Adicionar um gateway virtual a uma rede virtual de locatário

• Aplica-se a:

  ✅ Windows Server 2025, ✅ Windows Server 2022, ✅ Windows Server 2019, ✅ Windows Server 2016, ✅ Azure Local, versions 23H2 and 22H2

Saiba como usar cmdlets e scripts do Windows PowerShell para fornecer conectividade site a site para as redes virtuais do locatário. Neste tópico, você adiciona gateways virtuais de locatário a instâncias do gateway RAS que são membros de pools de gateways, usando o Controlador de Rede. O gateway RAS dá suporte a até cem locatários, dependendo da largura de banda usada por cada locatário. O Controlador de Rede determina automaticamente o Gateway de RAS a ser usado quando você implanta um novo gateway virtual para seus locatários.

Cada gateway virtual corresponde a um locatário específico e consiste em uma ou mais conexões de rede (túneis VPN site a site) e, opcionalmente, conexões BGP (Border Gateway Protocol). Quando você fornece conectividade site a site, seus clientes podem conectar sua rede virtual de locatário a uma rede externa, como uma rede corporativa de locatário, uma rede de provedor de serviços ou a Internet.

Ao implantar um Gateway Virtual de Locatário, você tem as seguintes opções de configuração:

Opções de conexão de rede	Opções de configuração do BGP
VPN (rede virtual privada) site a site do IPSec GRE (Encapsulamento de Roteamento Genérico) Encaminhamento de camada 3	Configuração do roteador BGP Configuração do par no nível de protocolo BGP Configuração de políticas de roteamento BGP

---

Os scripts e comandos de exemplo do Windows PowerShell neste tópico demonstram como implantar um gateway virtual de locatário em um Gateway RAS com cada uma dessas opções.

Importante

Antes de executar qualquer um dos comandos e scripts do Windows PowerShell de exemplo fornecidos, você deve alterar todos os valores de variáveis para que os valores sejam apropriados para sua implantação.

1. Verifique se o objeto do pool de gateway existe no controlador de rede.

   $uri = "https://ncrest.contoso.com"
   
   # Retrieve the Gateway Pool configuration
   $gwPool = Get-NetworkControllerGatewayPool -ConnectionUri $uri
   
   # Display in JSON format
   $gwPool | ConvertTo-Json -Depth 2
   
   

2. Verifique se a sub-rede usada para rotear pacotes da rede virtual do locatário existe no Controlador de Rede. Você também recupera a sub-rede virtual usada para roteamento entre o gateway de locatário e a rede virtual.

   $uri = "https://ncrest.contoso.com"
   
   # Retrieve the Tenant Virtual Network configuration
   $Vnet = Get-NetworkControllerVirtualNetwork -ConnectionUri $uri  -ResourceId "Contoso_Vnet1"
   
   # Display in JSON format
   $Vnet | ConvertTo-Json -Depth 4
   
   # Retrieve the Tenant Virtual Subnet configuration
   $RoutingSubnet = Get-NetworkControllerVirtualSubnet -ConnectionUri $uri  -ResourceId "Contoso_WebTier" -VirtualNetworkID $vnet.ResourceId
   
   # Display in JSON format
   $RoutingSubnet | ConvertTo-Json -Depth 4
   
   

3. Crie um novo objeto para o gateway virtual de locatário e atualize a referência do pool de gateway. Você também especifica a sub-rede virtual usada para roteamento entre o gateway e a rede virtual. Depois de especificar a sub-rede virtual, você atualiza o restante das propriedades do objeto do gateway virtual e, em seguida, adiciona o novo gateway virtual para o locatário.

   # Create a new object for Tenant Virtual Gateway
   $VirtualGWProperties = New-Object Microsoft.Windows.NetworkController.VirtualGatewayProperties
   
   # Update Gateway Pool reference
   $VirtualGWProperties.GatewayPools = @()
   $VirtualGWProperties.GatewayPools += $gwPool
   
   # Specify the Virtual Subnet that is to be used for routing between the gateway and Virtual Network
   $VirtualGWProperties.GatewaySubnets = @()
   $VirtualGWProperties.GatewaySubnets += $RoutingSubnet
   
   # Update the rest of the Virtual Gateway object properties
   $VirtualGWProperties.RoutingType = "Dynamic"
   $VirtualGWProperties.NetworkConnections = @()
   $VirtualGWProperties.BgpRouters = @()
   
   # Add the new Virtual Gateway for tenant
   $virtualGW = New-NetworkControllerVirtualGateway -ConnectionUri $uri  -ResourceId "Contoso_VirtualGW" -Properties $VirtualGWProperties -Force
   
   

4. Crie uma conexão VPN site a site com encaminhamento IPsec, GRE ou Camada 3 (L3).

   Dica

   Opcionalmente, você pode combinar todas as etapas anteriores e configurar um gateway virtual de locatário com todas as três opções de conexão. Para obter mais detalhes, confira Configurar um gateway com todos os três tipos de conexão (IPsec, GRE, L3) e BGP.

