethod": "Dynamic",
"Subnet": {
"Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworks/newApipaNet/subnets/GatewaySubnet"
},
"PublicIpAddress": {
"Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/publicIPAddresses/newapipaip"
},
"Name": "default",
"Etag": "W/\"a08f13d3-6106-44e0-9127-e35e6f9793d5\"",
"Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default"
}
]
GatewayType : Vpn
VpnType : RouteBased
EnableBgp : False
ActiveActive : False
GatewayDefaultSite : null
Sku : {
"Capacity": 2,
"Name": "VpnGw1",
"Tier": "VpnGw1"
}
VpnClientConfiguration : null
BgpSettings : {
"Asn": 65515,
"BgpPeeringAddress": "10.1.255.30",
"PeerWeight": 0,
"BgpPeeringAddresses": [
{
"IpconfigurationId": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default",
"DefaultBgpIpAddresses": [
"10.1.255.30"
],
"CustomBgpIpAddresses": [
"169.254.21.55"
],
"TunnelIpAddresses": [
"13.78.146.151"
]
}
]
}
Det första kommandot hämtar en virtuell nätverksgateway med namnet Gateway01 som tillhör resursgruppen ResourceGroup001 och lagrar den till variabeln med namnet $Gateway Det andra kommandot tilldelar värdet för den virtuella nätverksgatewayen Gateway01 IpConfiguration ID till variabel ipconfigurationId1. Det tredje kommandot tilldelar adresslistan till addresslist1. Det fjärde kommandot skapade ett PSIpConfigurationBgpPeeringAddress-objekt. Det femte kommandot anger den nya skapade PSIpConfigurationBgpPeeringAddress till IpConfigurationBgpPeeringAddresses och uppdaterar gatewayen.
Exempel 6: Uppdatera/ta bort CustomAddress till en befintlig IpConfigurationBgpPeeringAddresses för virtuell nätverksgateway
$Gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
$ipconfigurationId1 = '/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default'
$addresslist1 = @()
$gw1ipconfBgp1 = New-AzIpConfigurationBgpPeeringAddressObject -IpConfigurationId $ipconfigurationId1 -CustomAddress $addresslist1
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -IpConfigurationBgpPeeringAddresses $gw1ipconfBgp1
Name : Gateway001
ResourceGroupName : ResourceGroup001
Location : westcentralus
Id : /subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001
Etag : W/"a08f13d3-6106-44e0-9127-e35e6f9793d5"
ResourceGuid : 30993429-a1ed-42ca-9862-9156b013626e
ProvisioningState : Succeeded
Tags :
IpConfigurations : [
{
"PrivateIpAllocationMethod": "Dynamic",
"Subnet": {
"Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworks/newApipaNet/subnets/GatewaySubnet"
},
"PublicIpAddress": {
"Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/publicIPAddresses/newapipaip"
},
"Name": "default",
"Etag": "W/\"a08f13d3-6106-44e0-9127-e35e6f9793d5\"",
"Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default"
}
]
GatewayType : Vpn
VpnType : RouteBased
EnableBgp : False
ActiveActive : False
GatewayDefaultSite : null
Sku : {
"Capacity": 2,
"Name": "VpnGw1",
"Tier": "VpnGw1"
}
VpnClientConfiguration : null
BgpSettings : {
"Asn": 65515,
"BgpPeeringAddress": "10.1.255.30",
"PeerWeight": 0,
"BgpPeeringAddresses": [
{
"IpconfigurationId": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default",
"DefaultBgpIpAddresses": [
"10.1.255.30"
],
"CustomBgpIpAddresses": [],
"TunnelIpAddresses": [
"13.78.146.151"
]
}
]
}
Det första kommandot hämtar en virtuell nätverksgateway med namnet Gateway01 som tillhör resursgruppen ResourceGroup001 och lagrar den till variabeln med namnet $Gateway Det andra kommandot tilldelar värdet för den virtuella nätverksgatewayen Gateway01 IpConfiguration ID till variabel ipconfigurationId1. Det tredje kommandot tilldelar adresslistan till addresslist1. Det fjärde kommandot skapade ett PSIpConfigurationBgpPeeringAddress-objekt. Det femte kommandot anger den nya skapade PSIpConfigurationBgpPeeringAddress till IpConfigurationBgpPeeringAddresses och uppdaterar gatewayen.
