Set-AzVirtualNetworkGateway

Set-AzVirtualNetworkGateway
    -VirtualNetworkGateway <PSVirtualNetworkGateway>
    [-GatewaySku <String>]
    [-GatewayDefaultSite <PSLocalNetworkGateway>]
    [-VpnClientAddressPool <String[]>]
    [-VpnClientProtocol <String[]>]
    [-VpnAuthenticationType <String[]>]
    [-VpnClientRootCertificates <PSVpnClientRootCertificate[]>]
    [-VpnClientRevokedCertificates <PSVpnClientRevokedCertificate[]>]
    [-VpnClientIpsecPolicy <PSIpsecPolicy[]>]
    [-Asn <UInt32>]
    [-PeerWeight <Int32>]
    [-IpConfigurationBgpPeeringAddresses <PSIpConfigurationBgpPeeringAddress[]>]
    [-EnableActiveActiveFeature]
    [-EnablePrivateIpAddress <Boolean>]
    [-DisableActiveActiveFeature]
    [-RadiusServerAddress <String>]
    [-RadiusServerSecret <SecureString>]
    [-RadiusServerList <PSRadiusServer[]>]
    [-AadTenantUri <String>]
    [-AadAudienceId <String>]
    [-AadIssuerUri <String>]
    [-RemoveAadAuthentication]
    [-CustomRoute <String[]>]
    [-NatRule <PSVirtualNetworkGatewayNatRule[]>]
    [-BgpRouteTranslationForNat <Boolean>]
    [-MinScaleUnit <Int32>]
    [-MaxScaleUnit <Int32>]
    [-VirtualNetworkGatewayPolicyGroup <PSVirtualNetworkGatewayPolicyGroup[]>]
    [-ClientConnectionConfiguration <PSClientConnectionConfiguration[]>]
    [-AdminState <String>]
    [-AllowRemoteVnetTraffic <Boolean>]
    [-ResiliencyModel <String>]
    [-AllowVirtualWanTraffic <Boolean>]
    [-UserAssignedIdentityId <String>]
    [-Identity <PSManagedServiceIdentity>]
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Set-AzVirtualNetworkGateway
    -VirtualNetworkGateway <PSVirtualNetworkGateway>
    -Tag <Hashtable>
    [-GatewaySku <String>]
    [-GatewayDefaultSite <PSLocalNetworkGateway>]
    [-VpnClientAddressPool <String[]>]
    [-VpnClientProtocol <String[]>]
    [-VpnAuthenticationType <String[]>]
    [-VpnClientRootCertificates <PSVpnClientRootCertificate[]>]
    [-VpnClientRevokedCertificates <PSVpnClientRevokedCertificate[]>]
    [-VpnClientIpsecPolicy <PSIpsecPolicy[]>]
    [-Asn <UInt32>]
    [-PeerWeight <Int32>]
    [-IpConfigurationBgpPeeringAddresses <PSIpConfigurationBgpPeeringAddress[]>]
    [-EnableActiveActiveFeature]
    [-EnablePrivateIpAddress <Boolean>]
    [-DisableActiveActiveFeature]
    [-RadiusServerAddress <String>]
    [-RadiusServerSecret <SecureString>]
    [-RadiusServerList <PSRadiusServer[]>]
    [-AadTenantUri <String>]
    [-AadAudienceId <String>]
    [-AadIssuerUri <String>]
    [-RemoveAadAuthentication]
    [-CustomRoute <String[]>]
    [-NatRule <PSVirtualNetworkGatewayNatRule[]>]
    [-BgpRouteTranslationForNat <Boolean>]
    [-MinScaleUnit <Int32>]
    [-MaxScaleUnit <Int32>]
    [-VirtualNetworkGatewayPolicyGroup <PSVirtualNetworkGatewayPolicyGroup[]>]
    [-ClientConnectionConfiguration <PSClientConnectionConfiguration[]>]
    [-AdminState <String>]
    [-AllowRemoteVnetTraffic <Boolean>]
    [-ResiliencyModel <String>]
    [-AllowVirtualWanTraffic <Boolean>]
    [-UserAssignedIdentityId <String>]
    [-Identity <PSManagedServiceIdentity>]
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

El cmdlet Set-AzVirtualNetworkGateway actualiza una puerta de enlace de red virtual.

$Gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -Asn 1337

El primer comando obtiene una puerta de enlace de red virtual denominada Gateway01 que pertenece al grupo de recursos ResourceGroup001 y la almacena en la variable denominada $Gateway El segundo comando actualiza la puerta de enlace de red virtual almacenada en la variable $Gateway. El comando también establece el ASN en 1337.

$Gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
$vpnclientipsecpolicy = New-AzVpnClientIpsecPolicy -IpsecEncryption AES256 -IpsecIntegrity SHA256 -SALifeTime 86472 -SADataSize 429497 -IkeEncryption AES256 -IkeIntegrity SHA256 -DhGroup DHGroup2 -PfsGroup None
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -VpnClientIpsecPolicy $vpnclientipsecpolicy

El primer comando obtiene una puerta de enlace de red virtual denominada Gateway01 que pertenece al grupo de recursos ResourceGroup001 y la almacena en la variable denominada $Gateway El segundo comando crea el objeto de directiva ipsec vpn según los parámetros ipsec especificados. El tercer comando actualiza la puerta de enlace de red virtual almacenada en la variable $Gateway. El comando también establece la directiva ipsec vpn personalizada especificada en el objeto $vpnclientipsecpolicy en la puerta de enlace de red virtual.

$Gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -Tag @{ testtagKey="SomeTagKey"; testtagValue="SomeKeyValue" }

Name                   : Gateway001
ResourceGroupName      : ResourceGroup001
Location               : westus
Id                     : /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001
Etag                   : W/"00000000-0000-0000-0000-000000000000"
ResourceGuid           : 00000000-0000-0000-0000-000000000000
ProvisioningState      : Succeeded
Tags                   :
                         Name          Value
                         ============  ============
                         testtagValue  SomeKeyValue
                         testtagKey    SomeTagKey

IpConfigurations       : [
                           {
                             "PrivateIpAllocationMethod": "Dynamic",
                             "Subnet": {
                               "Id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworks/MyVnet/subnets/GatewaySubnet"
                             },
                             "PublicIpAddress": {
                               "Id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/publicIPAddresses/Gateway001Ip"
                             },
                             "Name": "vng1ipConfig",
                             "Etag": "W/\"00000000-0000-0000-0000-000000000000\"",
                             "Id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/Gateway001IpConfig"
                           }
                         ]
GatewayType            : Vpn
VpnType                : RouteBased
EnableBgp              : False
ActiveActive           : False
GatewayDefaultSite     : null
Sku                    : {
                           "Capacity": 2,
                           "Name": "VpnGw1",
                           "Tier": "VpnGw1"
                         }
VpnClientConfiguration : null
BgpSettings            : {
                           "Asn": 65515,
                           "BgpPeeringAddress": "1.2.3.4",
                           "PeerWeight": 0
                         }

El primer comando obtiene una puerta de enlace de red virtual denominada Gateway01 que pertenece al grupo de recursos ResourceGroup001 y la almacena en la variable denominada $Gateway El segundo comando actualiza la puerta de enlace de red virtual Gateway01 con las etiquetas @{ testtagKey="SomeTagKey"; testtagValue="SomeKeyValue" }.

$Gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -AadTenantUri "https://login.microsoftonline.com/0ab2c4f4-81e6-44cc-a0b2-b3a47a1443f4" -AadIssuerUri "https://sts.windows.net/0ab2c4f4-81e6-44cc-a0b2-b3a47a1443f4/" -AadAudienceId "a21fce82-76af-45e6-8583-a08cb3b956f9"

Name                   : Gateway001
ResourceGroupName      : ResourceGroup001
Location               : westus
Id                     : /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001
Etag                   : W/"00000000-0000-0000-0000-000000000000"
ResourceGuid           : 00000000-0000-0000-0000-000000000000
ProvisioningState      : Succeeded
Tags                   :
                         Name          Value
                         ============  ============
                         testtagValue  SomeKeyValue
                         testtagKey    SomeTagKey

IpConfigurations       : [
                           {
                             "PrivateIpAllocationMethod": "Dynamic",
                             "Subnet": {
                               "Id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworks/MyVnet/subnets/GatewaySubnet"
                             },
                             "PublicIpAddress": {
                               "Id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/publicIPAddresses/Gateway001Ip"
                             },
                             "Name": "vng1ipConfig",
                             "Etag": "W/\"00000000-0000-0000-0000-000000000000\"",
                             "Id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/Gateway001IpConfig"
                           }
                         ]
GatewayType            : Vpn
VpnType                : RouteBased
EnableBgp              : False
ActiveActive           : False
GatewayDefaultSite     : null
Sku                    : {
                           "Capacity": 2,
                           "Name": "VpnGw1",
                           "Tier": "VpnGw1"
                         }
vpnClientConfiguration : {
                    "vpnClientProtocols": [
					"OpenVPN"
					],

                    "vpnClientAddressPool": {
                    "addressPrefixes": [
                        "101.10.0.0/16"
                    ]
                	},
					"vpnClientRootCertificates": "",
                    "vpnClientRevokedCertificates": "",

                    "radiusServerAddress": "",
                    "radiusServerSecret": "",
					"aadTenantUri": "https://login.microsoftonline.com/0ab2c4f4-81e6-44cc-a0b2-b3a47a1443f4\",
					"aadAudienceId": "a21fce82-76af-45e6-8583-a08cb3b956g9\",
					"aadIssuerUri": "https://sts.windows.net/0ab2c4f4-81e6-44cc-a0b2-b3a47a1443f4/\"
                },
BgpSettings            : {
                           "Asn": 65515,
                           "BgpPeeringAddress": "1.2.3.4",
                           "PeerWeight": 0
                         }

Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -VpnClientRootCertificates $rootCert -RemoveAadAuthentication

El primer comando obtiene una puerta de enlace de red virtual denominada Gateway01 que pertenece al grupo de recursos ResourceGroup001 y la almacena en la variable denominada $Gateway El segundo comando actualiza la puerta de enlace de red virtual Gateway01 con las configuraciones de autenticación de AAD params:aadTenantUri, aadAudienceId, aadIssuerUri para VpnClient. El tercer comando quita la configuración de autenticación de AAD de VpnClient de la puerta de enlace de red virtual.

$Gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
$ipconfigurationId1 = '/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default'
$addresslist1 = @('169.254.21.25')
$gw1ipconfBgp1 = New-AzIpConfigurationBgpPeeringAddressObject -IpConfigurationId $ipconfigurationId1 -CustomAddress $addresslist1
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -IpConfigurationBgpPeeringAddresses $gw1ipconfBgp1

Name                   : Gateway001
ResourceGroupName      : ResourceGroup001
Location               : westcentralus
Id                     : /subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001
Etag                   : W/"a08f13d3-6106-44e0-9127-e35e6f9793d5"
ResourceGuid           : 30993429-a1ed-42ca-9862-9156b013626e
ProvisioningState      : Succeeded
Tags                   :
IpConfigurations       : [
                           {
                             "PrivateIpAllocationMethod": "Dynamic",
                             "Subnet": {
                               "Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworks/newApipaNet/subnets/GatewaySubnet"
                             },
                             "PublicIpAddress": {
                               "Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/publicIPAddresses/newapipaip"
                             },
                             "Name": "default",
                             "Etag": "W/\"a08f13d3-6106-44e0-9127-e35e6f9793d5\"",
                             "Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default"
                           }
                         ]
GatewayType            : Vpn
VpnType                : RouteBased
EnableBgp              : False
ActiveActive           : False
GatewayDefaultSite     : null
Sku                    : {
                           "Capacity": 2,
                           "Name": "VpnGw1",
                           "Tier": "VpnGw1"
                         }
VpnClientConfiguration : null
BgpSettings            : {
                           "Asn": 65515,
                           "BgpPeeringAddress": "10.1.255.30",
                           "PeerWeight": 0,
                           "BgpPeeringAddresses": [
                             {
                               "IpconfigurationId": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default",
                               "DefaultBgpIpAddresses": [
                                 "10.1.255.30"
                               ],
                               "CustomBgpIpAddresses": [
                                 "169.254.21.55"
                               ],
                               "TunnelIpAddresses": [
                                 "13.78.146.151"
                               ]
                             }
                           ]
                         }

