az network vnet-gateway vpn-client

Download a VPN client configuration required to connect to Azure via point-to-site.

Commands

Name	Description	Type	Status
az network vnet-gateway vpn-client generate	Generate VPN client configuration.	Core	GA
az network vnet-gateway vpn-client ipsec-policy	Manage the VPN client connection ipsec-policy for P2S client connection of the virtual network gateway.	Core	GA
az network vnet-gateway vpn-client ipsec-policy set	Set the VPN client connection ipsec policy per P2S client connection of the virtual network gateway.	Core	Preview
az network vnet-gateway vpn-client ipsec-policy show	Get the VPN client connection ipsec policy per P2S client connection of the virtual network gateway.	Core	Preview
az network vnet-gateway vpn-client ipsec-policy wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network vnet-gateway vpn-client show-health	Get the VPN client connection health detail per P2S client connection of the virtual network gateway.	Core	Preview
az network vnet-gateway vpn-client show-url	Retrieve a pre-generated VPN client configuration.	Core	GA

az network vnet-gateway vpn-client generate

Generate VPN client configuration.

The command outputs a URL to a zip file for the generated VPN client configuration.

az network vnet-gateway vpn-client generate [--authentication-method {EAPMSCHAPv2, EAPTLS}]
                                            [--client-root-certificates]
                                            [--ids]
                                            [--name]
                                            [--processor-architecture {Amd64, X86}]
                                            [--radius-server-auth-certificate]
                                            [--resource-group]
                                            [--subscription]
                                            [--use-legacy {false, true}]

Examples

Create the VPN client configuration for RADIUS with EAP-MSCHAV2 authentication.

az network vnet-gateway vpn-client generate -g MyResourceGroup -n MyVnetGateway --authentication-method EAPMSCHAPv2

Create the VPN client configuration for AMD64 architecture.

az network vnet-gateway vpn-client generate -g MyResourceGroup -n MyVnetGateway --processor-architecture Amd64

Generate VPN client configuration. (autogenerated)

az network vnet-gateway vpn-client generate --name MyVnetGateway --processor-architecture Amd64 --resource-group MyResourceGroup --subscription MySubscription

Optional Parameters

--authentication-method

Method used to authenticate with the generated client.

accepted values: EAPMSCHAPv2, EAPTLS

--client-root-certificates

Space-separated list of client root certificate public certificate data in Base-64 format. Optional for external Radius-based auth with EAPTLS.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the VNet gateway.

--processor-architecture

Processor architecture of the target system.

accepted values: Amd64, X86

--radius-server-auth-certificate

Public certificate data for the Radius server auth certificate in Base-64 format. Required only if external Radius auth has been configured with EAPTLS auth.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--use-legacy

Generate VPN client package using legacy implementation.

accepted values: false, true

default value: False

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vnet-gateway vpn-client show-health

Preview

This command is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Get the VPN client connection health detail per P2S client connection of the virtual network gateway.

az network vnet-gateway vpn-client show-health [--ids]
                                               [--name]
                                               [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                                               [--resource-group]
                                               [--subscription]

Examples

Get the VPN client connection health detail per P2S client connection of the virtual network gateway.

az network vnet-gateway vpn-client show-health -g MyResourceGroup -n MyVnetGateway

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the VNet gateway.

--no-wait

Do not wait for the long-running operation to finish.

accepted values: 0, 1, f, false, n, no, t, true, y, yes

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vnet-gateway vpn-client show-url

Retrieve a pre-generated VPN client configuration.

az network vnet-gateway vpn-client show-url [--ids]
                                            [--name]
                                            [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                                            [--resource-group]
                                            [--subscription]

Examples

Get the pre-generated point-to-site VPN client of the virtual network gateway.

az network vnet-gateway vpn-client show-url -g MyResourceGroup -n MyVnetGateway

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the VNet gateway.

--no-wait

Do not wait for the long-running operation to finish.

accepted values: 0, 1, f, false, n, no, t, true, y, yes

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.