Exempel 7: Lägg till/uppdatera NatRules till en befintlig virtuell nätverksgateway
$Gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
$vngNatRules = $Gateway.NatRules
$natRule = New-AzVirtualNetworkGatewayNatRule -Name "natRule1" -Type "Static" -Mode "IngressSnat" -InternalMapping @("25.0.0.0/16") -ExternalMapping @("30.0.0.0/16")
$vngNatRules.Add($natrule)
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -NatRule $vngNatRules.NatRules -BgpRouteTranslationForNat $true
Name : Gateway001
ResourceGroupName : ResourceGroup001
Location : westcentralus
Id : /subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001
Etag : W/"a08f13d3-6106-44e0-9127-e35e6f9793d5"
ResourceGuid : 30993429-a1ed-42ca-9862-9156b013626e
ProvisioningState : Succeeded
Tags :
IpConfigurations : [
{
"PrivateIpAllocationMethod": "Dynamic",
"Subnet": {
"Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworks/newApipaNet/subnets/GatewaySubnet"
},
"PublicIpAddress": {
"Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/publicIPAddresses/newapipaip"
},
"Name": "default",
"Etag": "W/\"a08f13d3-6106-44e0-9127-e35e6f9793d5\"",
"Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default"
}
]
GatewayType : Vpn
VpnType : RouteBased
EnableBgp : False
ActiveActive : False
GatewayDefaultSite : null
Sku : {
"Capacity": 2,
"Name": "VpnGw1",
"Tier": "VpnGw1"
}
VpnClientConfiguration : null
BgpSettings : {
"Asn": 65515,
"BgpPeeringAddress": "10.1.255.30",
"PeerWeight": 0,
"BgpPeeringAddresses": [
{
"IpconfigurationId": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default",
"DefaultBgpIpAddresses": [
"10.1.255.30"
],
"CustomBgpIpAddresses": [
"169.254.21.55"
],
"TunnelIpAddresses": [
"13.78.146.151"
]
}
]
}
NatRules : [
{
"VirtualNetworkGatewayNatRulePropertiesType": "Static",
"Mode": "IngressSnat",
"InternalMappings": [
{
"AddressSpace": "25.0.0.0/16"
}
],
"ExternalMappings": [
{
"AddressSpace": "30.0.0.0/16"
}
],
"ProvisioningState": "Succeeded",
"Name": "natRule1",
"Etag": "W/\"5150d788-e165-42ba-99c4-8138a545fce9\"",
"Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/natRules/natRule1"
}
]
EnableBgpRouteTranslationForNat : True
Det första kommandot hämtar en virtuell nätverksgateway med namnet Gateway01 som tillhör resursgruppen ResourceGroup001 och lagrar den till variabeln med namnet $Gateway Det andra kommandot tilldelar befintliga natrules till variabeln vngNatRules. Det tredje kommandot tilldelar det nyligen skapade värdet PSVirtualNetworkGatewayNatRule-objekt natrule till variabeln natRule. Det fjärde kommandot lägger till det här PSVirtualNetworkGatewayNatRule-objektet i listan vngNatRules. Det femte kommandot anger den nya skapade PSVirtualNetworkGatewayNatRule till NatRules för gateway och uppdaterar gatewayen.
Exempel 8: Ta bort flera utgångna VpnClientRootCertificates för en befintlig virtuell nätverksgateway
$Gateway=Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
$rootCerts=$Gateway.VpnClientConfiguration.VpnClientRootCertificates
$rootCerts.Count
$rootCerts[0]
$rootCerts[1]
$rootCerts.Remove($rootCerts[1])
$Gateway1 = Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -VpnClientRootCertificates $rootCerts
Det första kommandot hämtar en virtuell nätverksgateway med namnet Gateway01 som tillhör resursgruppen ResourceGroup001 och lagrar den till variabeln med namnet $Gateway Det andra kommandot hämtar alla rotcertifikat på VirtualNetworkGateway och sparar den till en annan variabel $rootCerts Det tredje kommandot visar totalt antal befintliga rotcertifikat på VirtualNetworkGateway. De fjärde och femte kommandona skriver ut rotcertifikat på motsvarande index så att kunden kan se vilka som de vill ta bort. Det sjätte kommandot tar bort utgånget rotcertifikat med hjälp av det indexet, t.ex. här 1. Upprepa samma steg för att ta bort flera utgångna certifikat från variabeln: $rootCerts Det sjunde kommandot uppdaterar VirtualNetworkGateway för att ange giltiga rotcertifikat, dvs. certifikat som finns i variabeln: $rootCerts
Exempel 9: Konfigurera en virtuell ExpressRoute-nätverksgateway för att tillåta kommunikation via ExpressRoute med andra virtuella ExpressRoute-nätverksgatewayer i Virtual Wan-nätverk.
