New-AzVirtualNetworkGatewayConnection

Is this page helpful?

Any additional feedback?

Feedback will be sent to Microsoft: By pressing the submit button, your feedback will be used to improve Microsoft products and services. Privacy policy.

Module:

Az.Network

Creates the Site-to-Site VPN connection between the virtual network gateway and the on-prem VPN device.

Note

This is the previous version of our documentation. Please consult the most recent version for up-to-date information.

Syntax

New-AzVirtualNetworkGatewayConnection
   -Name <String>
   -ResourceGroupName <String>
   -Location <String>
   [-AuthorizationKey <String>]
   -VirtualNetworkGateway1 <PSVirtualNetworkGateway>
   [-VirtualNetworkGateway2 <PSVirtualNetworkGateway>]
   [-LocalNetworkGateway2 <PSLocalNetworkGateway>]
   -ConnectionType <String>
   [-RoutingWeight <Int32>]
   [-DpdTimeoutInSeconds <Int32>]
   [-ConnectionMode <String>]
   [-SharedKey <String>]
   [-Peer <PSPeering>]
   [-EnableBgp <Boolean>]
   [-UseLocalAzureIpAddress]
   [-Tag <Hashtable>]
   [-Force]
   [-UsePolicyBasedTrafficSelectors <Boolean>]
   [-IpsecPolicies <PSIpsecPolicy[]>]
   [-TrafficSelectorPolicy <PSTrafficSelectorPolicy[]>]
   [-ConnectionProtocol <String>]
   [-IngressNatRule <PSResourceId[]>]
   [-EgressNatRule <PSResourceId[]>]
   [-AsJob]
   [-ExpressRouteGatewayBypass]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

New-AzVirtualNetworkGatewayConnection
   -Name <String>
   -ResourceGroupName <String>
   -Location <String>
   [-AuthorizationKey <String>]
   -VirtualNetworkGateway1 <PSVirtualNetworkGateway>
   [-VirtualNetworkGateway2 <PSVirtualNetworkGateway>]
   [-LocalNetworkGateway2 <PSLocalNetworkGateway>]
   -ConnectionType <String>
   [-RoutingWeight <Int32>]
   [-DpdTimeoutInSeconds <Int32>]
   [-ConnectionMode <String>]
   [-SharedKey <String>]
   [-PeerId <String>]
   [-EnableBgp <Boolean>]
   [-UseLocalAzureIpAddress]
   [-Tag <Hashtable>]
   [-Force]
   [-UsePolicyBasedTrafficSelectors <Boolean>]
   [-IpsecPolicies <PSIpsecPolicy[]>]
   [-TrafficSelectorPolicy <PSTrafficSelectorPolicy[]>]
   [-ConnectionProtocol <String>]
   [-IngressNatRule <PSResourceId[]>]
   [-EgressNatRule <PSResourceId[]>]
   [-AsJob]
   [-ExpressRouteGatewayBypass]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

Creates the Site-to-Site VPN connection between the virtual network gateway and the on-prem VPN device.

Examples

Example 1

New-AzVirtualNetworkGatewayConnection -Name conn-client-1 -ResourceGroupName $RG1 -VirtualNetworkGateway1 $vnetgw1 -VirtualNetworkGateway2 $vnetgw2 -Location $loc1 -ConnectionType Vnet2Vnet -SharedKey 'a1b2c3d4e5'

Example 2 Add/Update IngressNatRule/EgressNatRule to an existing virtual network gateway connection

PS C:\>$ingressnatrule = get-azVirtualNetworkGatewayNatRule -ResourceGroupName $RG1 -Name "natRule1" -ParentResourceName vnetgw1
PS C:\>$egressnatrule = get-azVirtualNetworkGatewayNatRule -ResourceGroupName $RG1 -Name "natRule2" -ParentResourceName vnetgw1
PS C:\>New-AzVirtualNetworkGatewayConnection -Name conn-client-1 -ResourceGroupName $RG1 -VirtualNetworkGateway1 $vnetgw1 -VirtualNetworkGateway2 $vnetgw2 -Location $loc1 -ConnectionType Vnet2Vnet -SharedKey 'a1b2c3d4e5' 
-IngressNatRule $ingressnatrule -EgressNatRule $egressnatrule

The first command gets a virtual network gateway natRule named natRule1 that's type is IngressSnat. The second command gets a virtual network gateway natRule named natRule2 that's type is EgressSnat. The third command creates this new virtual Network gateway connection with Ingress and Egress NatRules.

