Vpn Gateways - Get
Retrieves the details of a virtual wan vpn gateway.
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/vpnGateways/{gatewayName}?api-version=2024-05-01
URI Parameters
Name | In | Required | Type | Description |
---|---|---|---|---|
gateway
|
path | True |
string |
The name of the gateway. |
resource
|
path | True |
string |
The resource group name of the VpnGateway. |
subscription
|
path | True |
string |
The subscription credentials which uniquely identify the Microsoft Azure subscription. The subscription ID forms part of the URI for every service call. |
api-version
|
query | True |
string |
Client API version. |
Responses
Name | Type | Description |
---|---|---|
200 OK |
Request successful. Returns the details of the virtual wan vpn gateway retrieved. |
|
Other Status Codes |
Error response describing why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name | Description |
---|---|
user_impersonation | impersonate your user account |
Examples
VpnGatewayGet
Sample request
Sample response
{
"name": "gateway1",
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/vpnGateways/gateway1",
"etag": "w/\\00000000-0000-0000-0000-000000000000\\",
"location": "West US",
"type": "Microsoft.Network/vpnGateways",
"properties": {
"provisioningState": "Succeeded",
"virtualHub": {
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualHubs/virtualHub1"
},
"connections": [
{
"name": "vpnConnection1",
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/vpnGateways/gateway1/vpnConnections/vpnConnection1",
"etag": "w/\\00000000-0000-0000-0000-000000000000\\",
"properties": {
"provisioningState": "Succeeded",
"remoteVpnSite": {
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/vpnSites/vpnSite1"
},
"enableInternetSecurity": false,
"ingressBytesTransferred": 0,
"egressBytesTransferred": 0,
"vpnLinkConnections": [
{
"name": "Connection-Link1",
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/vpnGateways/gateway1/vpnConnections/vpnConnection1/VpnSiteLinkConnections/Connection-Link1",
"type": "Microsoft.Network/vpnGateways/vpnConnections/VpnSiteLinkConnections",
"etag": "w/\\00000000-0000-0000-0000-000000000000\\",
"properties": {
"provisioningState": "Succeeded",
"vpnSiteLink": {
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/vpnSites/vpnSite1/vpnSiteLinks/siteLink1"
},
"connectionBandwidth": 200,
"ipsecPolicies": [],
"vpnConnectionProtocolType": "IKEv2",
"sharedKey": "key",
"ingressBytesTransferred": 0,
"egressBytesTransferred": 0,
"enableBgp": false,
"enableRateLimiting": false,
"useLocalAzureIpAddress": false,
"usePolicyBasedTrafficSelectors": false,
"routingWeight": 0,
"ingressNatRules": [
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/vpnGateways/gateway1/natRules/nat03"
}
]
}
},
{
"name": "Connection-Link2",
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/vpnGateways/gateway1/vpnConnections/vpnConnection1/VpnSiteLinkConnections/Connection-Link2",
"type": "Microsoft.Network/vpnGateways/vpnConnections/VpnSiteLinkConnections",
"etag": "w/\\00000000-0000-0000-0000-000000000000\\",
"properties": {
"provisioningState": "Succeeded",
"vpnSiteLink": {
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/vpnSites/vpnSite1/vpnSiteLinks/siteLink2"
},
"connectionBandwidth": 200,
"ipsecPolicies": [],
"vpnConnectionProtocolType": "IKEv2",
"sharedKey": "key",
"ingressBytesTransferred": 0,
"egressBytesTransferred": 0,
"enableBgp": false,
"enableRateLimiting": false,
"useLocalAzureIpAddress": false,
"usePolicyBasedTrafficSelectors": false,
"routingWeight": 0,
"egressNatRules": [
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/vpnGateways/gateway1/natRules/nat04"
}
]
}
}
],
"routingConfiguration": {
"associatedRouteTable": {
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualHubs/virtualHub1/hubRouteTables/hubRouteTable1"
},
"propagatedRouteTables": {
"labels": [
"label1",
"label2"
],
"ids": [
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualHubs/virtualHub1/hubRouteTables/hubRouteTable1"
},
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualHubs/virtualHub1/hubRouteTables/hubRouteTable2"
},
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualHubs/virtualHub1/hubRouteTables/hubRouteTable3"
}
]
},
"vnetRoutes": {
"staticRoutes": []
}
}
}
}
],
"bgpSettings": {
"asn": 65514,
"bgpPeeringAddress": "10.0.1.30",
"peerWeight": 0,
"bgpPeeringAddresses": [
{
"ipconfigurationId": "Instance0",
