Share via


az network vpn-gateway

Note

This reference is part of the virtual-wan extension for the Azure CLI (version 2.55.0 or higher). The extension will automatically install the first time you run an az network vpn-gateway command. Learn more about extensions.

Manage site-to-site VPN gateways.

Commands

Name Description Type Status
az network vpn-gateway connection

Manage site-to-site VPN gateway connections.

Extension GA
az network vpn-gateway connection create

Create a site-to-site VPN gateway connection.

Extension GA
az network vpn-gateway connection delete

Delete a site-to-site VPN gateway connection.

Extension GA
az network vpn-gateway connection ipsec-policy

Manage site-to-site VPN gateway connection IPSec policies.

Extension GA
az network vpn-gateway connection ipsec-policy add

Add an IPSec policy to a site-to-site VPN gateway connection.

Extension GA
az network vpn-gateway connection ipsec-policy list

List site-to-site VPN gateway connection IPSec policies.

Extension GA
az network vpn-gateway connection ipsec-policy remove

Remove an IPSec policy from a site-to-site VPN gateway connection.

Extension GA
az network vpn-gateway connection list

List site-to-site VPN gateway connections.

Extension GA
az network vpn-gateway connection packet-capture

Manage site-to-site VPN gateway connections packet capture.

Extension GA
az network vpn-gateway connection packet-capture start

Starts packet capture on Vpn connection in the specified resource group.

Extension GA
az network vpn-gateway connection show

Get the details of a site-to-site VPN gateway connection.

Extension GA
az network vpn-gateway connection update

Update settings of VPN gateway connection.

Extension GA
az network vpn-gateway connection vpn-site-link-conn

Manage site-to-site VPN gateway connection VPN site link connection.

Extension GA
az network vpn-gateway connection vpn-site-link-conn add

Add a VPN site link connection to a site-to-site VPN gateway connection.

Extension GA
az network vpn-gateway connection vpn-site-link-conn ipsec-policy

Manage site-to-site VPN gateway connection VPN site link IPSec policies.

Extension GA
az network vpn-gateway connection vpn-site-link-conn ipsec-policy add

Add an IPSec policy to a site-to-site VPN gateway connection VPN site link.

Extension GA
az network vpn-gateway connection vpn-site-link-conn ipsec-policy list

List site-to-site VPN gateway connection VPN site link IPSec policies.

Extension GA
az network vpn-gateway connection vpn-site-link-conn ipsec-policy remove

Remove an IPSec policy from a site-to-site VPN gateway connection VPN site link.

Extension GA
az network vpn-gateway connection vpn-site-link-conn list

List site-to-site VPN gateway connection VPN site link connection.

Extension GA
az network vpn-gateway connection vpn-site-link-conn remove

Remove a VPN site link connection from a site-to-site VPN gateway connection.

Extension GA
az network vpn-gateway connection wait

Place the CLI in a waiting state until a condition of the site-to-site VPN gateway connection is met.

Extension GA
az network vpn-gateway create

Create a site-to-site VPN gateway.

Extension GA
az network vpn-gateway delete

Delete a site-to-site VPN gateway.

Extension GA
az network vpn-gateway list

List site-to-site VPN gateways.

Extension GA
az network vpn-gateway nat-rule

Manage site-to-site VPN gateway nat rule.

Extension GA
az network vpn-gateway nat-rule create

Create a nat rule to a scalable vpn gateway if it doesn't exist else updates the existing nat rules.

Extension GA
az network vpn-gateway nat-rule delete

Delete a nat rule.

Extension GA
az network vpn-gateway nat-rule list

List all nat rules for a particular virtual wan vpn gateway.

Extension GA
az network vpn-gateway nat-rule show

Get the details of a nat ruleGet.

Extension GA
az network vpn-gateway nat-rule update

Update a nat rule to a scalable vpn gateway if it doesn't exist else updates the existing nat rules.

Extension GA
az network vpn-gateway nat-rule wait

Place the CLI in a waiting state until a condition is met.

