Share via


az network vpn-server-config

Note

This reference is part of the virtual-wan extension for the Azure CLI (version 2.55.0 or higher). The extension will automatically install the first time you run an az network vpn-server-config command. Learn more about extensions.

Manage VPN server configuration.

Commands

Name Description Type Status
az network vpn-server-config create

Create a VPN server configuration.

Extension GA
az network vpn-server-config delete

Delete a VPN server configuration.

Extension GA
az network vpn-server-config ipsec-policy

Manage VPN server configuration IPSec policies.

Extension GA
az network vpn-server-config ipsec-policy add

Add an IPSec policy to a VPN server configuration.

Extension GA
az network vpn-server-config ipsec-policy list

List VPN server configuration IPSec policies.

Extension GA
az network vpn-server-config ipsec-policy remove

Remove an IPSec policy from a VPN server configuration.

Extension GA
az network vpn-server-config ipsec-policy wait

Place the CLI in a waiting state until a condition of the IPSec policy of a VPN server configuration is met.

Extension GA
az network vpn-server-config list

List all VPN server configuration.

Extension GA
az network vpn-server-config set

Set settings of a VPN server configuration.

Extension GA
az network vpn-server-config show

Show the details of a VPN server configuration.

Extension GA
az network vpn-server-config wait

Place the CLI in a waiting state until a condition of the VPN server configuration is met.

Extension GA

az network vpn-server-config create

Create a VPN server configuration.

az network vpn-server-config create --name
                                    --resource-group
                                    [--aad-audience]
                                    [--aad-issuer]
                                    [--aad-tenant]
                                    [--auth-types {AAD, Certificate, Radius}]
                                    [--location]
                                    [--no-wait]
                                    [--protocols {IkeV2, OpenVPN}]
                                    [--radius-client-root-certs]
                                    [--radius-server-root-certs]
                                    [--radius-servers]
                                    [--vpn-client-revoked-certs]
                                    [--vpn-client-root-certs]

Examples

Create a VPN server configuration with VPN auth type

az network vpn-server-config create -n MyVPNServerConfig -g MyRG --vpn-client-root-certs "ApplicationGatewayAuthCert.cer" --vpn-client-revoked-certs "ApplicationGatewayAuthCert.pem"

Required Parameters

--name -n

Name of the Vpn server configuration.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--aad-audience

AAD Vpn authentication parameter AAD audience.

--aad-issuer

AAD Vpn authentication parameter AAD issuer.

--aad-tenant

AAD Vpn authentication parameter AAD tenant.

--auth-types

List of VPN authentication types for the VpnServerConfiguration.

Accepted values: AAD, Certificate, Radius
--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--protocols

VPN protocols for the VpnServerConfiguration.

Accepted values: IkeV2, OpenVPN
--radius-client-root-certs

List of Radius client root certificate file paths.

--radius-server-root-certs

List of Radius server root certificate file paths.

--radius-servers

Radius Server configuration.

--vpn-client-revoked-certs

List of VPN client revoked certificate file paths.

--vpn-client-root-certs

List of VPN client root certificate file paths.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-server-config delete

Delete a VPN server configuration.

az network vpn-server-config delete --name
                                    --resource-group
                                    [--yes]

Required Parameters

--name -n

Name of the Vpn server configuration.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--yes -y

Do not prompt for confirmation.

Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-server-config list

List all VPN server configuration.

az network vpn-server-config list [--resource-group]

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-server-config set

Set settings of a VPN server configuration.

az network vpn-server-config set --name
                                 --resource-group
                                 [--aad-audience]
                                 [--aad-issuer]
                                 [--aad-tenant]
                                 [--auth-types {AAD, Certificate, Radius}]
                                 [--location]
                                 [--no-wait]
                                 [--protocols {IkeV2, OpenVPN}]
                                 [--radius-client-root-certs]
                                 [--radius-server-root-certs]
                                 [--radius-servers]
                                 [--vpn-client-revoked-certs]
                                 [--vpn-client-root-certs]

Examples

Set a VPN server configuration with Radius auth type

az network vpn-server-config set -n MyVPNServerConfig -g MyRG --radius-client-root-certs "ApplicationGatewayAuthCert.cer" --radius-server-root-certs "ApplicationGatewayAuthCert.pem" --radius-servers address=test1 secret=clitest score=10 --radius-servers address=test2 secret=clitest score=10

Required Parameters

--name -n

Name of the Vpn server configuration.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--aad-audience

AAD Vpn authentication parameter AAD audience.

--aad-issuer

AAD Vpn authentication parameter AAD issuer.

--aad-tenant

AAD Vpn authentication parameter AAD tenant.

--auth-types

List of VPN authentication types for the VpnServerConfiguration.

Accepted values: AAD, Certificate, Radius
--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--protocols

VPN protocols for the VpnServerConfiguration.

Accepted values: IkeV2, OpenVPN
--radius-client-root-certs

List of Radius client root certificate file paths.

--radius-server-root-certs

List of Radius server root certificate file paths.

--radius-servers

Radius Server configuration.

--vpn-client-revoked-certs

List of VPN client revoked certificate file paths.

--vpn-client-root-certs

List of VPN client root certificate file paths.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-server-config show

Show the details of a VPN server configuration.

az network vpn-server-config show --name
                                  --resource-group

Required Parameters

--name -n

Name of the Vpn server configuration.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vpn-server-config wait

Place the CLI in a waiting state until a condition of the VPN server configuration is met.

az network vpn-server-config wait --name
                                  --resource-group
                                  [--created]
                                  [--custom]
                                  [--deleted]
                                  [--exists]
                                  [--interval]
                                  [--timeout]
                                  [--updated]

Required Parameters

--name -n

Name of the Vpn server configuration.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--created

Wait until created with 'provisioningState' at 'Succeeded'.

Default value: False
--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

--deleted

Wait until deleted.

Default value: False
--exists

Wait until the resource exists.

Default value: False
--interval

Polling interval in seconds.

Default value: 30
--timeout

Maximum wait in seconds.

Default value: 3600
--updated

Wait until updated with provisioningState at 'Succeeded'.

Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.