"defaultBgpIpAddresses": [
"10.30.0.4"
],
"customBgpIpAddresses": [
"169.254.21.5"
],
"tunnelIpAddresses": [
"104.208.48.178"
]
},
{
"ipconfigurationId": "Instance1",
"defaultBgpIpAddresses": [
"10.30.0.5"
],
"customBgpIpAddresses": [
"169.254.21.10"
],
"tunnelIpAddresses": [
"104.208.48.179"
]
}
]
},
"natRules": [
{
"name": "nat03",
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/vpnGateways/gateway1/natRules/nat03",
"properties": {
"type": "Dynamic",
"mode": "IgressSnat",
"internalMappings": [
{
"addressSpace": "0.0.0.0/26"
}
],
"externalMappings": [
{
"addressSpace": "192.168.0.0/26"
}
],
"ingressVpnSiteLinkConnections": [
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/vpnGateways/gateway1/vpnConnections/vpnConnection1/vpnLinkConnections/Connection-Link1"
}
]
},
"type": "Microsoft.Network/vpnGateways/natRules"
},
{
"name": "nat04",
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/vpnGateways/gateway1/natRules/nat04",
"properties": {
"type": "Static",
"mode": "EgressSnat",
"internalMappings": [
{
"addressSpace": "0.0.0.0/26"
}
],
"externalMappings": [
{
"addressSpace": "192.168.0.0/26"
}
],
"egressVpnSiteLinkConnections": [
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/vpnGateways/gateway1/vpnConnections/vpnConnection1/vpnLinkConnections/Connection-Link2"
}
]
},
"type": "Microsoft.Network/vpnGateways/natRules"
}
],
"isRoutingPreferenceInternet": false,
"enableBgpRouteTranslationForNat": false
}
}
Definitions
Name | Description |
---|---|
Bgp |
BGP settings details. |
Cloud |
An error response from the service. |
Cloud |
An error response from the service. |
Dh |
The DH Groups used in IKE Phase 1 for initial SA. |
Gateway |
GatewayCustomBgpIpAddressIpConfiguration for a virtual network gateway connection. |
Ike |
The IKE encryption algorithm (IKE phase 2). |
Ike |
The IKE integrity algorithm (IKE phase 2). |
IPConfiguration |
Properties of IPConfigurationBgpPeeringAddress. |
Ipsec |
The IPSec encryption algorithm (IKE phase 1). |
Ipsec |
The IPSec integrity algorithm (IKE phase 1). |
Ipsec |
An IPSec Policy configuration for a virtual network gateway connection. |
Pfs |
The Pfs Groups used in IKE Phase 2 for new child SA. |
Propagated |
The list of RouteTables to advertise the routes to. |
Provisioning |
The current provisioning state. |
Routing |
Routing Configuration indicating the associated and propagated route tables for this connection. |
Static |
List of all Static Routes. |
Static |
Configuration for static routes on this HubVnetConnectionConfiguration for static routes on this HubVnetConnection. |
Sub |
Reference to another subresource. |
Traffic |
An traffic selector policy for a virtual network gateway connection. |
Virtual |
Connection protocol used for this connection. |
Vnet |
Parameter determining whether NVA in spoke vnet is bypassed for traffic with destination in spoke vnet. |
Vnet |
List of routes that control routing from VirtualHub into a virtual network connection. |
Vpn |
VpnConnection Resource. |
Vpn |
The current state of the vpn connection. |
Vpn |
VpnGateway Resource. |
Vpn |
IP Configuration of a VPN Gateway Resource. |
Vpn |
VpnGatewayNatRule Resource. |
Vpn |
Vpn link connection mode. |
Vpn |
Vpn NatRule mapping. |
Vpn |
The Source NAT direction of a VPN NAT. |
Vpn |
The type of NAT rule for VPN NAT. |
Vpn |
VpnSiteLinkConnection Resource. |
BgpSettings
BGP settings details.
Name | Type | Description |
---|---|---|
asn |
integer |
The BGP speaker's ASN. |
bgpPeeringAddress |
string |
The BGP peering address and BGP identifier of this BGP speaker. |
bgpPeeringAddresses |
BGP peering address with IP configuration ID for virtual network gateway. |
|
peerWeight |
integer |
The weight added to routes learned from this BGP speaker. |
CloudError
An error response from the service.
Name | Type | Description |
---|---|---|
error |
Cloud error body. |
CloudErrorBody
An error response from the service.
Name | Type | Description |
---|---|---|
code |
string |
An identifier for the error. Codes are invariant and are intended to be consumed programmatically. |
details |
A list of additional details about the error. |
|
message |
string |
A message describing the error, intended to be suitable for display in a user interface. |
target |
string |
The target of the particular error. For example, the name of the property in error. |
DhGroup
The DH Groups used in IKE Phase 1 for initial SA.
