az network vpn-connection ipsec-policy
Manage VPN connection IPSec policies.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az network vpn-connection ipsec-policy add |
Add a VPN connection IPSec policy. |
Core | GA |
| az network vpn-connection ipsec-policy clear |
Delete all IPsec policies on a VPN connection. |
Core | GA |
| az network vpn-connection ipsec-policy list |
List IPSec policies associated with a VPN connection. |
Core | GA |
| az network vpn-connection ipsec-policy wait |
Place the CLI in a waiting state until a condition is met. |
Core | GA |
az network vpn-connection ipsec-policy add
Add a VPN connection IPSec policy.
Set all IPsec policies of a VPN connection. If you want to set any IPsec policy, you must set them all.
az network vpn-connection ipsec-policy add --connection-name
--dh-group {DHGroup1, DHGroup14, DHGroup2, DHGroup2048, DHGroup24, ECP256, ECP384, None}
--ike-encryption {AES128, AES192, AES256, DES, DES3, GCMAES128, GCMAES256}
--ike-integrity {GCMAES128, GCMAES256, MD5, SHA1, SHA256, SHA384}
--ipsec-encryption {AES128, AES192, AES256, DES, DES3, GCMAES128, GCMAES192, GCMAES256, None}
--ipsec-integrity {GCMAES128, GCMAES192, GCMAES256, MD5, SHA1, SHA256}
--pfs-group {ECP256, ECP384, None, PFS1, PFS14, PFS2, PFS2048, PFS24, PFSMM}
--resource-group
--sa-lifetime
--sa-max-size
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]Examples
Add specified IPsec policies to a connection instead of relying on defaults.
az network vpn-connection ipsec-policy add -g MyResourceGroup --connection-name MyConnection --dh-group DHGroup14 --ike-encryption AES256 --ike-integrity SHA384 --ipsec-encryption DES3 --ipsec-integrity GCMAES256 --pfs-group PFS2048 --sa-lifetime 27000 --sa-max-size 102400000Required Parameters
Connection name.
The DH Groups used for initial SA.
The IKE encryption algorithm.
The IKE integrity algorithm.
The IPSec encryption algorithm.
The IPSec integrity algorithm.
The Pfs Groups used for new child SA.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The lifetime in seconds for P2S client.
The payload size in KB for P2S client.
Optional Parameters
Do not wait for the long-running operation to finish.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network vpn-connection ipsec-policy clear
Delete all IPsec policies on a VPN connection.
az network vpn-connection ipsec-policy clear --connection-name
--resource-group
[--no-wait]Examples
Remove all previously specified IPsec policies from a connection.
az network vpn-connection ipsec-policy clear -g MyResourceGroup --connection-name MyConnectionRequired Parameters
Connection name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Do not wait for the long-running operation to finish.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network vpn-connection ipsec-policy list
List IPSec policies associated with a VPN connection.
az network vpn-connection ipsec-policy list --connection-name
--resource-groupExamples
List the IPsec policies set on a connection.
az network vpn-connection ipsec-policy list -g MyResourceGroup --connection-name MyConnectionRequired Parameters
Connection name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network vpn-connection ipsec-policy wait
Place the CLI in a waiting state until a condition is met.
az network vpn-connection ipsec-policy wait [--connection-name]
[--created]
[--custom]
[--deleted]
[--exists]
[--ids]
[--interval]
[--resource-group]
[--subscription]
[--timeout]
[--updated]Optional Parameters
Connection name.
Wait until created with 'provisioningState' at 'Succeeded'.
Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].
Wait until deleted.
Wait until the resource exists.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Polling interval in seconds.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Maximum wait in seconds.
Wait until updated with provisioningState at 'Succeeded'.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
Azure CLI