Extension GA
az network vpn-gateway show

Get the details of a site-to-site VPN gateway.

Extension GA
az network vpn-gateway update

Update settings of a site-to-site VPN gateway.

Extension GA
az network vpn-gateway wait

Place the CLI in a waiting state until a condition is met.

Extension GA

az network vpn-gateway create

Create a site-to-site VPN gateway.

az network vpn-gateway create --name
                              --resource-group
                              [--asn]
                              [--bgp-peering-address]
                              [--location]
                              [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                              [--peer-weight]
                              [--scale-unit]
                              [--tags]
                              [--vhub]

Examples

Create a site-to-site VPN gateway.

az network vpn-gateway create -n MyVPNGateway -g MyRG --vhub MyVHub -l westus

Required Parameters

--name -n

Name of the VPN gateway.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--asn

BGP speaker's ASN.

--bgp-peering-address

Peering address and BGP identifier of this BGP speaker.

--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>. When not specified, the location of the resource group will be used.

--no-wait

Do not wait for the long-running operation to finish.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--peer-weight

Weight added to routes learned from this BGP speaker.

--scale-unit

The scale unit for this VPN gateway.

--tags

Space-separated tags: key[=value] [key[=value] ...]. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--vhub

Name or ID of a virtual hub.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-gateway delete

Delete a site-to-site VPN gateway.

az network vpn-gateway delete [--ids]
                              [--name]
                              [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                              [--resource-group]
                              [--subscription]

Examples

Delete a site-to-site VPN gateway.

az network vpn-gateway delete -n MyVPNGateway -g MyRG

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the VPN gateway.

--no-wait

Do not wait for the long-running operation to finish.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-gateway list

List site-to-site VPN gateways.

az network vpn-gateway list [--resource-group]

Examples

List site-to-site VPN gateways.

az network vpn-gateway list -g MyRG

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-gateway show

Get the details of a site-to-site VPN gateway.

az network vpn-gateway show [--ids]
                            [--name]
                            [--resource-group]
                            [--subscription]

Examples

Get the details of a site-to-site VPN gateway.

az network vpn-gateway show -n MyVPNGateway -g MyRG

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the VPN gateway.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-gateway update

Update settings of a site-to-site VPN gateway.

az network vpn-gateway update [--add]
                              [--asn]
                              [--bgp-peering-address]
                              [--force-string {0, 1, f, false, n, no, t, true, y, yes}]
                              [--ids]
                              [--name]
                              [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                              [--peer-weight]
                              [--remove]
                              [--resource-group]
                              [--scale-unit]
                              [--set]
                              [--subscription]
                              [--tags]
                              [--vhub]

Examples

Update settings of a site-to-site VPN gateway.

az network vpn-gateway create -g MyRG --vhub MyVHub --name MyVPNGateway --tags foo=bar

Optional Parameters

--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

--asn

BGP speaker's ASN.

--bgp-peering-address

Peering address and BGP identifier of this BGP speaker.

--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the VPN gateway.

--no-wait

Do not wait for the long-running operation to finish.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--peer-weight

Weight added to routes learned from this BGP speaker.

--remove

Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--scale-unit

The scale unit for this VPN gateway.

--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--tags

Space-separated tags: key[=value] [key[=value] ...]. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--vhub

Name or ID of a virtual hub.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-gateway wait

Place the CLI in a waiting state until a condition is met.

az network vpn-gateway wait [--created]
                            [--custom]
                            [--deleted]
                            [--exists]
                            [--ids]
                            [--interval]
                            [--name]
                            [--resource-group]
                            [--subscription]
                            [--timeout]
                            [--updated]

Optional Parameters

--created

Wait until created with 'provisioningState' at 'Succeeded'.

Default value: False
--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

--deleted

Wait until deleted.

Default value: False
--exists

Wait until the resource exists.

Default value: False
--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--interval

Polling interval in seconds.

Default value: 30
--name -n

Name of the VPN gateway.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--timeout

Maximum wait in seconds.

Default value: 3600
--updated

Wait until updated with provisioningState at 'Succeeded'.

Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.