Name | Type | Description |
---|---|---|
DHGroup1 |
string |
|
DHGroup14 |
string |
|
DHGroup2 |
string |
|
DHGroup2048 |
string |
|
DHGroup24 |
string |
|
ECP256 |
string |
|
ECP384 |
string |
|
None |
string |
GatewayCustomBgpIpAddressIpConfiguration
GatewayCustomBgpIpAddressIpConfiguration for a virtual network gateway connection.
Name | Type | Description |
---|---|---|
customBgpIpAddress |
string |
The custom BgpPeeringAddress which belongs to IpconfigurationId. |
ipConfigurationId |
string |
The IpconfigurationId of ipconfiguration which belongs to gateway. |
IkeEncryption
The IKE encryption algorithm (IKE phase 2).
Name | Type | Description |
---|---|---|
AES128 |
string |
|
AES192 |
string |
|
AES256 |
string |
|
DES |
string |
|
DES3 |
string |
|
GCMAES128 |
string |
|
GCMAES256 |
string |
IkeIntegrity
The IKE integrity algorithm (IKE phase 2).
Name | Type | Description |
---|---|---|
GCMAES128 |
string |
|
GCMAES256 |
string |
|
MD5 |
string |
|
SHA1 |
string |
|
SHA256 |
string |
|
SHA384 |
string |
IPConfigurationBgpPeeringAddress
Properties of IPConfigurationBgpPeeringAddress.
Name | Type | Description |
---|---|---|
customBgpIpAddresses |
string[] |
The list of custom BGP peering addresses which belong to IP configuration. |
defaultBgpIpAddresses |
string[] |
The list of default BGP peering addresses which belong to IP configuration. |
ipconfigurationId |
string |
The ID of IP configuration which belongs to gateway. |
tunnelIpAddresses |
string[] |
The list of tunnel public IP addresses which belong to IP configuration. |
IpsecEncryption
The IPSec encryption algorithm (IKE phase 1).
Name | Type | Description |
---|---|---|
AES128 |
string |
|
AES192 |
string |
|
AES256 |
string |
|
DES |
string |
|
DES3 |
string |
|
GCMAES128 |
string |
|
GCMAES192 |
string |
|
GCMAES256 |
string |
|
None |
string |
IpsecIntegrity
The IPSec integrity algorithm (IKE phase 1).
Name | Type | Description |
---|---|---|
GCMAES128 |
string |
|
GCMAES192 |
string |
|
GCMAES256 |
string |
|
MD5 |
string |
|
SHA1 |
string |
|
SHA256 |
string |
IpsecPolicy
An IPSec Policy configuration for a virtual network gateway connection.
Name | Type | Description |
---|---|---|
dhGroup |
The DH Group used in IKE Phase 1 for initial SA. |
|
ikeEncryption |
The IKE encryption algorithm (IKE phase 2). |
|
ikeIntegrity |
The IKE integrity algorithm (IKE phase 2). |
|
ipsecEncryption |
The IPSec encryption algorithm (IKE phase 1). |
|
ipsecIntegrity |
The IPSec integrity algorithm (IKE phase 1). |
|
pfsGroup |
The Pfs Group used in IKE Phase 2 for new child SA. |
|
saDataSizeKilobytes |
integer |
The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel. |
saLifeTimeSeconds |
integer |
The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel. |
PfsGroup
The Pfs Groups used in IKE Phase 2 for new child SA.
Name | Type | Description |
---|---|---|
ECP256 |
string |
|
ECP384 |
string |
|
None |
string |
|
PFS1 |
string |
|
PFS14 |
string |
|
PFS2 |
string |
|
PFS2048 |
string |
|
PFS24 |
string |
|
PFSMM |
string |
PropagatedRouteTable
The list of RouteTables to advertise the routes to.
Name | Type | Description |
---|---|---|
ids |
The list of resource ids of all the RouteTables. |
|
labels |
string[] |
The list of labels. |
ProvisioningState
The current provisioning state.
Name | Type | Description |
---|---|---|
Deleting |
string |
|
Failed |
string |
|
Succeeded |
string |
|
Updating |
string |
RoutingConfiguration
Routing Configuration indicating the associated and propagated route tables for this connection.
Name | Type | Description |
---|---|---|
associatedRouteTable |
The resource id RouteTable associated with this RoutingConfiguration. |
|
inboundRouteMap |
The resource id of the RouteMap associated with this RoutingConfiguration for inbound learned routes. |
|
outboundRouteMap |
The resource id of theRouteMap associated with this RoutingConfiguration for outbound advertised routes. |
|
propagatedRouteTables |
The list of RouteTables to advertise the routes to. |
|
vnetRoutes |
List of routes that control routing from VirtualHub into a virtual network connection. |
StaticRoute
List of all Static Routes.
