The Shared Networks and IPs window opens.Enter a name for the shared IP address, and click OK.In the Shared Networks and IPs section, click +.In the left menu, click IP Configuration.Go to CONFIGURATION > Configuration Tree > Box > Network.Add the VPN Next Hop Interface IP Address to the Shared IPsĪdd the local BGP peering IP address as a Shared IP address: IP Addresses – Enter the BgpPeeringAddress for the local VPN endpoint retrieved in Step 2.Each interface index number must be unique. VPN Interface Index – Enter a number between 0 and 99.Click Add in the VPN Next Hop Interface Configuration section.In the left navigation bar, click Routed VPN.Go to CONFIGURATION > Configuration Tree > Box > Assigned Services > VPN-Service > VPN Settings.Get the BGP setting for the remote VPN endpoint: $vnetgw = Get-AzureRmVirtualNetworkGateway -Name AZURE_VPN_GATEWAY_NAME -ResourceGroupName YOUR_RESOURCE_GROUP_NAME Get the BGP settings for the local VPN endpoint: $lnggw = Get-AzureRmLocalNetworkGateway -Name LOCAL_GATEWAY_NAME -ResourceGroupName YOUR_RESOURCE_GROUP_NAME Get the IP address assigned to the VPN gateway: Get-AzureRmPublicIpAddress -Name PUBLIC_IP_NAME -ResourceGroupName YOUR_RESOURCE_GROUP_NAME If you did not use the script to retrieve the public IP address and BGP peers, it is also possible to retrieve this information via PowerShell: (optional) Get the VPN Gateway Public IP Address and BGP Settings Write down the public IP address of the Azure VPN Gateway and BGP information for the local and remote BGP peers from the output of the PowerShell script. This operation requires between 30 and 60 minutes to complete. Edit the PowerShell script to create an Azure VPN Gateway to match your needs.Įxecute the PowerShell script to create the Azure VPN Gateway.Enter your Azure account credentials and click Login.Use Azure PowerShell to create a routed-based VPN gateway.Ĭonnect to your Azure account: Login-AzureRmAccount Create a Dynamic Microsoft Azure VPN Gateway Using Azure Resource Manager and PowerShell Write-Host ("`nVPN Connection Status: " -f $vpnconnection.ConnectionStatus) Step 1. Write-Host ('Public IP Address for the Azure VPN Gateway: " -f $ ) $vpnconnection = New-AzureRmVirtualNetworkGatewa圜onnection -Name $ConnectionName -ResourceGroupName $RG -VirtualNetworkGateway1 $vnetgw -LocalNetworkGateway2 $lnggw -Location $Location -ConnectionType IPsec -SharedKey $sharedkey -EnableBgp $true Write-Host 'Waiting 10 seconds and then creating the VPN connection.' $lnggw = New-AzureRmLocalNetworkGateway -Name $LNGName -ResourceGroupName $RG -Location $Location -GatewayIpAddress $LNGIP -AddressPrefix $LNGPrefix -Asn $LNGASN -BgpPeeringAddress $BGPPeerIP $vnetgw = New-AzureRmVirtualNetworkGateway -Name $GWName -ResourceGroupName $RG -Location $Location -Ipconfigurations $gwipconf -GatewayType Vpn -VpnType RouteBased -GatewaySku HighPerformance -Asn $VNet1ASN
$gwipconf = New-AzureRmVirtualNetworkGatewayIpConfig -Name $GWIPconf -Subnet $subnet1 -PublicIpAddress $gwpip $subnet1 = Get-AzureRmVirtualNetworkSubnetConfig -Name $GWSubName -VirtualNetwork $vnet #$vnet = Get-AzureRmVirtualNetwork -Name $VNetName -ResourceGroupName $RG $vnet = New-AzureRmVirtualNetwork -Name $VNetName -ResourceGroupName $RG -Location $Location -AddressPrefix $VNetPrefix -Subnet $front,$gwsub1 $gwsub1 = New-AzureRmVirtualNetworkSubnetConfig -Name $GWSubName -AddressPrefix $GWSubPrefix $front = New-AzureRmVirtualNetworkSubnetConfig -Name $SubNet -AddressPrefix $SubNetPrefix $gwpip = New-AzureRmPublicIpAddress -Name $GWIP -ResourceGroupName $RG -Location $Location -AllocationMethod Dynamic Write-Host 'Creating Virtual Networks and Subnets' New-AzureRmResourceGroup -Location $Location -Name $RG # use 'Standard' or 'HighPerformance' VPN Gateway SKU for BGP over IKEv2 $LNGFIP = 'YOUR_ONPREMISES_PUBLIC_IP_ADDRESS' Use this script to create your Azure VPN gateway with BGP routing. PowerShell Script to Create Azure VPN Gateway The IP address of the interface must not be outside the range of the gateway subnet. For the VPN tunnel interface, you must use a network that is larger than the gateway subnet but contains it.
0 kommentar(er)