   Observação

   PerfectForwardSecrecy deve corresponder aos sites locais e remotos.

   Conexão de rede site a site do VPN IPsec

   # Create a new object for Tenant Network Connection
   $nwConnectionProperties = New-Object Microsoft.Windows.NetworkController.NetworkConnectionProperties
   
   # Update the common object properties
   $nwConnectionProperties.ConnectionType = "IPSec"
   $nwConnectionProperties.OutboundKiloBitsPerSecond = 10000
   $nwConnectionProperties.InboundKiloBitsPerSecond = 10000
   
   # Update specific properties depending on the Connection Type
   $nwConnectionProperties.IpSecConfiguration = New-Object Microsoft.Windows.NetworkController.IpSecConfiguration
   $nwConnectionProperties.IpSecConfiguration.AuthenticationMethod = "PSK"
   $nwConnectionProperties.IpSecConfiguration.SharedSecret = "P@ssw0rd"
   
   $nwConnectionProperties.IpSecConfiguration.QuickMode = New-Object Microsoft.Windows.NetworkController.QuickMode
   $nwConnectionProperties.IpSecConfiguration.QuickMode.PerfectForwardSecrecy = "PFS2048"
   $nwConnectionProperties.IpSecConfiguration.QuickMode.AuthenticationTransformationConstant = "SHA256128"
   $nwConnectionProperties.IpSecConfiguration.QuickMode.CipherTransformationConstant = "DES3"
   $nwConnectionProperties.IpSecConfiguration.QuickMode.SALifeTimeSeconds = 1233
   $nwConnectionProperties.IpSecConfiguration.QuickMode.IdleDisconnectSeconds = 500
   $nwConnectionProperties.IpSecConfiguration.QuickMode.SALifeTimeKiloBytes = 1048576
   
   $nwConnectionProperties.IpSecConfiguration.MainMode = New-Object Microsoft.Windows.NetworkController.MainMode
   $nwConnectionProperties.IpSecConfiguration.MainMode.DiffieHellmanGroup = "Group2"
   $nwConnectionProperties.IpSecConfiguration.MainMode.IntegrityAlgorithm = "SHA256"
   $nwConnectionProperties.IpSecConfiguration.MainMode.EncryptionAlgorithm = "AES256"
   $nwConnectionProperties.IpSecConfiguration.MainMode.SALifeTimeSeconds = 1234
   $nwConnectionProperties.IpSecConfiguration.MainMode.SALifeTimeKiloBytes = 1048576
   
   # L3 specific configuration (leave blank for IPSec)
   $nwConnectionProperties.IPAddresses = @()
   $nwConnectionProperties.PeerIPAddresses = @()
   
   # Update the IPv4 Routes that are reachable over the site-to-site VPN Tunnel
   $nwConnectionProperties.Routes = @()
   $ipv4Route = New-Object Microsoft.Windows.NetworkController.RouteInfo
   $ipv4Route.DestinationPrefix = "14.1.10.1/32"
   $ipv4Route.metric = 10
   $nwConnectionProperties.Routes += $ipv4Route
   
   # Tunnel Destination (Remote Endpoint) Address
   $nwConnectionProperties.DestinationIPAddress = "10.127.134.121"
   
   # Add the new Network Connection for the tenant
   New-NetworkControllerVirtualGatewayNetworkConnection -ConnectionUri $uri -VirtualGatewayId $virtualGW.ResourceId -ResourceId "Contoso_IPSecGW" -Properties $nwConnectionProperties -Force
   
   

   Conexão de rede site a site do VPN GRE

   # Create a new object for the Tenant Network Connection
   $nwConnectionProperties = New-Object Microsoft.Windows.NetworkController.NetworkConnectionProperties
   
   # Update the common object properties
   $nwConnectionProperties.ConnectionType = "GRE"
   $nwConnectionProperties.OutboundKiloBitsPerSecond = 10000
   $nwConnectionProperties.InboundKiloBitsPerSecond = 10000
   