Name | Type | Description |
---|---|---|
addressPrefixes |
string[] |
List of all address prefixes. |
name |
string |
The name of the StaticRoute that is unique within a VnetRoute. |
nextHopIpAddress |
string |
The ip address of the next hop. |
StaticRoutesConfig
Configuration for static routes on this HubVnetConnectionConfiguration for static routes on this HubVnetConnection.
Name | Type | Description |
---|---|---|
propagateStaticRoutes |
boolean |
Boolean indicating whether static routes on this connection are automatically propagate to route tables which this connection propagates to. |
vnetLocalRouteOverrideCriteria |
Parameter determining whether NVA in spoke vnet is bypassed for traffic with destination in spoke. |
SubResource
Reference to another subresource.
Name | Type | Description |
---|---|---|
id |
string |
Resource ID. |
TrafficSelectorPolicy
An traffic selector policy for a virtual network gateway connection.
Name | Type | Description |
---|---|---|
localAddressRanges |
string[] |
A collection of local address spaces in CIDR format. |
remoteAddressRanges |
string[] |
A collection of remote address spaces in CIDR format. |
VirtualNetworkGatewayConnectionProtocol
Connection protocol used for this connection.
Name | Type | Description |
---|---|---|
IKEv1 |
string |
|
IKEv2 |
string |
VnetLocalRouteOverrideCriteria
Parameter determining whether NVA in spoke vnet is bypassed for traffic with destination in spoke vnet.
Name | Type | Description |
---|---|---|
Contains |
string |
|
Equal |
string |
VnetRoute
List of routes that control routing from VirtualHub into a virtual network connection.
Name | Type | Description |
---|---|---|
bgpConnections |
The list of references to HubBgpConnection objects. |
|
staticRoutes |
List of all Static Routes. |
|
staticRoutesConfig |
Configuration for static routes on this HubVnetConnection. |
VpnConnection
VpnConnection Resource.
Name | Type | Description |
---|---|---|
etag |
string |
A unique read-only string that changes whenever the resource is updated. |
id |
string |
Resource ID. |
name |
string |
The name of the resource that is unique within a resource group. This name can be used to access the resource. |
properties.connectionBandwidth |
integer |
Expected bandwidth in MBPS. |
properties.connectionStatus |
The connection status. |
|
properties.dpdTimeoutSeconds |
integer |
DPD timeout in seconds for vpn connection. |
properties.egressBytesTransferred |
integer |
Egress bytes transferred. |
properties.enableBgp |
boolean |
EnableBgp flag. |
properties.enableInternetSecurity |
boolean |
Enable internet security. |
properties.enableRateLimiting |
boolean |
EnableBgp flag. |
properties.ingressBytesTransferred |
integer |
Ingress bytes transferred. |
properties.ipsecPolicies |
The IPSec Policies to be considered by this connection. |
|
properties.provisioningState |
The provisioning state of the VPN connection resource. |
|
properties.remoteVpnSite |
Id of the connected vpn site. |
|
properties.routingConfiguration |
The Routing Configuration indicating the associated and propagated route tables on this connection. |
|
properties.routingWeight |
integer |
Routing weight for vpn connection. |
properties.sharedKey |
string |
SharedKey for the vpn connection. |
properties.trafficSelectorPolicies |
The Traffic Selector Policies to be considered by this connection. |
|
properties.useLocalAzureIpAddress |
boolean |
Use local azure ip to initiate connection. |
properties.usePolicyBasedTrafficSelectors |
boolean |
Enable policy-based traffic selectors. |
properties.vpnConnectionProtocolType |
Connection protocol used for this connection. |
|
properties.vpnLinkConnections |
List of all vpn site link connections to the gateway. |
VpnConnectionStatus
The current state of the vpn connection.
Name | Type | Description |
---|---|---|
Connected |
string |
|
Connecting |
string |
|
NotConnected |
string |
|
Unknown |
string |
VpnGateway
VpnGateway Resource.