El primer comando obtiene una puerta de enlace de red virtual denominada Gateway01 que pertenece al grupo de recursos ResourceGroup001 y la almacena en la variable denominada $Gateway El segundo comando asigna el valor de puerta de enlace de red virtual Gateway01 IpConfiguration Id en la variable ipconfigurationId1. El tercer comando asigna la lista de direcciones a addresslist1. El cuarto comando creó un objeto PSIpConfigurationBgpPeeringAddress. El quinto comando establece este nuevo PSIpConfigurationBgpPeeringAddress en IpConfigurationBgpPeeringAddresses y actualiza la puerta de enlace.

$Gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
$ipconfigurationId1 = '/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default'
$addresslist1 = @()
$gw1ipconfBgp1 = New-AzIpConfigurationBgpPeeringAddressObject -IpConfigurationId $ipconfigurationId1 -CustomAddress $addresslist1
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -IpConfigurationBgpPeeringAddresses $gw1ipconfBgp1

Name                   : Gateway001
ResourceGroupName      : ResourceGroup001
Location               : westcentralus
Id                     : /subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001
Etag                   : W/"a08f13d3-6106-44e0-9127-e35e6f9793d5"
ResourceGuid           : 30993429-a1ed-42ca-9862-9156b013626e
ProvisioningState      : Succeeded
Tags                   :
IpConfigurations       : [
                           {
                             "PrivateIpAllocationMethod": "Dynamic",
                             "Subnet": {
                               "Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworks/newApipaNet/subnets/GatewaySubnet"
                             },
                             "PublicIpAddress": {
                               "Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/publicIPAddresses/newapipaip"
                             },
                             "Name": "default",
                             "Etag": "W/\"a08f13d3-6106-44e0-9127-e35e6f9793d5\"",
                             "Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default"
                           }
                         ]
GatewayType            : Vpn
VpnType                : RouteBased
EnableBgp              : False
ActiveActive           : False
GatewayDefaultSite     : null
Sku                    : {
                           "Capacity": 2,
                           "Name": "VpnGw1",
                           "Tier": "VpnGw1"
                         }
VpnClientConfiguration : null
BgpSettings            : {
                           "Asn": 65515,
                           "BgpPeeringAddress": "10.1.255.30",
                           "PeerWeight": 0,
                           "BgpPeeringAddresses": [
                             {
                               "IpconfigurationId": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default",
                               "DefaultBgpIpAddresses": [
                                 "10.1.255.30"
                               ],
                               "CustomBgpIpAddresses": [],
                               "TunnelIpAddresses": [
                                 "13.78.146.151"
                               ]
                             }
                           ]
                         }

El primer comando obtiene una puerta de enlace de red virtual denominada Gateway01 que pertenece al grupo de recursos ResourceGroup001 y la almacena en la variable denominada $Gateway El segundo comando asigna el valor de puerta de enlace de red virtual Gateway01 IpConfiguration Id en la variable ipconfigurationId1. El tercer comando asigna la lista de direcciones a addresslist1. El cuarto comando creó un objeto PSIpConfigurationBgpPeeringAddress. El quinto comando establece este nuevo PSIpConfigurationBgpPeeringAddress en IpConfigurationBgpPeeringAddresses y actualiza la puerta de enlace.

$Gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"
$vngNatRules = $Gateway.NatRules
$natRule = New-AzVirtualNetworkGatewayNatRule -Name "natRule1" -Type "Static" -Mode "IngressSnat" -InternalMapping @("25.0.0.0/16") -ExternalMapping @("30.0.0.0/16")
$vngNatRules.Add($natrule)
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -NatRule $vngNatRules.NatRules -BgpRouteTranslationForNat $true

Name                   : Gateway001
ResourceGroupName      : ResourceGroup001
Location               : westcentralus
Id                     : /subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001
Etag                   : W/"a08f13d3-6106-44e0-9127-e35e6f9793d5"
ResourceGuid           : 30993429-a1ed-42ca-9862-9156b013626e
ProvisioningState      : Succeeded
Tags                   :
IpConfigurations       : [
                           {
                             "PrivateIpAllocationMethod": "Dynamic",
                             "Subnet": {
                               "Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworks/newApipaNet/subnets/GatewaySubnet"
                             },
                             "PublicIpAddress": {
                               "Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/publicIPAddresses/newapipaip"
                             },
                             "Name": "default",
                             "Etag": "W/\"a08f13d3-6106-44e0-9127-e35e6f9793d5\"",
                             "Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default"
                           }
                         ]
GatewayType            : Vpn
VpnType                : RouteBased
EnableBgp              : False
ActiveActive           : False
GatewayDefaultSite     : null
Sku                    : {
                           "Capacity": 2,
                           "Name": "VpnGw1",
                           "Tier": "VpnGw1"
                         }
VpnClientConfiguration : null
BgpSettings            : {
                           "Asn": 65515,
                           "BgpPeeringAddress": "10.1.255.30",
                           "PeerWeight": 0,
                           "BgpPeeringAddresses": [
                             {
                               "IpconfigurationId": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/ipConfigurations/default",
                               "DefaultBgpIpAddresses": [
                                 "10.1.255.30"
                               ],
                               "CustomBgpIpAddresses": [
                                 "169.254.21.55"
                               ],
                               "TunnelIpAddresses": [
                                 "13.78.146.151"
                               ]
                             }
                           ]
                         }
NatRules                        : [
                                    {
                                      "VirtualNetworkGatewayNatRulePropertiesType": "Static",
                                      "Mode": "IngressSnat",
                                      "InternalMappings": [
                                        {
                                          "AddressSpace": "25.0.0.0/16"
                                        }
                                      ],
                                      "ExternalMappings": [
                                        {
                                          "AddressSpace": "30.0.0.0/16"
                                        }
                                      ],
                                      "ProvisioningState": "Succeeded",
                                      "Name": "natRule1",
                                      "Etag": "W/\"5150d788-e165-42ba-99c4-8138a545fce9\"",
                                      "Id": "/subscriptions/59ac12a6-f2b7-46d4-af3d-98ba9d9dbd92/resourceGroups/ResourceGroup001/providers/Microsoft.Network/virtualNetworkGateways/Gateway001/natRules/natRule1"
                                    }
                                  ]
EnableBgpRouteTranslationForNat : True

El primer comando obtiene una puerta de enlace de red virtual denominada Gateway01 que pertenece al grupo de recursos ResourceGroup001 y la almacena en la variable denominada $Gateway El segundo comando asigna los natrules existentes a la variable vngNatRules. El tercer comando asigna el valor recién creado PSVirtualNetworkGatewayNatRule objeto natrule a la variable natRule. El cuarto comando agrega este objeto PSVirtualNetworkGatewayNatRule a la lista vngNatRules. El quinto comando establece este nuevo PSVirtualNetworkGatewayNatRule en NatRules de la puerta de enlace y actualiza la puerta de enlace.