   # Update specific properties depending on the Connection Type
   $nwConnectionProperties.GreConfiguration = New-Object Microsoft.Windows.NetworkController.GreConfiguration
   $nwConnectionProperties.GreConfiguration.GreKey = 1234
   
   # Update the IPv4 Routes that are reachable over the site-to-site VPN Tunnel
   $nwConnectionProperties.Routes = @()
   $ipv4Route = New-Object Microsoft.Windows.NetworkController.RouteInfo
   $ipv4Route.DestinationPrefix = "14.2.20.1/32"
   $ipv4Route.metric = 10
   $nwConnectionProperties.Routes += $ipv4Route
   
   # Tunnel Destination (Remote Endpoint) Address
   $nwConnectionProperties.DestinationIPAddress = "10.127.134.122"
   
   # L3 specific configuration (leave blank for GRE)
   $nwConnectionProperties.L3Configuration = New-Object Microsoft.Windows.NetworkController.L3Configuration
   $nwConnectionProperties.IPAddresses = @()
   $nwConnectionProperties.PeerIPAddresses = @()
   
   # Add the new Network Connection for the tenant
   New-NetworkControllerVirtualGatewayNetworkConnection -ConnectionUri $uri -VirtualGatewayId $virtualGW.ResourceId -ResourceId "Contoso_GreGW" -Properties $nwConnectionProperties -Force
   
   

   Conexão de rede de encaminhamento L3

   Para que uma conexão de rede de encaminhamento L3 funcione corretamente, você deve configurar uma rede lógica correspondente.

   1. Configure uma rede lógica para a conexão de rede de encaminhamento L3.
      

      # Create a new object for the Logical Network to be used for L3 Forwarding
      $lnProperties = New-Object Microsoft.Windows.NetworkController.LogicalNetworkProperties
      
      $lnProperties.NetworkVirtualizationEnabled = $false
      $lnProperties.Subnets = @()
      
      # Create a new object for the Logical Subnet to be used for L3 Forwarding and update properties
      $logicalsubnet = New-Object Microsoft.Windows.NetworkController.LogicalSubnet
      $logicalsubnet.ResourceId = "Contoso_L3_Subnet"
      $logicalsubnet.Properties = New-Object Microsoft.Windows.NetworkController.LogicalSubnetProperties
      $logicalsubnet.Properties.VlanID = 1001
      $logicalsubnet.Properties.AddressPrefix = "10.127.134.0/25"
      $logicalsubnet.Properties.DefaultGateways = "10.127.134.1"
      
      $lnProperties.Subnets += $logicalsubnet
      
      # Add the new Logical Network to Network Controller
      $vlanNetwork = New-NetworkControllerLogicalNetwork -ConnectionUri $uri -ResourceId "Contoso_L3_Network" -Properties $lnProperties -Force
      
      

   2. Crie um objeto JSON de conexão de rede e adicione-o ao Controlador de Rede.

      # Create a new object for the Tenant Network Connection
      $nwConnectionProperties = New-Object Microsoft.Windows.NetworkController.NetworkConnectionProperties
      
      # Update the common object properties
      $nwConnectionProperties.ConnectionType = "L3"
      $nwConnectionProperties.OutboundKiloBitsPerSecond = 10000
      $nwConnectionProperties.InboundKiloBitsPerSecond = 10000
      
      # GRE specific configuration (leave blank for L3)
      $nwConnectionProperties.GreConfiguration = New-Object Microsoft.Windows.NetworkController.GreConfiguration
      
      # Update specific properties depending on the Connection Type
      $nwConnectionProperties.L3Configuration = New-Object Microsoft.Windows.NetworkController.L3Configuration
      $nwConnectionProperties.L3Configuration.VlanSubnet = $vlanNetwork.properties.Subnets[0]
      
      $nwConnectionProperties.IPAddresses = @()
      $localIPAddress = New-Object Microsoft.Windows.NetworkController.CidrIPAddress
      $localIPAddress.IPAddress = "10.127.134.55"
      $localIPAddress.PrefixLength = 25
      $nwConnectionProperties.IPAddresses += $localIPAddress
      
      $nwConnectionProperties.PeerIPAddresses = @("10.127.134.65")
      
      # Update the IPv4 Routes that are reachable over the site-to-site VPN Tunnel
      $nwConnectionProperties.Routes = @()
      $ipv4Route = New-Object Microsoft.Windows.NetworkController.RouteInfo
      $ipv4Route.DestinationPrefix = "14.2.20.1/32"
      $ipv4Route.metric = 10
      $nwConnectionProperties.Routes += $ipv4Route
      
      # Add the new Network Connection for the tenant
      New-NetworkControllerVirtualGatewayNetworkConnection -ConnectionUri $uri -VirtualGatewayId $virtualGW.ResourceId -ResourceId "Contoso_L3GW" -Properties $nwConnectionProperties -Force
      
      

5. Configure o gateway como um roteador BGP e adicione-o ao Controlador de Rede.

   1. Adicione um roteador BGP para o locatário.

      # Create a new object for the Tenant BGP Router
      $bgpRouterproperties = New-Object Microsoft.Windows.NetworkController.VGwBgpRouterProperties
      
      # Update the BGP Router properties
      $bgpRouterproperties.ExtAsNumber = "0.64512"
      
      # Add the new BGP Router for the tenant
      $bgpRouter = New-NetworkControllerVirtualGatewayBgpRouter -ConnectionUri $uri -VirtualGatewayId $virtualGW.ResourceId -ResourceId "Contoso_BgpRouter1" -Properties $bgpRouterProperties -Force
      
      

   2. Adicione um par BGP para esse locatário, correspondente à Conexão de Rede VPN site a site adicionada acima.

      # Create a new object for Tenant BGP Peer
      $bgpPeerProperties = New-Object Microsoft.Windows.NetworkController.VGwBgpPeerProperties
      
      # Update the BGP Peer properties
      $bgpPeerProperties.PeerIpAddress = "14.1.10.1"
      $bgpPeerProperties.AsNumber = 64521
      $bgpPeerProperties.ExtAsNumber = "0.64521"
      
      # Add the new BGP Peer for tenant
      New-NetworkControllerVirtualGatewayBgpPeer -ConnectionUri $uri -VirtualGatewayId $virtualGW.ResourceId -BgpRouterName $bgpRouter.ResourceId -ResourceId "Contoso_IPSec_Peer" -Properties $bgpPeerProperties -Force
      
      

(Etapa opcional) Configurar um gateway com todos os três tipos de conexão (IPsec, GRE, L3) e BGP

Opcionalmente, você pode combinar todas as etapas anteriores e configurar um gateway virtual de locatário com todas as três opções de conexão:

Observação

PerfectForwardSecrecy deve corresponder aos sites locais e remotos.

# Create a new Virtual Gateway Properties type object
$VirtualGWProperties = New-Object Microsoft.Windows.NetworkController.VirtualGatewayProperties

# Update GatewayPool reference
$VirtualGWProperties.GatewayPools = @()
$VirtualGWProperties.GatewayPools += $gwPool

# Specify the Virtual Subnet that is to be used for routing between GW and VNET
$VirtualGWProperties.GatewaySubnets = @()
$VirtualGWProperties.GatewaySubnets += $RoutingSubnet

# Update some basic properties
$VirtualGWProperties.RoutingType = "Dynamic"

# Update Network Connection object(s)
$VirtualGWProperties.NetworkConnections = @()

# IPSec Connection configuration
$ipSecConnection = New-Object Microsoft.Windows.NetworkController.NetworkConnection
$ipSecConnection.ResourceId = "Contoso_IPSecGW"
$ipSecConnection.Properties = New-Object Microsoft.Windows.NetworkController.NetworkConnectionProperties
$ipSecConnection.Properties.ConnectionType = "IPSec"
$ipSecConnection.Properties.OutboundKiloBitsPerSecond = 10000
$ipSecConnection.Properties.InboundKiloBitsPerSecond = 10000

$ipSecConnection.Properties.IpSecConfiguration = New-Object Microsoft.Windows.NetworkController.IpSecConfiguration

$ipSecConnection.Properties.IpSecConfiguration.AuthenticationMethod = "PSK"
$ipSecConnection.Properties.IpSecConfiguration.SharedSecret = "P@ssw0rd"

$ipSecConnection.Properties.IpSecConfiguration.QuickMode = New-Object Microsoft.Windows.NetworkController.QuickMode

$ipSecConnection.Properties.IpSecConfiguration.QuickMode.PerfectForwardSecrecy = "PFS2048"
$ipSecConnection.Properties.IpSecConfiguration.QuickMode.AuthenticationTransformationConstant = "SHA256128"
$ipSecConnection.Properties.IpSecConfiguration.QuickMode.CipherTransformationConstant = "DES3"
$ipSecConnection.Properties.IpSecConfiguration.QuickMode.SALifeTimeSeconds = 1233
$ipSecConnection.Properties.IpSecConfiguration.QuickMode.IdleDisconnectSeconds = 500
$ipSecConnection.Properties.IpSecConfiguration.QuickMode.SALifeTimeKiloBytes = 1048576

