az network vnet-gateway

Use an Azure Virtual Network Gateway to establish secure, cross-premises connectivity.

Commands

az network vnet-gateway create Create a virtual network gateway.
az network vnet-gateway delete Delete a virtual network gateway.
az network vnet-gateway list List virtual network gateways.
az network vnet-gateway list-advertised-routes This operation retrieves a list of routes the virtual network gateway is advertising to the specified peer.
az network vnet-gateway list-bgp-peer-status The GetBgpPeerStatus operation retrieves the status of all BGP peers.
az network vnet-gateway list-learned-routes This operation retrieves a list of routes the virtual network gateway has learned, including routes learned from BGP peers.
az network vnet-gateway reset Reset a virtual network gateway.
az network vnet-gateway revoked-cert Manage revoked certificates in a virtual network gateway.
az network vnet-gateway revoked-cert create Revoke a certificate.
az network vnet-gateway revoked-cert delete Delete a revoked certificate.
az network vnet-gateway root-cert Manage root certificates for a virtual network gateway.
az network vnet-gateway root-cert create Upload a root certificate.
az network vnet-gateway root-cert delete Delete a root certificate.
az network vnet-gateway show Get the details for a virtual network gateway.
az network vnet-gateway update Update a virtual network gateway.
az network vnet-gateway vpn-client Download a configured client with which to connect to a VPN.
az network vnet-gateway vpn-client generate Generates a binary client file that can be used to connect to a VPN.
az network vnet-gateway vpn-client show-url Gets pre-generated VPN profile for P2S client of the virtual network gateway in the specified resource group.
az network vnet-gateway wait Place the CLI in a waiting state until a condition of the virtual network gateway is met.

az network vnet-gateway create

Create a virtual network gateway.

az network vnet-gateway create --name
--public-ip-addresses
--resource-group
--vnet
[--address-prefixes]
[--asn]
[--bgp-peering-address]
[--client-protocol {IkeV2, SSTP}]
[--gateway-type {ExpressRoute, Vpn}]
[--location]
[--no-wait]
[--peer-weight]
[--radius-secret]
[--radius-server]
[--sku {Basic, HighPerformance, Standard, UltraPerformance, VpnGw1, VpnGw2, VpnGw3}]
[--tags]
[--vpn-type {PolicyBased, RouteBased}]

Examples

Create a basic virtual network gateway and associate with a public IP address.

az network vnet-gateway create -g MyResourceGroup --vnet MyVnet -n MyVnetGateway --public-ip-address MyIp

Required Parameters

--name -n
Name of the VNet gateway.
--public-ip-addresses
Specify a single public IP (name or ID) for an active-standby gateway. Specify two space-separated public IPs for an active-active gateway.
--resource-group -g
Name of resource group. You can configure the default group using `az configure --defaults group=<name>`.
--vnet
Name or ID of an existing virtual network which has a subnet named 'GatewaySubnet'.

Optional Parameters

--address-prefixes
Space separated list of CIDR prefixes representing the address space for the P2S client.
--asn
Autonomous System Number to use for the BGP settings.
--bgp-peering-address
IP address to use for BGP peering.
--client-protocol
Protocols to use for connecting.
accepted values: IkeV2, SSTP
--gateway-type
The gateway type.
accepted values: ExpressRoute, Vpn
default value: Vpn
--location -l
Location. You can configure the default location using `az configure --defaults location=<location>`.
--no-wait
Do not wait for the long running operation to finish.
--peer-weight
Weight (0-100) added to routes learned through BGP peering.
--radius-secret
Radius secret to use for authentication.
--radius-server
Radius server address to connect to.
--sku
VNet gateway SKU.
accepted values: Basic, HighPerformance, Standard, UltraPerformance, VpnGw1, VpnGw2, VpnGw3
default value: Basic
--tags
Space separated tags in 'key[=value]' format. Use "" to clear existing tags.
--vpn-type
VPN routing type.
accepted values: PolicyBased, RouteBased
default value: RouteBased

az network vnet-gateway delete

Delete a virtual network gateway.

az network vnet-gateway delete --name
--resource-group
[--no-wait]

Required Parameters

--name -n
Name of the VNet gateway.
--resource-group -g
Name of resource group. You can configure the default group using `az configure --defaults group=<name>`.

