Partilhar via


Microsoft.Network virtualWans/p2sVpnServerConfigurations 2019-04-01

Bicep resource definition

The virtualWans/p2sVpnServerConfigurations resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/virtualWans/p2sVpnServerConfigurations resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.Network/virtualWans/p2sVpnServerConfigurations@2019-04-01' = {
  parent: resourceSymbolicName
  name: 'string'
  properties: {
    etag: 'string'
    name: 'string'
    p2SVpnServerConfigRadiusClientRootCertificates: [
      {
        etag: 'string'
        id: 'string'
        name: 'string'
        properties: {
          thumbprint: 'string'
        }
      }
    ]
    p2SVpnServerConfigRadiusServerRootCertificates: [
      {
        etag: 'string'
        id: 'string'
        name: 'string'
        properties: {
          publicCertData: 'string'
        }
      }
    ]
    p2SVpnServerConfigVpnClientRevokedCertificates: [
      {
        etag: 'string'
        id: 'string'
        name: 'string'
        properties: {
          thumbprint: 'string'
        }
      }
    ]
    p2SVpnServerConfigVpnClientRootCertificates: [
      {
        etag: 'string'
        id: 'string'
        name: 'string'
        properties: {
          publicCertData: 'string'
        }
      }
    ]
    radiusServerAddress: 'string'
    radiusServerSecret: 'string'
    vpnClientIpsecPolicies: [
      {
        dhGroup: 'string'
        ikeEncryption: 'string'
        ikeIntegrity: 'string'
        ipsecEncryption: 'string'
        ipsecIntegrity: 'string'
        pfsGroup: 'string'
        saDataSizeKilobytes: int
        saLifeTimeSeconds: int
      }
    ]
    vpnProtocols: [
      'string'
    ]
  }
}

Property values

IpsecPolicy

Name Description Value
dhGroup The DH Group used in IKE Phase 1 for initial SA. 'DHGroup1'
'DHGroup14'
'DHGroup2'
'DHGroup2048'
'DHGroup24'
'ECP256'
'ECP384'
'None' (required)
ikeEncryption The IKE encryption algorithm (IKE phase 2). 'AES128'
'AES192'
'AES256'
'DES'
'DES3'
'GCMAES128'
'GCMAES256' (required)
ikeIntegrity The IKE integrity algorithm (IKE phase 2). 'GCMAES128'
'GCMAES256'
'MD5'
'SHA1'
'SHA256'
'SHA384' (required)
ipsecEncryption The IPSec encryption algorithm (IKE phase 1). 'AES128'
'AES192'
'AES256'
'DES'
'DES3'
'GCMAES128'
'GCMAES192'
'GCMAES256'
'None' (required)
ipsecIntegrity The IPSec integrity algorithm (IKE phase 1). 'GCMAES128'
'GCMAES192'
'GCMAES256'
'MD5'
'SHA1'
'SHA256' (required)
pfsGroup The Pfs Group used in IKE Phase 2 for new child SA. 'ECP256'
'ECP384'
'None'
'PFS1'
'PFS14'
'PFS2'
'PFS2048'
'PFS24'
'PFSMM' (required)
saDataSizeKilobytes The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel. int (required)
saLifeTimeSeconds The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel. int (required)

Microsoft.Network/virtualWans/p2sVpnServerConfigurations

Name Description Value
name The resource name string (required)
parent In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource.

For more information, see Child resource outside parent resource.
Symbolic name for resource of type: virtualWans
properties Properties of the P2SVpnServer configuration. P2SVpnServerConfigurationProperties

P2SVpnServerConfigRadiusClientRootCertificate

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the Radius client root certificate. P2SVpnServerConfigRadiusClientRootCertificatePropertiesFormat

P2SVpnServerConfigRadiusClientRootCertificatePropertiesFormat

Name Description Value
thumbprint The Radius client root certificate thumbprint. string

P2SVpnServerConfigRadiusServerRootCertificate

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the P2SVpnServerConfiguration Radius Server root certificate. P2SVpnServerConfigRadiusServerRootCertificatePropertiesFormat (required)

P2SVpnServerConfigRadiusServerRootCertificatePropertiesFormat

Name Description Value
publicCertData The certificate public data. string (required)

