Set-AzureRmVirtualNetworkGateway

Updates a virtual network gateway.

Warning

The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.

Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.

Syntax

Set-AzureRmVirtualNetworkGateway
   -VirtualNetworkGateway <PSVirtualNetworkGateway>
   [-GatewaySku <String>]
   [-GatewayDefaultSite <PSLocalNetworkGateway>]
   [-VpnClientAddressPool <System.Collections.Generic.List`1[System.String]>]
   [-VpnClientProtocol <System.Collections.Generic.List`1[System.String]>]
   [-VpnClientRootCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRootCertificate]>]
   [-VpnClientRevokedCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRevokedCertificate]>]
   [-VpnClientIpsecPolicy <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSIpsecPolicy]>]
   [-Asn <UInt32>]
   [-PeerWeight <Int32>]
   [-EnableActiveActiveFeature]
   [-DisableActiveActiveFeature]
   [-AsJob]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Set-AzureRmVirtualNetworkGateway
   -VirtualNetworkGateway <PSVirtualNetworkGateway>
   [-GatewaySku <String>]
   [-GatewayDefaultSite <PSLocalNetworkGateway>]
   [-VpnClientAddressPool <System.Collections.Generic.List`1[System.String]>]
   [-VpnClientProtocol <System.Collections.Generic.List`1[System.String]>]
   [-VpnClientRootCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRootCertificate]>]
   [-VpnClientRevokedCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSVpnClientRevokedCertificate]>]
   [-VpnClientIpsecPolicy <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSIpsecPolicy]>]
   [-Asn <UInt32>]
   [-PeerWeight <Int32>]
   [-EnableActiveActiveFeature]
   [-DisableActiveActiveFeature]
   -RadiusServerAddress <String>
   -RadiusServerSecret <SecureString>
   [-AsJob]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The Set-AzureRmVirtualNetworkGateway cmdlet updates a virtual network gateway.

Examples

Example 1: Set the goal state a virtual network gateway

PS C:\>$Gateway = Get-AzureRmVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
PS C:\> Set-AzureRmVirtualNetworkGateway -VirtualNetworkGateway $Gateway -Asn 1337

The first command gets a virtual network gateway named Gateway01 that belongs to resource group ResourceGroup001 and stores it to the variable named $Gateway The second command sets the goal state for the virtual network gateway stored in variable $Gateway. The command also sets the ASN to 1337.

Example 2: Set the goal state a virtual network gateway

PS C:\>$Gateway = Get-AzureRmVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
PS C:\> $vpnclientipsecpolicy = New-AzureRmVpnClientIpsecPolicy -IpsecEncryption AES256 -IpsecIntegrity SHA256 -SALifeTimeSeconds 86472 -SADataSizeKilobytes 429497 -IkeEncryption AES256 -IkeIntegrity SHA256 -DhGroup DHGroup2 -PfsGroup None
PS C:\> $gateway = Set-AzureRmVirtualNetworkGateway -VirtualNetworkGateway $Gateway -VpnClientIpsecPolicy $vpnclientipsecpolicy

The first command gets a virtual network gateway named Gateway01 that belongs to resource group ResourceGroup001 and stores it to the variable named $Gateway The second command creates the Vpn ipsec policy object as per specified ipsec parameters. The third command sets the goal state for the virtual network gateway stored in variable $Gateway. The command also sets the custom vpn ipsec policy specified in the $vpnclientipsecpolicy object on Virtual network gateway.

Parameters

-AsJob

Run cmdlet in the background

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Asn

Specifies the virtual network gateway Autonomous System Number (ASN) that is used to set up Border Gateway Protocol (BGP) sessions inside IPsec tunnels.

Type:UInt32
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure.

Type:IAzureContextContainer
Aliases:AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DisableActiveActiveFeature

Disables the active-active feature.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EnableActiveActiveFeature

Enables the active-active feature.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-GatewayDefaultSite

Specifies the default site to use for force tunneling. If a default site is specified, all internet traffic from the gateway's Virtual Private Network (VPN) is routed to that site.

Type:PSLocalNetworkGateway
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-GatewaySku

Specifies the stock keeping unit (SKU) of the virtual network gateway. The acceptable values for this parameter are:

  • Basic
  • Standard
  • HighPerformance
  • VpnGw1
  • VpnGw2
  • VpnGw3
  • VpnGw1AZ
  • VpnGw2AZ
  • VpnGw3AZ
  • ErGw1AZ
  • ErGw2AZ
  • ErGw3AZ
Type:String
Accepted values:Basic, Standard, HighPerformance, UltraPerformance, VpnGw1, VpnGw2, VpnGw3, VpnGw1AZ, VpnGw2AZ, VpnGw3AZ, ErGw1AZ, ErGw2AZ, ErGw3AZ
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-PeerWeight

Specifies the weight added to routes learned over BGP from this virtual network gateway

Type:Int32
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-RadiusServerAddress

P2S External Radius server address.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-RadiusServerSecret

P2S External Radius server secret.

Type:SecureString
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-VirtualNetworkGateway

Specifies the virtual network gateway object to base modifications off of. You can use the Get-AzureRmVirtualNetworkGateway cmdlet to get the virtual network gateway object.

Type:PSVirtualNetworkGateway
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-VpnClientAddressPool

Specifies the address space that this cmdlet uses to allocate VPN client IP addresses from. This should not overlap with virtual network or on-premise ranges.

Type:List<T>[String]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-VpnClientIpsecPolicy

A list of IPSec policies for P2S VPN client tunneling protocols.

Type:List<T>[PSIpsecPolicy]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-VpnClientProtocol

A list of P2S VPN client tunneling protocols

Type:List<T>[String]
Accepted values:SSTP, IkeV2, OpenVPN
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-VpnClientRevokedCertificates

Specifies a list of revoked VPN client certificates. A VPN client presenting a certificate that matches one of these is removed.

Type:List<T>[PSVpnClientRevokedCertificate]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-VpnClientRootCertificates

Specifies a list of VPN client root certificates to use for VPN client authentication. Connecting VPN clients must present certificates generated from one of these root certificates.

Type:List<T>[PSVpnClientRootCertificate]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

PSVirtualNetworkGateway

Parameters: VirtualNetworkGateway (ByValue)

String

PSLocalNetworkGateway

List<T>[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSVpnClientRootCertificate, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSVpnClientRevokedCertificate, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSIpsecPolicy, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

UInt32

Int32

SecureString

Outputs

PSVirtualNetworkGateway

Notes

  • Keywords: azure, azurerm, arm, resource, management, manager, network, networking