Optional Parameters

--no-wait
Do not wait for the long running operation to finish.

az network vnet-gateway list

List virtual network gateways.

az network vnet-gateway list --resource-group

Required Parameters

--resource-group -g
Name of resource group. You can configure the default group using `az configure --defaults group=<name>`.

az network vnet-gateway list-advertised-routes

This operation retrieves a list of routes the virtual network gateway is advertising to the specified peer.

az network vnet-gateway list-advertised-routes --name
--peer
--resource-group

Required Parameters

--name -n
Name of the VNet gateway.
--peer
The IP address of the peer.
--resource-group -g
Name of resource group. You can configure the default group using `az configure --defaults group=<name>`.

az network vnet-gateway list-bgp-peer-status

The GetBgpPeerStatus operation retrieves the status of all BGP peers.

az network vnet-gateway list-bgp-peer-status --name
--resource-group
[--peer]

Required Parameters

--name -n
Name of the VNet gateway.
--resource-group -g
Name of resource group. You can configure the default group using `az configure --defaults group=<name>`.

Optional Parameters

--peer
The IP address of the peer to retrieve the status of.

az network vnet-gateway list-learned-routes

This operation retrieves a list of routes the virtual network gateway has learned, including routes learned from BGP peers.

az network vnet-gateway list-learned-routes --name
--resource-group

Required Parameters

--name -n
Name of the VNet gateway.
--resource-group -g
Name of resource group. You can configure the default group using `az configure --defaults group=<name>`.

az network vnet-gateway reset

Reset a virtual network gateway.

az network vnet-gateway reset --name
--resource-group
[--gateway-vip]

Required Parameters

--name -n
Name of the VNet gateway.
--resource-group -g
Name of resource group. You can configure the default group using `az configure --defaults group=<name>`.

Optional Parameters

--gateway-vip
Virtual network gateway vip address supplied to the begin reset of the active-active feature enabled gateway.

az network vnet-gateway show

Get the details for a virtual network gateway.

az network vnet-gateway show --name
--resource-group

Required Parameters

--name -n
Name of the VNet gateway.
--resource-group -g
Name of resource group. You can configure the default group using `az configure --defaults group=<name>`.

az network vnet-gateway update

Update a virtual network gateway.

az network vnet-gateway update --name
--resource-group
[--add]
[--address-prefixes]
[--asn]
[--bgp-peering-address]
[--client-protocol {IkeV2, SSTP}]
[--enable-bgp {false, true}]
[--gateway-type {ExpressRoute, Vpn}]
[--no-wait]
[--peer-weight]
[--public-ip-addresses]
[--radius-secret]
[--radius-server]
[--remove]
[--set]
[--sku {Basic, HighPerformance, Standard, UltraPerformance, VpnGw1, VpnGw2, VpnGw3}]
[--tags]
[--vnet]
[--vpn-type {PolicyBased, RouteBased}]

Required Parameters

--name -n
Name of the VNet gateway.
--resource-group -g
Name of resource group. You can configure the default group using `az configure --defaults group=<name>`.

Optional Parameters

--add
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty .
--address-prefixes
Space separated list of CIDR prefixes representing the address space for the P2S client.
--asn
Autonomous System Number to use for the BGP settings.
--bgp-peering-address
IP address to use for BGP peering.
--client-protocol
Protocols to use for connecting.
accepted values: IkeV2, SSTP
--enable-bgp
Enable BGP (Border Gateway Protocol).
accepted values: false, true
--gateway-type
The gateway type.
accepted values: ExpressRoute, Vpn
--no-wait
Do not wait for the long running operation to finish.
--peer-weight
Weight (0-100) added to routes learned through BGP peering.
--public-ip-addresses
Specify a single public IP (name or ID) for an active-standby gateway. Specify two space-separated public IPs for an active-active gateway.
--radius-secret
Radius secret to use for authentication.
--radius-server
Radius server address to connect to.
--remove
Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.
--set
Update an object by specifying a property path and value to set. Example: --set property1.property2=.
--sku
VNet gateway SKU.
accepted values: Basic, HighPerformance, Standard, UltraPerformance, VpnGw1, VpnGw2, VpnGw3
--tags
Space separated tags in 'key[=value]' format. Use "" to clear existing tags.
--vnet
Name or ID of a virtual network that contains a subnet named 'GatewaySubnet'.
--vpn-type
VPN routing type.
accepted values: PolicyBased, RouteBased

az network vnet-gateway wait

Place the CLI in a waiting state until a condition of the virtual network gateway is met.

az network vnet-gateway wait --name
--resource-group
[--created]
[--custom]
[--deleted]
[--exists]
[--interval]
[--timeout]
[--updated]

Required Parameters

--name -n
Name of the VNet gateway.
--resource-group -g
Name of resource group. You can configure the default group using `az configure --defaults group=<name>`.

Optional Parameters

--created
Wait till created with 'provisioningState' at 'Succeeded'.
--custom
Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].
--deleted
Wait till deleted.
--exists
Wait till the resource exists.
--interval
Polling interval in seconds.
default value: 30
--timeout
Maximum wait in seconds.
default value: 3600
--updated
Wait till updated with provisioningState at 'Succeeded'.