Microsoft.Network virtualWans/p2sVpnServerConfigurations template reference

Template format

To create a Microsoft.Network/virtualWans/p2sVpnServerConfigurations resource, add the following JSON to the resources section of your template.

{
  "name": "string",
  "type": "Microsoft.Network/virtualWans/p2sVpnServerConfigurations",
  "apiVersion": "2019-06-01",
  "properties": {
    "name": "string",
    "vpnProtocols": [
      "string"
    ],
    "p2SVpnServerConfigVpnClientRootCertificates": [
      {
        "id": "string",
        "properties": {
          "publicCertData": "string"
        },
        "name": "string"
      }
    ],
    "p2SVpnServerConfigVpnClientRevokedCertificates": [
      {
        "id": "string",
        "properties": {
          "thumbprint": "string"
        },
        "name": "string"
      }
    ],
    "p2SVpnServerConfigRadiusServerRootCertificates": [
      {
        "id": "string",
        "properties": {
          "publicCertData": "string"
        },
        "name": "string"
      }
    ],
    "p2SVpnServerConfigRadiusClientRootCertificates": [
      {
        "id": "string",
        "properties": {
          "thumbprint": "string"
        },
        "name": "string"
      }
    ],
    "vpnClientIpsecPolicies": [
      {
        "saLifeTimeSeconds": "integer",
        "saDataSizeKilobytes": "integer",
        "ipsecEncryption": "string",
        "ipsecIntegrity": "string",
        "ikeEncryption": "string",
        "ikeIntegrity": "string",
        "dhGroup": "string",
        "pfsGroup": "string"
      }
    ],
    "radiusServerAddress": "string",
    "radiusServerSecret": "string"
  }
}

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Network/virtualWans/p2sVpnServerConfigurations object

Name Type Required Value
name string Yes The name of the P2SVpnServerConfiguration.
type enum Yes p2sVpnServerConfigurations
-or-
Microsoft.Network/virtualWans/p2sVpnServerConfigurations

See Set name and type for child resources.
apiVersion enum Yes 2019-06-01
properties object Yes Properties of the P2SVpnServer configuration. - P2SVpnServerConfigurationProperties object

P2SVpnServerConfigurationProperties object

Name Type Required Value
name string No The name of the P2SVpnServerConfiguration that is unique within a VirtualWan in a resource group. This name can be used to access the resource along with Paren VirtualWan resource name.
vpnProtocols array No VPN protocols for the P2SVpnServerConfiguration. - IkeV2 or OpenVPN
p2SVpnServerConfigVpnClientRootCertificates array No VPN client root certificate of P2SVpnServerConfiguration. - P2SVpnServerConfigVpnClientRootCertificate object
p2SVpnServerConfigVpnClientRevokedCertificates array No VPN client revoked certificate of P2SVpnServerConfiguration. - P2SVpnServerConfigVpnClientRevokedCertificate object
p2SVpnServerConfigRadiusServerRootCertificates array No Radius Server root certificate of P2SVpnServerConfiguration. - P2SVpnServerConfigRadiusServerRootCertificate object
p2SVpnServerConfigRadiusClientRootCertificates array No Radius client root certificate of P2SVpnServerConfiguration. - P2SVpnServerConfigRadiusClientRootCertificate object
vpnClientIpsecPolicies array No VpnClientIpsecPolicies for P2SVpnServerConfiguration. - IpsecPolicy object
radiusServerAddress string No The radius server address property of the P2SVpnServerConfiguration resource for point to site client connection.
radiusServerSecret string No The radius secret property of the P2SVpnServerConfiguration resource for point to site client connection.

P2SVpnServerConfigVpnClientRootCertificate object

Name Type Required Value
id string No Resource ID.
properties object Yes Properties of the P2SVpnServerConfiguration VPN client root certificate. - P2SVpnServerConfigVpnClientRootCertificatePropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

P2SVpnServerConfigVpnClientRevokedCertificate object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the vpn client revoked certificate. - P2SVpnServerConfigVpnClientRevokedCertificatePropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

P2SVpnServerConfigRadiusServerRootCertificate object

Name Type Required Value
id string No Resource ID.
properties object Yes Properties of the P2SVpnServerConfiguration Radius Server root certificate. - P2SVpnServerConfigRadiusServerRootCertificatePropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

P2SVpnServerConfigRadiusClientRootCertificate object

Name Type Required Value
id string No Resource ID.
properties object No Properties of the Radius client root certificate. - P2SVpnServerConfigRadiusClientRootCertificatePropertiesFormat object
name string No The name of the resource that is unique within a resource group. This name can be used to access the resource.

IpsecPolicy object

Name Type Required Value
saLifeTimeSeconds integer Yes The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel.
saDataSizeKilobytes integer Yes The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel.
ipsecEncryption enum Yes The IPSec encryption algorithm (IKE phase 1). - None, DES, DES3, AES128, AES192, AES256, GCMAES128, GCMAES192, GCMAES256
ipsecIntegrity enum Yes The IPSec integrity algorithm (IKE phase 1). - MD5, SHA1, SHA256, GCMAES128, GCMAES192, GCMAES256
ikeEncryption enum Yes The IKE encryption algorithm (IKE phase 2). - DES, DES3, AES128, AES192, AES256, GCMAES256, GCMAES128
ikeIntegrity enum Yes The IKE integrity algorithm (IKE phase 2). - MD5, SHA1, SHA256, SHA384, GCMAES256, GCMAES128
dhGroup enum Yes The DH Group used in IKE Phase 1 for initial SA. - None, DHGroup1, DHGroup2, DHGroup14, DHGroup2048, ECP256, ECP384, DHGroup24
pfsGroup enum Yes The Pfs Group used in IKE Phase 2 for new child SA. - None, PFS1, PFS2, PFS2048, ECP256, ECP384, PFS24, PFS14, PFSMM

P2SVpnServerConfigVpnClientRootCertificatePropertiesFormat object

Name Type Required Value
publicCertData string Yes The certificate public data.

P2SVpnServerConfigVpnClientRevokedCertificatePropertiesFormat object

Name Type Required Value
thumbprint string No The revoked VPN client certificate thumbprint.

P2SVpnServerConfigRadiusServerRootCertificatePropertiesFormat object

Name Type Required Value
publicCertData string Yes The certificate public data.

P2SVpnServerConfigRadiusClientRootCertificatePropertiesFormat object

Name Type Required Value
thumbprint string No The Radius client root certificate thumbprint.