Name | Type | Description |
---|---|---|
etag |
string |
A unique read-only string that changes whenever the resource is updated. |
id |
string |
Resource ID. |
location |
string |
Resource location. |
name |
string |
Resource name. |
properties.bgpSettings |
Local network gateway's BGP speaker settings. |
|
properties.connections |
List of all vpn connections to the gateway. |
|
properties.enableBgpRouteTranslationForNat |
boolean |
Enable BGP routes translation for NAT on this VpnGateway. |
properties.ipConfigurations |
List of all IPs configured on the gateway. |
|
properties.isRoutingPreferenceInternet |
boolean |
Enable Routing Preference property for the Public IP Interface of the VpnGateway. |
properties.natRules |
List of all the nat Rules associated with the gateway. |
|
properties.provisioningState |
The provisioning state of the VPN gateway resource. |
|
properties.virtualHub |
The VirtualHub to which the gateway belongs. |
|
properties.vpnGatewayScaleUnit |
integer |
The scale unit for this vpn gateway. |
tags |
object |
Resource tags. |
type |
string |
Resource type. |
VpnGatewayIpConfiguration
IP Configuration of a VPN Gateway Resource.
Name | Type | Description |
---|---|---|
id |
string |
The identifier of the IP configuration for a VPN Gateway. |
privateIpAddress |
string |
The private IP address of this IP configuration. |
publicIpAddress |
string |
The public IP address of this IP configuration. |
VpnGatewayNatRule
VpnGatewayNatRule Resource.
Name | Type | Description |
---|---|---|
etag |
string |
A unique read-only string that changes whenever the resource is updated. |
id |
string |
Resource ID. |
name |
string |
The name of the resource that is unique within a resource group. This name can be used to access the resource. |
properties.egressVpnSiteLinkConnections |
List of egress VpnSiteLinkConnections. |
|
properties.externalMappings |
The private IP address external mapping for NAT. |
|
properties.ingressVpnSiteLinkConnections |
List of ingress VpnSiteLinkConnections. |
|
properties.internalMappings |
The private IP address internal mapping for NAT. |
|
properties.ipConfigurationId |
string |
The IP Configuration ID this NAT rule applies to. |
properties.mode |
The Source NAT direction of a VPN NAT. |
|
properties.provisioningState |
The provisioning state of the NAT Rule resource. |
|
properties.type |
The type of NAT rule for VPN NAT. |
|
type |
string |
Resource type. |
VpnLinkConnectionMode
Vpn link connection mode.
Name | Type | Description |
---|---|---|
Default |
string |
|
InitiatorOnly |
string |
|
ResponderOnly |
string |
VpnNatRuleMapping
Vpn NatRule mapping.
Name | Type | Description |
---|---|---|
addressSpace |
string |
Address space for Vpn NatRule mapping. |
portRange |
string |
Port range for Vpn NatRule mapping. |
VpnNatRuleMode
The Source NAT direction of a VPN NAT.
Name | Type | Description |
---|---|---|
EgressSnat |
string |
|
IngressSnat |
string |
VpnNatRuleType
The type of NAT rule for VPN NAT.
Name | Type | Description |
---|---|---|
Dynamic |
string |
|
Static |
string |
VpnSiteLinkConnection
VpnSiteLinkConnection Resource.
Name | Type | Description |
---|---|---|
etag |
string |
A unique read-only string that changes whenever the resource is updated. |
id |
string |
Resource ID. |
name |
string |
The name of the resource that is unique within a resource group. This name can be used to access the resource. |
properties.connectionBandwidth |
integer |
Expected bandwidth in MBPS. |
properties.connectionStatus |
The connection status. |
|
properties.dpdTimeoutSeconds |
integer |
Dead Peer Detection timeout in seconds for VpnLink connection. |
properties.egressBytesTransferred |
integer |
Egress bytes transferred. |
properties.egressNatRules |
List of egress NatRules. |
|
properties.enableBgp |
boolean |
EnableBgp flag. |
properties.enableRateLimiting |
boolean |
EnableBgp flag. |
properties.ingressBytesTransferred |
integer |
Ingress bytes transferred. |
properties.ingressNatRules |
List of ingress NatRules. |
|
properties.ipsecPolicies |
The IPSec Policies to be considered by this connection. |
|
properties.provisioningState |
The provisioning state of the VPN site link connection resource. |
|
properties.routingWeight |
integer |
Routing weight for vpn connection. |
properties.sharedKey |
string |
SharedKey for the vpn connection. |
properties.useLocalAzureIpAddress |
boolean |
Use local azure ip to initiate connection. |
properties.usePolicyBasedTrafficSelectors |
boolean |
Enable policy-based traffic selectors. |
properties.vpnConnectionProtocolType |
Connection protocol used for this connection. |
|
properties.vpnGatewayCustomBgpAddresses |
vpnGatewayCustomBgpAddresses used by this connection. |
|
properties.vpnLinkConnectionMode |
Vpn link connection mode. |
|
properties.vpnSiteLink |
Id of the connected vpn site link. |
|
type |
string |
Resource type. |