Tag Archives: Gateway

Creating a VPN gateway in Azure ARM using PowerShell

Spent a few days at a customer site building stuff. Needed some gateways in ARM (Azure Resource Manager) mode. The code below will create a gateway and all artifacts it depends upon.
Use at your own risk 🙂
# Start here
Login-AzureRmAccount
# Variables
$location01 = “West Europe”
$networkname01 = “AzNet”
$rgname01 = “AzNetRG”
# Azure Network Address Space (/27 for VM use. /29 for gateway use)
# Your Azure network MUST have a subnet named “GatewaySubnet”
# Create your network in the portal, make sure to add all address spaces and subnets before running script. Do NOT forget to add “GatewaySubnet”.
$localSubnets01 = @(“10.1.0.0/27”, “10.1.2.0/29”)
# Remote Network Address Space
$remotenetwork01 = @(“192.168.1.0/24”)
# Remote Network Gateway IP
$RemoteGwIP01 = “8.8.8.8”
# Remote Connection Gateway Name
$RemoteConnectionGwName = “RemGW”
# Remote Connection Name
$RemoteConnectionName = “RemConn”
$VNET01 = Get-AzureRMVirtualNetwork -Name $networkname01 -ResourceGroupName $rgname01
$gwSubnet01 = Get-AzureRMVirtualNetworkSubnetConfig -Name GatewaySubnet -VirtualNetwork $VNET01
# Create a new public IP address.
$gwIP01 = New-AzurermPublicIpAddress -Name ($networkname01 + “-gwip”) -ResourceGroupName $rgname01 -Location $location01 -AllocationMethod Dynamic
# Create VPN gateway configuration.
$gwConfig01 = New-AzurermVirtualNetworkGatewayIpConfig -Name ($RemoteConnectionName + “-gwconfig”) -SubnetId (Get-AzurermVirtualNetworkSubnetConfig -VirtualNetwork $VNET01 -Name GatewaySubnet).Id -PublicIpAddressId $gwIP01.Id
# Create gateway. This will take up to 40 minutes, so be patient.
$gw01 = New-AzurermVirtualNetworkGateway -Name ($networkname01 + “-gw”) -ResourceGroupName $rgname01 -Location $location01 -IpConfigurations $gwConfig01 -GatewayType VPN -VpnType RouteBased -Tag $tags
$localGw01 = New-AzurermLocalNetworkGateway -Name $RemoteConnectionGwName -ResourceGroupName $rgname01 -Location $location01 -GatewayIpAddress $RemoteGwIP01 -AddressPrefix $remotenetwork01
$AzureGW = Get-AzureRmVirtualNetworkGateway -Name ($networkname01 + “-gw”)  -ResourceGroupName $rgname01
$RemoteGW = Get-AzurermLocalNetworkGateway -Name $RemoteConnectionGwName -ResourceGroupName $rgname01
New-AzurermVirtualNetworkGatewayConnection -Name $RemoteConnectionName -ResourceGroupName $rgname01 -Location $location01 -VirtualNetworkGateway1 $AzureGW -LocalNetworkGateway2 $RemoteGW -ConnectionType IPsec -RoutingWeight 10 -SharedKey $sharedKey01
# End here