$ipSecConnection.Properties.IpSecConfiguration.MainMode = New-Object Microsoft.Windows.NetworkController.MainMode

$ipSecConnection.Properties.IpSecConfiguration.MainMode.DiffieHellmanGroup = "Group2"
$ipSecConnection.Properties.IpSecConfiguration.MainMode.IntegrityAlgorithm = "SHA256"
$ipSecConnection.Properties.IpSecConfiguration.MainMode.EncryptionAlgorithm = "AES256"
$ipSecConnection.Properties.IpSecConfiguration.MainMode.SALifeTimeSeconds = 1234
$ipSecConnection.Properties.IpSecConfiguration.MainMode.SALifeTimeKiloBytes = 1048576

$ipSecConnection.Properties.IPAddresses = @()
$ipSecConnection.Properties.PeerIPAddresses = @()

$ipSecConnection.Properties.Routes = @()

$ipv4Route = New-Object Microsoft.Windows.NetworkController.RouteInfo
$ipv4Route.DestinationPrefix = "14.1.10.1/32"
$ipv4Route.metric = 10
$ipSecConnection.Properties.Routes += $ipv4Route

$ipSecConnection.Properties.DestinationIPAddress = "10.127.134.121"

# GRE Connection configuration
$greConnection = New-Object Microsoft.Windows.NetworkController.NetworkConnection
$greConnection.ResourceId = "Contoso_GreGW"

$greConnection.Properties = New-Object Microsoft.Windows.NetworkController.NetworkConnectionProperties
$greConnection.Properties.ConnectionType = "GRE"
$greConnection.Properties.OutboundKiloBitsPerSecond = 10000
$greConnection.Properties.InboundKiloBitsPerSecond = 10000

$greConnection.Properties.GreConfiguration = New-Object Microsoft.Windows.NetworkController.GreConfiguration
$greConnection.Properties.GreConfiguration.GreKey = 1234

$greConnection.Properties.IPAddresses = @()
$greConnection.Properties.PeerIPAddresses = @()

$greConnection.Properties.Routes = @()

$ipv4Route = New-Object Microsoft.Windows.NetworkController.RouteInfo
$ipv4Route.DestinationPrefix = "14.2.20.1/32"
$ipv4Route.metric = 10
$greConnection.Properties.Routes += $ipv4Route

$greConnection.Properties.DestinationIPAddress = "10.127.134.122"

$greConnection.Properties.L3Configuration = New-Object Microsoft.Windows.NetworkController.L3Configuration

# L3 Forwarding connection configuration
$l3Connection = New-Object Microsoft.Windows.NetworkController.NetworkConnection
$l3Connection.ResourceId = "Contoso_L3GW"

$l3Connection.Properties = New-Object Microsoft.Windows.NetworkController.NetworkConnectionProperties
$l3Connection.Properties.ConnectionType = "L3"
$l3Connection.Properties.OutboundKiloBitsPerSecond = 10000
$l3Connection.Properties.InboundKiloBitsPerSecond = 10000

$l3Connection.Properties.GreConfiguration = New-Object Microsoft.Windows.NetworkController.GreConfiguration
$l3Connection.Properties.L3Configuration = New-Object Microsoft.Windows.NetworkController.L3Configuration
$l3Connection.Properties.L3Configuration.VlanSubnet = $vlanNetwork.properties.Subnets[0]

$l3Connection.Properties.IPAddresses = @()
$localIPAddress = New-Object Microsoft.Windows.NetworkController.CidrIPAddress
$localIPAddress.IPAddress = "10.127.134.55"
$localIPAddress.PrefixLength = 25
$l3Connection.Properties.IPAddresses += $localIPAddress

$l3Connection.Properties.PeerIPAddresses = @("10.127.134.65")

$l3Connection.Properties.Routes = @()
$ipv4Route = New-Object Microsoft.Windows.NetworkController.RouteInfo
$ipv4Route.DestinationPrefix = "14.2.20.1/32"
$ipv4Route.metric = 10
$l3Connection.Properties.Routes += $ipv4Route

# Update BGP Router Object
$VirtualGWProperties.BgpRouters = @()

$bgpRouter = New-Object Microsoft.Windows.NetworkController.VGwBgpRouter
$bgpRouter.ResourceId = "Contoso_BgpRouter1"
$bgpRouter.Properties = New-Object Microsoft.Windows.NetworkController.VGwBgpRouterProperties

