What is the azure-cli command to configure settings for a Point-to-site VPN?
I am looking for the az equivalent in code of doing these steps through the Portal:
- From the settings section for a Virtual network gateway
- Click on Point-to-site configuration settings
- Set address pool, tunnel type, authentication type, and a root certificate
- Save
- Download VPN Client (vpnconfig.ovpn file)
To create the virtual network gateway through Azure CLI commands, you can follow the steps in Create a route-based VPN gateway using CLI. But when the step comes to create the virtual network gateway, you should add some more parameters.
--address-prefixes
Space-separated list of CIDR prefixes representing the address space for the P2S client.
--client-protocol
Protocols to use for connecting.
accepted values: IkeV2, OpenVPN, SSTP
So the complete command will like below:
az network vnet-gateway create \
-n VNet1GW \
-l eastus \
--public-ip-address VNet1GWIP \
-g TestRG1 \
--vnet VNet1 \
--gateway-type Vpn \
--sku VpnGw1 \
--vpn-type RouteBased \
--address-prefixes 192.168.0.0/24 \
--client-protocol OpenVPN
Then you need to upload the certificate for the root certificate:
az network vnet-gateway root-cert create -g TestRG1 -n vpncliCert --gateway-name VNet1GW --public-cert-data path/to/your/certificate
When all the things are OK, you can download the VPN client to use. Do not forget to install the client certificate for the root certificate in your machine.