P2SVpnServerConfigurationProperties

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
name The name of the P2SVpnServerConfiguration that is unique within a VirtualWan in a resource group. This name can be used to access the resource along with Paren VirtualWan resource name. string
p2SVpnServerConfigRadiusClientRootCertificates Radius client root certificate of P2SVpnServerConfiguration. P2SVpnServerConfigRadiusClientRootCertificate[]
p2SVpnServerConfigRadiusServerRootCertificates Radius Server root certificate of P2SVpnServerConfiguration. P2SVpnServerConfigRadiusServerRootCertificate[]
p2SVpnServerConfigVpnClientRevokedCertificates VPN client revoked certificate of P2SVpnServerConfiguration. P2SVpnServerConfigVpnClientRevokedCertificate[]
p2SVpnServerConfigVpnClientRootCertificates VPN client root certificate of P2SVpnServerConfiguration. P2SVpnServerConfigVpnClientRootCertificate[]
radiusServerAddress The radius server address property of the P2SVpnServerConfiguration resource for point to site client connection. string
radiusServerSecret The radius secret property of the P2SVpnServerConfiguration resource for point to site client connection. string
vpnClientIpsecPolicies VpnClientIpsecPolicies for P2SVpnServerConfiguration. IpsecPolicy[]
vpnProtocols VPN protocols for the P2SVpnServerConfiguration. String array containing any of:
'IkeV2'
'OpenVPN'

P2SVpnServerConfigVpnClientRevokedCertificate

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the vpn client revoked certificate. P2SVpnServerConfigVpnClientRevokedCertificatePropertiesFormat

P2SVpnServerConfigVpnClientRevokedCertificatePropertiesFormat

Name Description Value
thumbprint The revoked VPN client certificate thumbprint. string

P2SVpnServerConfigVpnClientRootCertificate

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the P2SVpnServerConfiguration VPN client root certificate. P2SVpnServerConfigVpnClientRootCertificatePropertiesFormat (required)

P2SVpnServerConfigVpnClientRootCertificatePropertiesFormat

Name Description Value
publicCertData The certificate public data. string (required)

ARM template resource definition

The virtualWans/p2sVpnServerConfigurations resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/virtualWans/p2sVpnServerConfigurations resource, add the following JSON to your template.

{
  "type": "Microsoft.Network/virtualWans/p2sVpnServerConfigurations",
  "apiVersion": "2019-04-01",
  "name": "string",
  "properties": {
    "etag": "string",
    "name": "string",
    "p2SVpnServerConfigRadiusClientRootCertificates": [
      {
        "etag": "string",
        "id": "string",
        "name": "string",
        "properties": {
          "thumbprint": "string"
        }
      }
    ],
    "p2SVpnServerConfigRadiusServerRootCertificates": [
      {
        "etag": "string",
        "id": "string",
        "name": "string",
        "properties": {
          "publicCertData": "string"
        }
      }
    ],
    "p2SVpnServerConfigVpnClientRevokedCertificates": [
      {
        "etag": "string",
        "id": "string",
        "name": "string",
        "properties": {
          "thumbprint": "string"
        }
      }
    ],
    "p2SVpnServerConfigVpnClientRootCertificates": [
      {
        "etag": "string",
        "id": "string",
        "name": "string",
        "properties": {
          "publicCertData": "string"
        }
      }
    ],
    "radiusServerAddress": "string",
    "radiusServerSecret": "string",
    "vpnClientIpsecPolicies": [
      {
        "dhGroup": "string",
        "ikeEncryption": "string",
        "ikeIntegrity": "string",
        "ipsecEncryption": "string",
        "ipsecIntegrity": "string",
        "pfsGroup": "string",
        "saDataSizeKilobytes": "int",
        "saLifeTimeSeconds": "int"
      }
    ],
    "vpnProtocols": [ "string" ]
  }
}

Property values

IpsecPolicy

Name Description Value
dhGroup The DH Group used in IKE Phase 1 for initial SA. 'DHGroup1'
'DHGroup14'
'DHGroup2'
'DHGroup2048'
'DHGroup24'
'ECP256'
'ECP384'
'None' (required)
ikeEncryption The IKE encryption algorithm (IKE phase 2). 'AES128'
'AES192'
'AES256'
'DES'
'DES3'
'GCMAES128'
'GCMAES256' (required)
ikeIntegrity The IKE integrity algorithm (IKE phase 2). 'GCMAES128'
'GCMAES256'
'MD5'
'SHA1'
'SHA256'
'SHA384' (required)
ipsecEncryption The IPSec encryption algorithm (IKE phase 1). 'AES128'
'AES192'
'AES256'
'DES'
'DES3'
'GCMAES128'
'GCMAES192'
'GCMAES256'
'None' (required)
ipsecIntegrity The IPSec integrity algorithm (IKE phase 1). 'GCMAES128'
'GCMAES192'
'GCMAES256'
'MD5'
'SHA1'
'SHA256' (required)
pfsGroup The Pfs Group used in IKE Phase 2 for new child SA. 'ECP256'
'ECP384'
'None'
'PFS1'
'PFS14'
'PFS2'
'PFS2048'
'PFS24'
'PFSMM' (required)
saDataSizeKilobytes The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel. int (required)
saLifeTimeSeconds The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel. int (required)