$Gateway=Get-AzVirtualNetworkGateway -ResourceGroupName "ResourceGroup001" -Name "Gateway001"

$rootCerts=$Gateway.VpnClientConfiguration.VpnClientRootCertificates

$rootCerts.Count
$rootCerts[0]
$rootCerts[1]
$rootCerts.Remove($rootCerts[1])

$Gateway1 = Set-AzVirtualNetworkGateway -VirtualNetworkGateway $Gateway -VpnClientRootCertificates $rootCerts

El primer comando obtiene una puerta de enlace de red virtual denominada Gateway01 que pertenece al grupo de recursos ResourceGroup001 y la almacena en la variable denominada $Gateway El segundo comando obtiene todos los certificados raíz en VirtualNetworkGateway y lo guarda en otra variable $rootCerts El tercer comando muestra el total de certificados raíz existentes en VirtualNetworkGateway. Los siguientes y quintos comandos imprimen certificados raíz en los índices correspondientes para que el cliente vea cuáles desea eliminar. El sexto comando quita el certificado raíz expirado mediante ese índice, por ejemplo, aquí 1. Repita los mismos pasos para quitar varios certificados expirados de la variable: $rootCerts El séptimo comando actualiza VirtualNetworkGateway para establecer certificados raíz válidos, es decir, certificados que existen en la variable: $rootCerts

# Option 1 - Retrieve the gateway object, modify the property and save the changes.
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
$gateway.AllowVirtualWanTraffic = $true
$gateway = Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway

# Option 2 - Use the cmdlet switch
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway -AllowVirtualWanTraffic $true

En ambos casos, el primer comando recupera la puerta de enlace. Después, puede modificar la propiedad directamente en el objeto y conservarla, o bien puede usar el modificador en el cmdlet Set-AzVirtualNetworkGateway.

# Option 1 - Retrieve the gateway object, modify the property and save the changes.
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
$gateway.AllowVirtualWanTraffic = $false
$gateway = Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway

# Option 2 - Use the cmdlet switch
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway -AllowVirtualWanTraffic $false

En ambos casos, el primer comando recupera la puerta de enlace. Después, puede modificar la propiedad directamente en el objeto y conservarla, o bien puede usar el modificador en el cmdlet Set-AzVirtualNetworkGateway.

# Option 1 - Retrieve the gateway object, modify the property and save the changes.
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
$gateway.AllowRemoteVnetTraffic = $true
$gateway = Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway

# Option 2 - Use the cmdlet switch
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway -AllowRemoteVnetTraffic $true

En ambos casos, el primer comando recupera la puerta de enlace. Después, puede modificar la propiedad directamente en el objeto y conservarla, o bien puede usar el modificador en el cmdlet Set-AzVirtualNetworkGateway.

# Option 1 - Retrieve the gateway object, modify the property and save the changes.
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
$gateway.AllowRemoteVnetTraffic = $false
$gateway = Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway

# Option 2 - Use the cmdlet switch
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway -AllowRemoteVnetTraffic $false

En ambos casos, el primer comando recupera la puerta de enlace. Después, puede modificar la propiedad directamente en el objeto y conservarla, o bien puede usar el modificador en el cmdlet Set-AzVirtualNetworkGateway.

# Create or retrieve the user-assigned managed identity
$identity = Get-AzUserAssignedIdentity -ResourceGroupName "resourceGroup001" -Name "myIdentity001"

# Get the virtual network gateway
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName "resourceGroup001" -Name "gateway001"

# Set the identity using the UserAssignedIdentityId parameter
Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gateway -UserAssignedIdentityId $identity.Id

En este ejemplo se muestra cómo configurar una puerta de enlace de red virtual con una identidad administrada asignada por el usuario. Usa el parámetro UserAssignedIdentityId para crear el objeto de identidad administrada. Las identidades asignadas por el usuario son útiles para acceder a los certificados de Azure Key Vault para la autenticación de puerta de enlace.

Este cmdlet admite los parámetros comunes: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction y -WarningVariable. Para obtener más información, vea about_CommonParameters.