Home

Show config elements for existing S2S VPN

%3CLINGO-SUB%20id%3D%22lingo-sub-893910%22%20slang%3D%22en-US%22%3EShow%20config%20elements%20for%20existing%20S2S%20VPN%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-893910%22%20slang%3D%22en-US%22%3E%3CP%3ESo%2C%20I'm%20painfully%20new%20to%20all%20things%20cloud.%26nbsp%3B%20%26nbsp%3B%20I'm%20trying%20to%20use%20Powershell%20AZ%20module%20to%20identify%20all%20the%20components%20of%20our%20Site%20to%20Site%20VPN%20connection%20from%20Azure%20to%20a%20partners%20OnPrem%20network.%26nbsp%3B%20I%20got%20it%20set%20up%20and%20functional%20the%20fly%20and%20did%20not%20have%20the%20visibility%20to%20document%20the%20steps.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20trying%20to%20use%20Powershell%20to%20view%20all%20of%20the%20parameters%20of%20the%20one%20S2S%20Connection%2C%20including%20IPSec%20(one%20part%20I%20havent%20found%20yet%2C%20there%20may%20be%20more).%26nbsp%3B%20Here%20is%20what%20I%20have%20so%20far%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EGet-AzVirtualNetworkGateway%20-Name%20CNGName%20-ResourceGroupName%20RGName%3C%2FP%3E%3CP%3EGet-AzVirtualNetworkGatewayConnection%20-Name%20VNGConnName%20-ResourceGroupName%20RGName%3C%2FP%3E%3CP%3EGet-AzLocalNetworkGateway%20-Name%20LNGName%20-ResourceGroupName%20RGName%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20dont%20see%20the%20IPSec%20Policy%20components%3B%20how%20do%20I%20see%20those%3F%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAm%20I%20missing%20anything%20else%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-893910%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ENetworking%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-896147%22%20slang%3D%22en-US%22%3ERe%3A%20Show%20config%20elements%20for%20existing%20S2S%20VPN%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-896147%22%20slang%3D%22en-US%22%3E%3CP%3EThis%20is%20what%20you%20are%20looking%20for.%20You%20can%20always%20download%20a%20generic%20configuration%20as%20well%20from%20the%20portal.%20You%20can%20use%20PowerShell%3CSPAN%3E%26nbsp%3B%20or%20CLI%20to%20change%20the%20configuration%20to%20different%20values%20than%20what%20is%20default.%20I%20will%20also%20attach%20the%20Microsoft%20Docs%20page%20that%20outlines%20this.%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%24RG%20%3D%20%22TestRG1%22%3CBR%20%2F%3E%24GWName%20%3D%20%22VNet1GW%22%3CBR%20%2F%3E%24Connection%20%3D%20%22VNet1toSite1%22%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%23%20List%20the%20available%20VPN%20device%20models%20and%20versions%3CBR%20%2F%3EGet-AzVirtualNetworkGatewaySupportedVpnDevice%20-Name%20%24GWName%20-ResourceGroupName%20%24RG%3C%2FP%3E%3CP%3E%23%20Download%20the%20configuration%20script%20for%20the%20connection%3CBR%20%2F%3EGet-AzVirtualNetworkGatewayConnectionVpnDeviceConfigScript%20-Name%20%24Connection%20-ResourceGroupName%20%24RG%20-DeviceVendor%20Juniper%20-DeviceFamily%20Juniper_SRX_GA%20-FirmwareVersion%20Juniper_SRX_12.x_GA%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDownload%20VPN%20device%20configuration%20scripts%20-%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fvpn-gateway%2Fvpn-gateway-download-vpndevicescript%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fvpn-gateway%2Fvpn-gateway-download-vpndevicescript%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F420230%22%20target%3D%22_blank%22%3E%40Per_Austreng%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Per_Austreng
Occasional Visitor

So, I'm painfully new to all things cloud.    I'm trying to use Powershell AZ module to identify all the components of our Site to Site VPN connection from Azure to a partners OnPrem network.  I got it set up and functional the fly and did not have the visibility to document the steps.

 

I'm trying to use Powershell to view all of the parameters of the one S2S Connection, including IPSec (one part I havent found yet, there may be more).  Here is what I have so far:

 

Get-AzVirtualNetworkGateway -Name CNGName -ResourceGroupName RGName

Get-AzVirtualNetworkGatewayConnection -Name VNGConnName -ResourceGroupName RGName

Get-AzLocalNetworkGateway -Name LNGName -ResourceGroupName RGName

 

I dont see the IPSec Policy components; how do I see those?  

 

Am I missing anything else?

 

1 Reply

This is what you are looking for. You can always download a generic configuration as well from the portal. You can use PowerShell  or CLI to change the configuration to different values than what is default. I will also attach the Microsoft Docs page that outlines this. 

 

$RG = "TestRG1"
$GWName = "VNet1GW"
$Connection = "VNet1toSite1"

 

# List the available VPN device models and versions
Get-AzVirtualNetworkGatewaySupportedVpnDevice -Name $GWName -ResourceGroupName $RG

# Download the configuration script for the connection
Get-AzVirtualNetworkGatewayConnectionVpnDeviceConfigScript -Name $Connection -ResourceGroupName $RG -DeviceVendor Juniper -DeviceFamily Juniper_SRX_GA -FirmwareVersion Juniper_SRX_12.x_GA

 

Download VPN device configuration scripts - https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-download-vpndevicescript

 

 @Per_Austreng 

Related Conversations
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
Tabs and Dark Mode
cjc2112 in Discussions on
30 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
7 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies