Test-AzureRmNetworkWatcherIPFlow

Returns whether the packet is allowed or denied to or from a particular destination.

Important

Because Az PowerShell modules now have all the capabilities of AzureRM PowerShell modules and more, we'll retire AzureRM PowerShell modules on 29 February 2024.

To avoid service interruptions, update your scripts that use AzureRM PowerShell modules to use Az PowerShell modules by 29 February 2024. To automatically update your scripts, follow the quickstart guide.

Syntax

Test-AzureRmNetworkWatcherIPFlow
    -NetworkWatcher <PSNetworkWatcher>
    -TargetVirtualMachineId <String>
    -Direction <String>
    -Protocol <String>
    -RemoteIPAddress <String>
    -LocalIPAddress <String>
    -LocalPort <String>
    [-RemotePort <String>]
    [-TargetNetworkInterfaceId <String>]
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]
Test-AzureRmNetworkWatcherIPFlow
    -NetworkWatcherName <String>
    -ResourceGroupName <String>
    -TargetVirtualMachineId <String>
    -Direction <String>
    -Protocol <String>
    -RemoteIPAddress <String>
    -LocalIPAddress <String>
    -LocalPort <String>
    [-RemotePort <String>]
    [-TargetNetworkInterfaceId <String>]
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]
Test-AzureRmNetworkWatcherIPFlow
    -Location <String>
    -TargetVirtualMachineId <String>
    -Direction <String>
    -Protocol <String>
    -RemoteIPAddress <String>
    -LocalIPAddress <String>
    -LocalPort <String>
    [-RemotePort <String>]
    [-TargetNetworkInterfaceId <String>]
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]

Description

The Test-AzureRmNetworkWatcherIPFlow cmdlet, for a specified VM resource and a packet with specified direction using local and remote, IP addresses and ports, returns whether the packet is allowed or denied.

Examples

Example 1: Run Test-AzureRmNetworkWatcherIPFlow

$nw = Get-AzurermResource | Where {$_.ResourceType -eq "Microsoft.Network/networkWatchers" -and $_.Location -eq "WestCentralUS" } 
$networkWatcher = Get-AzureRmNetworkWatcher -Name $nw.Name -ResourceGroupName $nw.ResourceGroupName 
$VM = Get-AzurermVM -ResourceGroupName testResourceGroup -Name VM0 
$Nics = Get-AzureRmNetworkInterface | Where {$_.Id -eq $vm.NetworkInterfaceIDs.ForEach({$_})}

Test-AzureRmNetworkWatcherIPFlow -NetworkWatcher $networkWatcher -TargetVirtualMachineId $VM.Id -Direction Outbound -Protocol TCP -LocalIPAddress $nics[0].IpConfigurations[0].PrivateIpAddress -LocalPort 6895 -RemoteIPAddress 204.79.197.200 -RemotePort 80

Get's the Network Watcher in West Central US for this subscription, then gets the VM and it's associated Network Interfaces. Then for the first Network Interface, runs Test-AzureRmNetworkWatcherIPFlow using the first IP from the first Network Interface for an outbound connection to an IP on the internet.

Parameters

-AsJob

Run cmdlet in the background

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure.

Type:IAzureContextContainer
Aliases:AzureRmContext, AzureCredential
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Direction

Direction.

Type:String
Accepted values:Inbound, Outbound
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-LocalIPAddress

Local IP Address.

Type:String
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-LocalPort

Local Port.

Type:String
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-Location

Location of the network watcher.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-NetworkWatcher

The network watcher resource.

Type:PSNetworkWatcher
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-NetworkWatcherName

The name of network watcher.

Type:String
Aliases:Name
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-Protocol

Protocol.

Type:String
Accepted values:TCP, UDP
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-RemoteIPAddress

Remote IP Address.

Type:String
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-RemotePort

Remote port.

Type:String
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-ResourceGroupName

The name of the network watcher resource group.

Type:String
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-TargetNetworkInterfaceId

Target network interface Id.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-TargetVirtualMachineId

The target virtual machine ID.

Type:String
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False

Inputs

PSNetworkWatcher

Parameters: NetworkWatcher (ByValue)

String

Parameters: NetworkWatcherName (ByValue)

Outputs

PSIPFlowVerifyResult

Notes

Keywords: azure, azurerm, arm, resource, management, manager, network, networking, network watcher, flow, ip