Parameters

-AsJob

Run cmdlet in the background

Type:	SwitchParameter
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-AuthorizationKey

AuthorizationKey.

Type:	String
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:	SwitchParameter
Aliases:	cf
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-ConnectionMode

Virtual Network Gateway Connection Mode.

Type:	String
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-ConnectionProtocol

Gateway connection protocol:IKEv1/IKEv2

Type:	String
Accepted values:	IKEv1, IKEv2
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-ConnectionType

Gateway connection type:IPsec/Vnet2Vnet/ExpressRoute/VPNClient

Type:	String
Accepted values:	IPsec, Vnet2Vnet, ExpressRoute, VPNClient
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:	IAzureContextContainer
Aliases:	AzContext, AzureRmContext, AzureCredential
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-DpdTimeoutInSeconds

Dead Peer Detection Timeout of the connection in seconds.

Type:	Int32
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-EgressNatRule

The list of egress NAT rules that are associated with this Connection.

Type:	PSResourceId[]
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-EnableBgp

Whether to establish a BGP session over a S2S VPN tunnel

Type:	Boolean
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-ExpressRouteGatewayBypass

Whether to use accelerated virtual network access by bypassing gateway

Type:	SwitchParameter
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-Force

Do not ask for confirmation if you want to overwrite a resource

Type:	SwitchParameter
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-IngressNatRule

The list of ingress NAT rules that are associated with this Connection.

Type:	PSResourceId[]
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-IpsecPolicies

A list of IPSec policies.

Type:	PSIpsecPolicy[]
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-LocalNetworkGateway2

local network gateway.

Type:	PSLocalNetworkGateway
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-Location

location.

Type:	String
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-Name

The resource name.

Type:	String
Aliases:	ResourceName
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-Peer

Peer

Type:	PSPeering
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-PeerId

PeerId

Type:	String
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-ResourceGroupName

The resource group name.

Type:	String
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-RoutingWeight

RoutingWeight.

Type:	Int32
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-SharedKey

The Ipsec share key.

Type:	String
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-Tag

A hashtable which represents resource tags. Key-value pairs in the form of a hash table. For example: @{key0="value0";key1=$null;key2="value2"}

Type:	Hashtable
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-TrafficSelectorPolicy

A list of Traffic Selector policies.

Type:	PSTrafficSelectorPolicy[]
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-UseLocalAzureIpAddress

Whether to use PrivateIP for this S2S VPN tunnel

Type:	SwitchParameter
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-UsePolicyBasedTrafficSelectors

Whether to use policy-based traffic selectors for a S2S connection

Type:	Boolean
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

-VirtualNetworkGateway1

First virtual network gateway.

Type:	PSVirtualNetworkGateway
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-VirtualNetworkGateway2

Second virtual network gateway.

Type:	PSVirtualNetworkGateway
Position:	Named
Default value:	None
Accept pipeline input:	True
Accept wildcard characters:	False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:	SwitchParameter
Aliases:	wi
Position:	Named
Default value:	None
Accept pipeline input:	False
Accept wildcard characters:	False

Inputs

String

PSVirtualNetworkGateway

PSLocalNetworkGateway

Int32

PSPeering

Boolean

SwitchParameter

Hashtable

PSIpsecPolicy[]

PSTrafficSelectorPolicy[]

Outputs

PSVirtualNetworkGatewayConnection

Related Links

• Get-AzVirtualNetworkGatewayConnection
• Remove-AzVirtualNetworkGatewayConnection
• Set-AzVirtualNetworkGatewayConnection