Azure
Upgrading The IPsec/IKE Coverage To The Azure Website-To-Website VPN Connection Utilizing The PowerShell Command
Introduction
There are a number of industries which can be utilizing Microsoft Azure to deploy their server or companies, to get excessive efficiency, and dependable companies.
The IPsec and IKE protocol commonplace helps a variety of cryptographic algorithms in numerous mixtures. The IKEv1 connections are permitting for Fundamental SKUs solely, and the IKEv2 connections are permitting for all VPN gateway SKUs. The IKEv2 protocols are permitting larger commonplace VPN algorithms and key values.
On this article, we’re going to learn to configure an IPsec/IKE coverage for site-to-site (S2S) VPN connections utilizing the PowerShell ISE.
Step 1
Earlier than upgrading the Connection, please confirm the next steps are configured within the Azure portal.
- Digital Community
- Gateway subnet
- VPN Gateway
- Native Community Gateway
- VPN connection
Step 2
Within the Azure Portal, go to the right “Useful resource group” after which open the “VPN Connection”.
Step 3
Discovering the right parameters to enter the PowerShell script.
- $RG1 = Useful resource Group Identify – Copy the Useful resource Group Identify “Website-1”
- $connection1 = VPN Connection Identify – Copy the VPN Connection Identify “Site1-to-Site2”
- $connection2 = Get the VPN Connection to assign the parameters
- $ipsecpolicy1 = Assigning the IKEv2/IPsec Parameters
- $connection2.SharedKey = VPN Connection Pre-Shared Key Data – Copy the Shared Key
- $connection2.IpsecPolicies= Confirm the Connection Standing
Step 4
Outline the parameters in accordance with the client’s requirement.
- $RG1=“Website-1”
- $connection1=“Site1-to-Site2”
- $connection2=Get-AzureRmVirtualNetworkGatewayConnection-Identify$connection1-ResourceGroupName$RG1
- $ipsecpolicy1=New-AzureRmIpsecPolicy-IkeEncryptionAES256-IkeIntegritySHA256-DhGroupDHGroup2-IpsecEncryptionAES256-IpsecIntegritySHA256-PfsGroupPFS2-SALifeTimeSeconds28800-SADataSizeKilobytes102400000
- $connection2.SharedKey =“asd@@123456@@asd”
- Set-AzureRmVirtualNetworkGatewayConnection-VirtualNetworkGatewayConnection$connection2-IpsecPolicies$ipsecpolicy1
- $connection2=Get-AzureRmVirtualNetworkGatewayConnection-Identify$connection1-ResourceGroupName$RG1
- $connection2.IpsecPolicies
Step 5
Join the Azure portal utilizing the PowerShell ISE, Sort Join-AzureRmAccount after which Click on Run Choice (F8). Within the Credentials dialog field enter your electronic mail handle and the password.
Step 6
Now you’ll be able to confirm that you’re efficiently logged in to Azure, be certain it is the right “Subscription”. If the subscription is mistaken choose the right subscription utilizing the next command: Choose-AzureRmSubscription”Subscription Identify”
Step 7
Run the next instructions step-by-step
Step 8
Run the “Set-AzureRmVirtualNetworkGatewayConnection” the command to use the IPsec/IKEv2 parameters whenever you run the command the Overwrite affirmation dialog field will seem, hit Sure to use the parameters.
Step 9
Now we are able to confirm the connection has been upgraded to the brand new parameter utilizing the beneath command.
Abstract
On this article, we’ve got realized the right way to improve the VPN Connection parameters utilizing the PowerShell instructions, in our subsequent article we are going to learn to configure the VPN Connection Parameters utilizing the Azure Portal.