# Option 1 - Retrieve the gateway object, modify the property and save the changes.
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
$gateway.AllowVirtualWanTraffic = $true
$gateway = Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway
# Option 2 - Use the cmdlet switch
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway -AllowVirtualWanTraffic $true
I båda fallen hämtar det första kommandot gatewayen. Du kan sedan antingen ändra egenskapen direkt på objektet och spara den, eller så kan du använda växeln på cmdleten Set-AzVirtualNetworkGateway.
Exempel 10: Konfigurera en virtuell ExpressRoute-nätverksgateway för att blockera kommunikation via ExpressRoute med andra virtuella ExpressRoute-nätverksgatewayer i Virtual Wan-nätverk.
# Option 1 - Retrieve the gateway object, modify the property and save the changes.
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
$gateway.AllowVirtualWanTraffic = $false
$gateway = Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway
# Option 2 - Use the cmdlet switch
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway -AllowVirtualWanTraffic $false
I båda fallen hämtar det första kommandot gatewayen. Du kan sedan antingen ändra egenskapen direkt på objektet och spara den, eller så kan du använda växeln på cmdleten Set-AzVirtualNetworkGateway.
Exempel 11: Konfigurera en virtuell ExpressRoute-nätverksgateway för att tillåta kommunikation via ExpressRoute med andra virtuella ExpressRoute-nätverksgatewayer i andra virtuella nätverk.
# Option 1 - Retrieve the gateway object, modify the property and save the changes.
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
$gateway.AllowRemoteVnetTraffic = $true
$gateway = Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway
# Option 2 - Use the cmdlet switch
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway -AllowRemoteVnetTraffic $true
I båda fallen hämtar det första kommandot gatewayen. Du kan sedan antingen ändra egenskapen direkt på objektet och spara den, eller så kan du använda växeln på cmdleten Set-AzVirtualNetworkGateway.
Exempel 12: Konfigurera en virtuell ExpressRoute-nätverksgateway för att blockera kommunikation via ExpressRoute med andra virtuella nätverksgatewayer i andra virtuella nätverk.
# Option 1 - Retrieve the gateway object, modify the property and save the changes.
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
$gateway.AllowRemoteVnetTraffic = $false
$gateway = Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway
# Option 2 - Use the cmdlet switch
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway -AllowRemoteVnetTraffic $false
I båda fallen hämtar det första kommandot gatewayen. Du kan sedan antingen ändra egenskapen direkt på objektet och spara den, eller så kan du använda växeln på cmdleten Set-AzVirtualNetworkGateway.
Parametrar
-AadAudienceId
P2S AAD-autentiseringsalternativ:AadAudienceId.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-AadIssuerUri
P2S AAD-autentiseringsalternativ:AadIssuerUri.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-AadTenantUri
P2S AAD-autentiseringsalternativ:AadTenantUri.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-AsJob
Kör cmdlet i bakgrunden
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Asn
Den virtuella nätverksgatewayens ASN används för att konfigurera BGP-sessioner i IPsec-tunnlar
Type: | UInt32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-BgpRouteTranslationForNat
Detta aktiverar och inaktiverar BgpRouteTranslationForNat på den här VirtualNetworkGateway
Type: | Nullable<T>[Boolean] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ClientConnectionConfiguration
P2S Client Anslut ion Configuration som samverkar mellan adress och principgrupp
Type: | PSClientConnectionConfiguration[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Confirm
Uppmanar dig att bekräfta innan du kör cmdleten.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CustomRoute
Adresspool för anpassade vägar som angetts av kunden
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-DefaultProfile
Autentiseringsuppgifter, konto, klientorganisation och prenumeration som används för kommunikation med Azure.