Microsoft.Network/virtualWans/p2sVpnServerConfigurations

Name Description Value
apiVersion The api version '2019-04-01'
name The resource name string (required)
properties Properties of the P2SVpnServer configuration. P2SVpnServerConfigurationProperties
type The resource type 'Microsoft.Network/virtualWans/p2sVpnServerConfigurations'

P2SVpnServerConfigRadiusClientRootCertificate

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the Radius client root certificate. P2SVpnServerConfigRadiusClientRootCertificatePropertiesFormat

P2SVpnServerConfigRadiusClientRootCertificatePropertiesFormat

Name Description Value
thumbprint The Radius client root certificate thumbprint. string

P2SVpnServerConfigRadiusServerRootCertificate

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the P2SVpnServerConfiguration Radius Server root certificate. P2SVpnServerConfigRadiusServerRootCertificatePropertiesFormat (required)

P2SVpnServerConfigRadiusServerRootCertificatePropertiesFormat

Name Description Value
publicCertData The certificate public data. string (required)

P2SVpnServerConfigurationProperties

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
name The name of the P2SVpnServerConfiguration that is unique within a VirtualWan in a resource group. This name can be used to access the resource along with Paren VirtualWan resource name. string
p2SVpnServerConfigRadiusClientRootCertificates Radius client root certificate of P2SVpnServerConfiguration. P2SVpnServerConfigRadiusClientRootCertificate[]
p2SVpnServerConfigRadiusServerRootCertificates Radius Server root certificate of P2SVpnServerConfiguration. P2SVpnServerConfigRadiusServerRootCertificate[]
p2SVpnServerConfigVpnClientRevokedCertificates VPN client revoked certificate of P2SVpnServerConfiguration. P2SVpnServerConfigVpnClientRevokedCertificate[]
p2SVpnServerConfigVpnClientRootCertificates VPN client root certificate of P2SVpnServerConfiguration. P2SVpnServerConfigVpnClientRootCertificate[]
radiusServerAddress The radius server address property of the P2SVpnServerConfiguration resource for point to site client connection. string
radiusServerSecret The radius secret property of the P2SVpnServerConfiguration resource for point to site client connection. string
vpnClientIpsecPolicies VpnClientIpsecPolicies for P2SVpnServerConfiguration. IpsecPolicy[]
vpnProtocols VPN protocols for the P2SVpnServerConfiguration. String array containing any of:
'IkeV2'
'OpenVPN'

P2SVpnServerConfigVpnClientRevokedCertificate

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the vpn client revoked certificate. P2SVpnServerConfigVpnClientRevokedCertificatePropertiesFormat

P2SVpnServerConfigVpnClientRevokedCertificatePropertiesFormat

Name Description Value
thumbprint The revoked VPN client certificate thumbprint. string

P2SVpnServerConfigVpnClientRootCertificate

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the P2SVpnServerConfiguration VPN client root certificate. P2SVpnServerConfigVpnClientRootCertificatePropertiesFormat (required)

P2SVpnServerConfigVpnClientRootCertificatePropertiesFormat

Name Description Value
publicCertData The certificate public data. string (required)

Terraform (AzAPI provider) resource definition

The virtualWans/p2sVpnServerConfigurations resource type can be deployed with operations that target:

  • Resource groups

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/virtualWans/p2sVpnServerConfigurations resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Network/virtualWans/p2sVpnServerConfigurations@2019-04-01"
  name = "string"
  body = jsonencode({
    properties = {
      etag = "string"
      name = "string"
      p2SVpnServerConfigRadiusClientRootCertificates = [
        {
          etag = "string"
          id = "string"
          name = "string"
          properties = {
            thumbprint = "string"
          }
        }
      ]
      p2SVpnServerConfigRadiusServerRootCertificates = [
        {
          etag = "string"
          id = "string"
          name = "string"
          properties = {
            publicCertData = "string"
          }
        }
      ]
      p2SVpnServerConfigVpnClientRevokedCertificates = [
        {
          etag = "string"
          id = "string"
          name = "string"
          properties = {
            thumbprint = "string"
          }
        }
      ]
      p2SVpnServerConfigVpnClientRootCertificates = [
        {
          etag = "string"
          id = "string"
          name = "string"
          properties = {
            publicCertData = "string"
          }
        }
      ]
      radiusServerAddress = "string"
      radiusServerSecret = "string"
      vpnClientIpsecPolicies = [
        {
          dhGroup = "string"
          ikeEncryption = "string"
          ikeIntegrity = "string"
          ipsecEncryption = "string"
          ipsecIntegrity = "string"
          pfsGroup = "string"
          saDataSizeKilobytes = int
          saLifeTimeSeconds = int
        }
      ]
      vpnProtocols = [
        "string"
      ]
    }
  })
}

