Test-AzureRmNetworkWatcherIPFlow
Returns whether the packet is allowed or denied to or from a particular destination.
Warning
The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.
Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.
Syntax
Test-AzureRmNetworkWatcherIPFlow
-NetworkWatcher <PSNetworkWatcher>
-TargetVirtualMachineId <String>
-Direction <String>
-Protocol <String>
-RemoteIPAddress <String>
-LocalIPAddress <String>
-LocalPort <String>
[-RemotePort <String>]
[-TargetNetworkInterfaceId <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Test-AzureRmNetworkWatcherIPFlow
-NetworkWatcherName <String>
-ResourceGroupName <String>
-TargetVirtualMachineId <String>
-Direction <String>
-Protocol <String>
-RemoteIPAddress <String>
-LocalIPAddress <String>
-LocalPort <String>
[-RemotePort <String>]
[-TargetNetworkInterfaceId <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Test-AzureRmNetworkWatcherIPFlow
-Location <String>
-TargetVirtualMachineId <String>
-Direction <String>
-Protocol <String>
-RemoteIPAddress <String>
-LocalIPAddress <String>
-LocalPort <String>
[-RemotePort <String>]
[-TargetNetworkInterfaceId <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Description
The Test-AzureRmNetworkWatcherIPFlow cmdlet, for a specified VM resource and a packet with specified direction using local and remote, IP addresses and ports, returns whether the packet is allowed or denied.
Examples
Example 1: Run Test-AzureRmNetworkWatcherIPFlow
$nw = Get-AzurermResource | Where {$_.ResourceType -eq "Microsoft.Network/networkWatchers" -and $_.Location -eq "WestCentralUS" }
$networkWatcher = Get-AzureRmNetworkWatcher -Name $nw.Name -ResourceGroupName $nw.ResourceGroupName
$VM = Get-AzurermVM -ResourceGroupName testResourceGroup -Name VM0
$Nics = Get-AzureRmNetworkInterface | Where {$_.Id -eq $vm.NetworkInterfaceIDs.ForEach({$_})}
Test-AzureRmNetworkWatcherIPFlow -NetworkWatcher $networkWatcher -TargetVirtualMachineId $VM.Id -Direction Outbound -Protocol TCP -LocalIPAddress $nics[0].IpConfigurations[0].PrivateIpAddress -LocalPort 6895 -RemoteIPAddress 204.79.197.200 -RemotePort 80Get's the Network Watcher in West Central US for this subscription, then gets the VM and it's associated Network Interfaces. Then for the first Network Interface, runs Test-AzureRmNetworkWatcherIPFlow using the first IP from the first Network Interface for an outbound connection to an IP on the internet.
Parameters
-AsJob
Run cmdlet in the background
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure.
| Type: | IAzureContextContainer |
| Aliases: | AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Direction
Direction.
| Type: | String |
| Accepted values: | Inbound, Outbound |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-LocalIPAddress
Local IP Address.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-LocalPort
Local Port.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Location
Location of the network watcher.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-NetworkWatcher
The network watcher resource.
| Type: | PSNetworkWatcher |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-NetworkWatcherName
The name of network watcher.
| Type: | String |
| Aliases: | Name |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Protocol
Protocol.
| Type: | String |
| Accepted values: | TCP, UDP |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RemoteIPAddress
Remote IP Address.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-RemotePort
Remote port.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ResourceGroupName
The name of the network watcher resource group.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-TargetNetworkInterfaceId
Target network interface Id.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TargetVirtualMachineId
The target virtual machine ID.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Inputs
Parameters: NetworkWatcher (ByValue)
Parameters: NetworkWatcherName (ByValue)
Outputs
Notes
Keywords: azure, azurerm, arm, resource, management, manager, network, networking, network watcher, flow, ip
Related Links
- New-AzureRmNetworkWatcher
- Get-AzureRmNetworkWatcher
- Remove-AzureRmNetworkWatcher
- Get-AzureRmNetworkWatcherNextHop
- Get-AzureRmNetworkWatcherSecurityGroupView
- Get-AzureRmNetworkWatcherTopology
- Start-AzureRmNetworkWatcherResourceTroubleshooting
- New-AzureRmNetworkWatcherPacketCapture
- New-AzureRmPacketCaptureFilterConfig
- Get-AzureRmNetworkWatcherPacketCapture
- Remove-AzureRmNetworkWatcherPacketCapture
- Stop-AzureRmNetworkWatcherPacketCapture
- New-AzureRmNetworkWatcherProtocolConfiguration
- Test-AzureRmNetworkWatcherIPFlow
- Test-AzureRmNetworkWatcherConnectivity
- Stop-AzureRmNetworkWatcherConnectionMonitor
- Start-AzureRmNetworkWatcherConnectionMonitor
- Set-AzureRmNetworkWatcherConnectionMonitor
- Set-AzureRmNetworkWatcherConfigFlowLog
- Remove-AzureRmNetworkWatcherConnectionMonitor
- New-AzureRmNetworkWatcherConnectionMonitor
- Get-AzureRmNetworkWatcherTroubleshootingResult
- Get-AzureRMNetworkWatcherReachabilityReport
- Get-AzureRmNetworkWatcherReachabilityProvidersList
- Get-AzureRmNetworkWatcherFlowLogStatus
- Get-AzureRmNetworkWatcherConnectionMonitorReport
- Get-AzureRmNetworkWatcherConnectionMonitor