Type: | IAzureContextContainer |
Aliases: | AzContext, AzureRmContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DisableActiveActiveFeature
Flagga för att inaktivera active active-funktionen på en virtuell nätverksgateway
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-EnableActiveActiveFeature
Flagga för att aktivera Active Active-funktionen på en virtuell nätverksgateway
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-EnablePrivateIpAddress
Flagga för att aktivera Active Active-funktionen på en virtuell nätverksgateway
Type: | Nullable<T>[Boolean] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GatewayDefaultSite
Standardplatsen som ska användas för tvingad tunneltrafik. Om en standardplats anges dirigeras all Internettrafik från gatewayens virtuella nätverk till den platsen.
Type: | PSLocalNetworkGateway |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-GatewaySku
Den virtuella nätverksgatewayens SKU
Type: | String |
Accepted values: | Basic, Standard, HighPerformance, UltraPerformance, VpnGw1, VpnGw2, VpnGw3, VpnGw4, VpnGw5, VpnGw1AZ, VpnGw2AZ, VpnGw3AZ, VpnGw4AZ, VpnGw5AZ, ErGw1AZ, ErGw2AZ, ErGw3AZ |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-IpConfigurationBgpPeeringAddresses
BgpPeeringAddresses för virtual network gateway bgpsettings.
Type: | PSIpConfigurationBgpPeeringAddress[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-NatRule
NatRules för virtuell nätverksgateway.
Type: | PSVirtualNetworkGatewayNatRule[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-PeerWeight
Vikten som läggs till i vägar som lärts via BGP från den här virtuella nätverksgatewayen
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-RadiusServerAddress
P2S extern radius-serveradress.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-RadiusServerList
P2S flera externa Radius-servrar.
Type: | PSRadiusServer[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-RadiusServerSecret
P2S extern radius-serverhemlighet.
Type: | SecureString |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-RemoveAadAuthentication
Flagga för att ta bort AAD-autentisering för P2S-klienten från den virtuella nätverksgatewayen.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Tag
P2S extern radius-serveradress.
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-VirtualNetworkGateway
Det virtuella nätverksgatewayobjektet som basändringarna av. Detta kan hämtas med hjälp av Get-AzVirtualNetworkGateway
Type: | PSVirtualNetworkGateway |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-VirtualNetworkGatewayPolicyGroup
P2S-principgrupp har lagts till i den här gatewayen
Type: | PSVirtualNetworkGatewayPolicyGroup[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-VpnAuthenticationType
Listan över P2S VPN-klientautentiseringstyper.
Type: | String[] |
Accepted values: | Certificate, Radius, AAD |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-VpnClientAddressPool
Adressutrymmet som VPN-klientens IP-adresser ska allokeras från. Detta bör inte överlappa med virtuella nätverk eller lokala intervall.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-VpnClientIpsecPolicy
En lista över IPSec-principer för P2S VPN-klienttunnelprotokoll.
Type: | PSIpsecPolicy[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-VpnClientProtocol
En lista över P2S VPN-klienttunnelprotokoll
Type: | String[] |
Accepted values: | SSTP, IkeV2, OpenVPN |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-VpnClientRevokedCertificates
En lista över återkallade VPN-klientcertifikat. En VPN-klient som presenterar ett certifikat som matchar något av dessa uppmanas att försvinna.
Type: | PSVpnClientRevokedCertificate[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-VpnClientRootCertificates
En lista över VPN-klientrotcertifikat som ska användas för VPN-klientautentisering. Anslut ing VPN-klienter måste visa certifikat som genererats från något av dessa rotcertifikat.
Type: | PSVpnClientRootCertificate[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-WhatIf
Visar vad som skulle hända om cmdleten kördes. Cmdleten körs inte.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Indata
String[]
PSVpnClientRevokedCertificate[]
PSIpConfigurationBgpPeeringAddress[]
PSVirtualNetworkGatewayNatRule[]
Utdata
Azure PowerShell
Feedback
https://aka.ms/ContentUserFeedback.
Kommer snart: Under hela 2024 kommer vi att fasa ut GitHub-problem som feedbackmekanism för innehåll och ersätta det med ett nytt feedbacksystem. Mer information finns i:Skicka och visa feedback för