az network vnet-gateway vpn-client

Download a VPN client configuration required to connect to Azure via point-to-site.

Commands

az network vnet-gateway vpn-client generate

Generate VPN client configuration.

az network vnet-gateway vpn-client show-url

Retrieve a pre-generated VPN client configuration.

az network vnet-gateway vpn-client generate

Generate VPN client configuration.

The command outputs a URL to a zip file for the generated VPN client configuration.

az network vnet-gateway vpn-client generate [--authentication-method {EAPMSCHAPv2, EAPTLS}]
                                            [--client-root-certificates]
                                            [--ids]
                                            [--name]
                                            [--processor-architecture {Amd64, X86}]
                                            [--radius-server-auth-certificate]
                                            [--resource-group]
                                            [--subscription]
                                            [--use-legacy {false, true}]

Examples

Create the VPN client configuration for RADIUS with EAP-MSCHAV2 authentication.

az network vnet-gateway vpn-client generate -g MyResourceGroup -n MyVnetGateway --authentication-method EAPMSCHAPv2

Create the VPN client configuration for AMD64 architecture.

az network vnet-gateway vpn-client generate -g MyResourceGroup -n MyVnetGateway --processor-architecture Amd64

Generate VPN client configuration. (autogenerated)

az network vnet-gateway vpn-client generate --name MyVnetGateway --processor-architecture Amd64 --resource-group MyResourceGroup --subscription MySubscription

Optional Parameters

--authentication-method

Method used to authenticate with the generated client.

accepted values: EAPMSCHAPv2, EAPTLS
--client-root-certificates

Space-separated list of client root certificate public certificate data in Base-64 format. Optional for external Radius-based auth with EAPTLS.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the VNet gateway.

--processor-architecture

Processor architecture of the target system.

accepted values: Amd64, X86
--radius-server-auth-certificate

Public certificate data for the Radius server auth certificate in Base-64 format. Required only if external Radius auth has been configured with EAPTLS auth.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--use-legacy

Generate VPN client package using legacy implementation.

accepted values: false, true

az network vnet-gateway vpn-client show-url

Retrieve a pre-generated VPN client configuration.

The profile needs to be generated first using vpn-client generate command.

az network vnet-gateway vpn-client show-url [--ids]
                                            [--name]
                                            [--resource-group]
                                            [--subscription]

Examples

Get the pre-generated point-to-site VPN client of the virtual network gateway.

az network vnet-gateway vpn-client show-url -g MyResourceGroup -n MyVnetGateway

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the VNet gateway.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.