Related Topics

Azure Virtual Network Gateway VPN Client Connection Cmdlets by Scenario

Plugins Cmdlets

This section details the Azure PowerShell cmdlets used to manage VPN client connectivity scenarios, specifically focusing on plugin-based configurations and operations.

Overview

Azure Virtual Network Gateway enables secure hybrid connectivity between your on-premises networks and your Azure virtual networks. VPN client connection cmdlets allow you to configure and manage the client-side aspects of these VPN connections, enabling remote users to connect securely to your Azure resources. This particular set of cmdlets focuses on scenarios that leverage plugins for advanced configuration and functionality.

Key Cmdlets for Plugin Scenarios

  • Get-AzVpnClientRootCertificate

    Retrieves the root certificates configured for VPN client authentication.

    Get-AzVpnClientRootCertificate -VpnGateway [-DefaultProfile ]
  • Add-AzVpnClientRootCertificate

    Adds a root certificate to the VPN client configuration for authentication.

    Add-AzVpnClientRootCertificate -VpnGateway -Name -PublicCertData [-DefaultProfile ]
  • Remove-AzVpnClientRootCertificate

    Removes a root certificate from the VPN client configuration.

    Remove-AzVpnClientRootCertificate -VpnGateway -Name [-DefaultProfile ]
  • Set-AzVpnClientConfiguration

    Configures the VPN client settings for a virtual network gateway, including plugin-specific parameters.

    Set-AzVpnClientConfiguration -VpnGateway -VpnClientRootCertificates [-DefaultProfile ]
  • Get-AzVpnClientConfiguration

    Retrieves the current VPN client configuration for a virtual network gateway.

    Get-AzVpnClientConfiguration -VpnGateway [-DefaultProfile ]
  • Invoke-AzVpnClient

    Initiates a VPN client connection to the virtual network gateway.

    Invoke-AzVpnClient -ResourceGroupName -Name [-WanVpnAgent ] [-DefaultProfile ]
  • Remove-AzVpnClientConfiguration

    Removes the VPN client configuration from a virtual network gateway.

    Remove-AzVpnClientConfiguration -VpnGateway [-DefaultProfile ]

Usage Examples

Example 1: Adding a root certificate

This example shows how to add a root certificate to your VPN gateway configuration.


# Define variables
$resourceGroupName = "MyResourceGroup"
$vpnGatewayName = "myVpnGateway"
$certificateName = "MyRootCert"
$certificatePath = "C:\Certs\MyRootCert.cer"

# Get the VPN gateway
$vpnGateway = Get-AzVirtualNetworkGateway -ResourceGroupName $resourceGroupName -Name $vpnGatewayName

# Read the certificate data
$publicCertData = [System.Convert]::ToBase64String((Get-Content -Path $certificatePath -Encoding Byte -ReadCount 0))

# Add the root certificate
Add-AzVpnClientRootCertificate -VpnGateway $vpnGateway -Name $certificateName -PublicCertData $publicCertData

Example 2: Initiating a VPN client connection

This example demonstrates how to start a VPN client connection to a specified gateway.


# Define variables
$resourceGroupName = "MyResourceGroup"
$vpnGatewayName = "myVpnGateway"

# Invoke the VPN client connection
Invoke-AzVpnClient -ResourceGroupName $resourceGroupName -Name $vpnGatewayName

Parameters Explained

Parameter Description Required
VpnGateway The VirtualNetworkGateway object representing the VPN gateway. Yes
Name The name of the root certificate or VPN gateway. Yes
PublicCertData The public certificate data in Base64 encoded string format. Yes
ResourceGroupName The name of the resource group. Yes
WanVpnAgent Specifies the WAN VPN agent to use for the connection. No
VpnClientRootCertificates An array of VpnClientRootCertificate objects to be configured. No
DefaultProfile The Azure context profile to use. No