$bgpRouter.Properties.ExtAsNumber = "0.64512"
$bgpRouter.Properties.BgpPeers = @()

# Create BGP Peer Object(s)
# BGP Peer for IPSec Connection
$bgpPeer_IPSec = New-Object Microsoft.Windows.NetworkController.VGwBgpPeer
$bgpPeer_IPSec.ResourceId = "Contoso_IPSec_Peer"

$bgpPeer_IPSec.Properties = New-Object Microsoft.Windows.NetworkController.VGwBgpPeerProperties
$bgpPeer_IPSec.Properties.PeerIpAddress = "14.1.10.1"
$bgpPeer_IPSec.Properties.AsNumber = 64521
$bgpPeer_IPSec.Properties.ExtAsNumber = "0.64521"

$bgpRouter.Properties.BgpPeers += $bgpPeer_IPSec

# BGP Peer for GRE Connection
$bgpPeer_Gre = New-Object Microsoft.Windows.NetworkController.VGwBgpPeer
$bgpPeer_Gre.ResourceId = "Contoso_Gre_Peer"

$bgpPeer_Gre.Properties = New-Object Microsoft.Windows.NetworkController.VGwBgpPeerProperties
$bgpPeer_Gre.Properties.PeerIpAddress = "14.2.20.1"
$bgpPeer_Gre.Properties.AsNumber = 64522
$bgpPeer_Gre.Properties.ExtAsNumber = "0.64522"

$bgpRouter.Properties.BgpPeers += $bgpPeer_Gre

# BGP Peer for L3 Connection
$bgpPeer_L3 = New-Object Microsoft.Windows.NetworkController.VGwBgpPeer
$bgpPeer_L3.ResourceId = "Contoso_L3_Peer"

$bgpPeer_L3.Properties = New-Object Microsoft.Windows.NetworkController.VGwBgpPeerProperties
$bgpPeer_L3.Properties.PeerIpAddress = "14.3.30.1"
$bgpPeer_L3.Properties.AsNumber = 64523
$bgpPeer_L3.Properties.ExtAsNumber = "0.64523"

$bgpRouter.Properties.BgpPeers += $bgpPeer_L3

$VirtualGWProperties.BgpRouters += $bgpRouter

# Finally Add the new Virtual Gateway for tenant
New-NetworkControllerVirtualGateway -ConnectionUri $uri  -ResourceId "Contoso_VirtualGW" -Properties $VirtualGWProperties -Force

Modificar um gateway para uma rede virtual

Recuperar a configuração do componente e armazená-la em uma variável

$nwConnection = Get-NetworkControllerVirtualGatewayNetworkConnection -ConnectionUri $uri -VirtualGatewayId "Contoso_VirtualGW" -ResourceId "Contoso_IPSecGW"

Navegue pela estrutura de variáveis para alcançar a propriedade necessária e defina-a como o valor de atualizações

$nwConnection.properties.IpSecConfiguration.SharedSecret = "C0mplexP@ssW0rd"

Adicionar a configuração modificada para substituir a configuração mais antiga no Controlador de Rede

New-NetworkControllerVirtualGatewayNetworkConnection -ConnectionUri $uri -VirtualGatewayId "Contoso_VirtualGW" -ResourceId $nwConnection.ResourceId -Properties $nwConnection.Properties -Force

Remover um gateway de uma rede virtual

Você pode usar os seguintes comandos do Windows PowerShell para remover recursos individuais de gateway ou todo o gateway.

Remover uma conexão de rede

Remove-NetworkControllerVirtualGatewayNetworkConnection -ConnectionUri $uri -VirtualGatewayId "Contoso_VirtualGW" -ResourceId "Contoso_IPSecGW" -Force

Remover um par no nível de protocolo BGP

Remove-NetworkControllerVirtualGatewayBgpPeer -ConnectionUri $uri -VirtualGatewayId "Contoso_VirtualGW" -BgpRouterName "Contoso_BgpRouter1" -ResourceId "Contoso_IPSec_Peer" -Force

Remover um roteador BGP

Remove-NetworkControllerVirtualGatewayBgpRouter -ConnectionUri $uri -VirtualGatewayId "Contoso_VirtualGW" -ResourceId "Contoso_BgpRouter1" -Force

Remover um gateway

Remove-NetworkControllerVirtualGateway -ConnectionUri $uri -ResourceId "Contoso_VirtualGW" -Force

---