Property values

IpsecPolicy

Name Description Value
dhGroup The DH Group used in IKE Phase 1 for initial SA. 'DHGroup1'
'DHGroup14'
'DHGroup2'
'DHGroup2048'
'DHGroup24'
'ECP256'
'ECP384'
'None' (required)
ikeEncryption The IKE encryption algorithm (IKE phase 2). 'AES128'
'AES192'
'AES256'
'DES'
'DES3'
'GCMAES128'
'GCMAES256' (required)
ikeIntegrity The IKE integrity algorithm (IKE phase 2). 'GCMAES128'
'GCMAES256'
'MD5'
'SHA1'
'SHA256'
'SHA384' (required)
ipsecEncryption The IPSec encryption algorithm (IKE phase 1). 'AES128'
'AES192'
'AES256'
'DES'
'DES3'
'GCMAES128'
'GCMAES192'
'GCMAES256'
'None' (required)
ipsecIntegrity The IPSec integrity algorithm (IKE phase 1). 'GCMAES128'
'GCMAES192'
'GCMAES256'
'MD5'
'SHA1'
'SHA256' (required)
pfsGroup The Pfs Group used in IKE Phase 2 for new child SA. 'ECP256'
'ECP384'
'None'
'PFS1'
'PFS14'
'PFS2'
'PFS2048'
'PFS24'
'PFSMM' (required)
saDataSizeKilobytes The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel. int (required)
saLifeTimeSeconds The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel. int (required)

Microsoft.Network/virtualWans/p2sVpnServerConfigurations

Name Description Value
name The resource name string (required)
parent_id The ID of the resource that is the parent for this resource. ID for resource of type: virtualWans
properties Properties of the P2SVpnServer configuration. P2SVpnServerConfigurationProperties
type The resource type "Microsoft.Network/virtualWans/p2sVpnServerConfigurations@2019-04-01"

P2SVpnServerConfigRadiusClientRootCertificate

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the Radius client root certificate. P2SVpnServerConfigRadiusClientRootCertificatePropertiesFormat

P2SVpnServerConfigRadiusClientRootCertificatePropertiesFormat

Name Description Value
thumbprint The Radius client root certificate thumbprint. string

P2SVpnServerConfigRadiusServerRootCertificate

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the P2SVpnServerConfiguration Radius Server root certificate. P2SVpnServerConfigRadiusServerRootCertificatePropertiesFormat (required)

P2SVpnServerConfigRadiusServerRootCertificatePropertiesFormat

Name Description Value
publicCertData The certificate public data. string (required)

P2SVpnServerConfigurationProperties

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
name The name of the P2SVpnServerConfiguration that is unique within a VirtualWan in a resource group. This name can be used to access the resource along with Paren VirtualWan resource name. string
p2SVpnServerConfigRadiusClientRootCertificates Radius client root certificate of P2SVpnServerConfiguration. P2SVpnServerConfigRadiusClientRootCertificate[]
p2SVpnServerConfigRadiusServerRootCertificates Radius Server root certificate of P2SVpnServerConfiguration. P2SVpnServerConfigRadiusServerRootCertificate[]
p2SVpnServerConfigVpnClientRevokedCertificates VPN client revoked certificate of P2SVpnServerConfiguration. P2SVpnServerConfigVpnClientRevokedCertificate[]
p2SVpnServerConfigVpnClientRootCertificates VPN client root certificate of P2SVpnServerConfiguration. P2SVpnServerConfigVpnClientRootCertificate[]
radiusServerAddress The radius server address property of the P2SVpnServerConfiguration resource for point to site client connection. string
radiusServerSecret The radius secret property of the P2SVpnServerConfiguration resource for point to site client connection. string
vpnClientIpsecPolicies VpnClientIpsecPolicies for P2SVpnServerConfiguration. IpsecPolicy[]
vpnProtocols VPN protocols for the P2SVpnServerConfiguration. String array containing any of:
'IkeV2'
'OpenVPN'

P2SVpnServerConfigVpnClientRevokedCertificate

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the vpn client revoked certificate. P2SVpnServerConfigVpnClientRevokedCertificatePropertiesFormat

P2SVpnServerConfigVpnClientRevokedCertificatePropertiesFormat

Name Description Value
thumbprint The revoked VPN client certificate thumbprint. string

P2SVpnServerConfigVpnClientRootCertificate

Name Description Value
etag A unique read-only string that changes whenever the resource is updated. string
id Resource ID. string
name The name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of the P2SVpnServerConfiguration VPN client root certificate. P2SVpnServerConfigVpnClientRootCertificatePropertiesFormat (required)

P2SVpnServerConfigVpnClientRootCertificatePropertiesFormat

Name Description Value
publicCertData The certificate public data. string (required)