Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
- Latest
- 2025-01-01
- 2024-10-01
- 2024-07-01
- 2024-05-01
- 2024-03-01
- 2024-01-01
- 2023-11-01
- 2023-09-01
- 2023-06-01
- 2023-05-01
- 2023-04-01
- 2023-02-01
- 2022-11-01
- 2022-09-01
- 2022-07-01
- 2022-05-01
- 2022-01-01
- 2021-08-01
- 2021-05-01
- 2021-03-01
- 2021-02-01
- 2020-11-01
- 2020-08-01
- 2020-07-01
- 2020-06-01
- 2020-05-01
- 2020-04-01
- 2020-03-01
- 2019-12-01
- 2019-11-01
- 2019-09-01
- 2019-08-01
Bicep resource definition
The vpnServerConfigurations resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/vpnServerConfigurations resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Network/vpnServerConfigurations@2024-07-01' = {
scope: resourceSymbolicName or scope
___location: 'string'
name: 'string'
properties: {
aadAuthenticationParameters: {
aadAudience: 'string'
aadIssuer: 'string'
aadTenant: 'string'
}
configurationPolicyGroups: [
{
id: 'string'
name: 'string'
properties: {
isDefault: bool
policyMembers: [
{
attributeType: 'string'
attributeValue: 'string'
name: 'string'
}
]
priority: int
}
}
]
name: 'string'
radiusClientRootCertificates: [
{
name: 'string'
thumbprint: 'string'
}
]
radiusServerAddress: 'string'
radiusServerRootCertificates: [
{
name: 'string'
publicCertData: 'string'
}
]
radiusServers: [
{
radiusServerAddress: 'string'
radiusServerScore: int
radiusServerSecret: 'string'
}
]
radiusServerSecret: 'string'
vpnAuthenticationTypes: [
'string'
]
vpnClientIpsecPolicies: [
{
dhGroup: 'string'
ikeEncryption: 'string'
ikeIntegrity: 'string'
ipsecEncryption: 'string'
ipsecIntegrity: 'string'
pfsGroup: 'string'
saDataSizeKilobytes: int
saLifeTimeSeconds: int
}
]
vpnClientRevokedCertificates: [
{
name: 'string'
thumbprint: 'string'
}
]
vpnClientRootCertificates: [
{
name: 'string'
publicCertData: 'string'
}
]
vpnProtocols: [
'string'
]
}
tags: {
{customized property}: 'string'
}
}
Property Values
Microsoft.Network/vpnServerConfigurations
| Name | Description | Value |
|---|---|---|
| ___location | Resource ___location. | string |
| name | The resource name | string (required) |
| properties | Properties of the P2SVpnServer configuration. | VpnServerConfigurationProperties |
| scope | Use when creating a resource at a scope that is different than the deployment scope. | Set this property to the symbolic name of a resource to apply the extension resource. |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
AadAuthenticationParameters
| Name | Description | Value |
|---|---|---|
| aadAudience | AAD Vpn authentication parameter AAD audience. | string |
| aadIssuer | AAD Vpn authentication parameter AAD issuer. | string |
| aadTenant | AAD Vpn authentication parameter AAD tenant. | string |
IpsecPolicy
| Name | Description | Value |
|---|---|---|
| dhGroup | The DH Group used in IKE Phase 1 for initial SA. | 'DHGroup1' 'DHGroup14' 'DHGroup2' 'DHGroup2048' 'DHGroup24' 'ECP256' 'ECP384' 'None' (required) |
| ikeEncryption | The IKE encryption algorithm (IKE phase 2). | 'AES128' 'AES192' 'AES256' 'DES' 'DES3' 'GCMAES128' 'GCMAES256' (required) |
| ikeIntegrity | The IKE integrity algorithm (IKE phase 2). | 'GCMAES128' 'GCMAES256' 'MD5' 'SHA1' 'SHA256' 'SHA384' (required) |
| ipsecEncryption | The IPSec encryption algorithm (IKE phase 1). | 'AES128' 'AES192' 'AES256' 'DES' 'DES3' 'GCMAES128' 'GCMAES192' 'GCMAES256' 'None' (required) |
| ipsecIntegrity | The IPSec integrity algorithm (IKE phase 1). | 'GCMAES128' 'GCMAES192' 'GCMAES256' 'MD5' 'SHA1' 'SHA256' (required) |
| pfsGroup | The Pfs Group used in IKE Phase 2 for new child SA. | 'ECP256' 'ECP384' 'None' 'PFS1' 'PFS14' 'PFS2' 'PFS2048' 'PFS24' 'PFSMM' (required) |
| saDataSizeKilobytes | The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel. | int (required) |
| saLifeTimeSeconds | The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel. | int (required) |
RadiusServer
| Name | Description | Value |
|---|---|---|
| radiusServerAddress | The address of this radius server. | string (required) |
| radiusServerScore | The initial score assigned to this radius server. | int |
| radiusServerSecret | The secret used for this radius server. | string |
ResourceTags
| Name | Description | Value |
|---|
VpnServerConfigRadiusClientRootCertificate
| Name | Description | Value |
|---|---|---|
| name | The certificate name. | string |
| thumbprint | The Radius client root certificate thumbprint. | string |
VpnServerConfigRadiusServerRootCertificate
| Name | Description | Value |
|---|---|---|
| name | The certificate name. | string |
| publicCertData | The certificate public data. | string |
VpnServerConfigurationPolicyGroup
| Name | Description | Value |
|---|---|---|
| id | Resource ID. | string |
| name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
| properties | Properties of the VpnServerConfigurationPolicyGroup. | VpnServerConfigurationPolicyGroupProperties |
VpnServerConfigurationPolicyGroupMember
| Name | Description | Value |
|---|---|---|
| attributeType | The Vpn Policy member attribute type. | 'AADGroupId' 'CertificateGroupId' 'RadiusAzureGroupId' |
| attributeValue | The value of Attribute used for this VpnServerConfigurationPolicyGroupMember. | string |
| name | Name of the VpnServerConfigurationPolicyGroupMember. | string |
VpnServerConfigurationPolicyGroupProperties
| Name | Description | Value |
|---|---|---|
| isDefault | Shows if this is a Default VpnServerConfigurationPolicyGroup or not. | bool |
| policyMembers | Multiple PolicyMembers for VpnServerConfigurationPolicyGroup. | VpnServerConfigurationPolicyGroupMember[] |
| priority | Priority for VpnServerConfigurationPolicyGroup. | int |
VpnServerConfigurationProperties
| Name | Description | Value |
|---|---|---|
| aadAuthenticationParameters | The set of aad vpn authentication parameters. | AadAuthenticationParameters |
| configurationPolicyGroups | List of all VpnServerConfigurationPolicyGroups. | VpnServerConfigurationPolicyGroup[] |
| name | The name of the VpnServerConfiguration that is unique within a resource group. | string |
| radiusClientRootCertificates | Radius client root certificate of VpnServerConfiguration. | VpnServerConfigRadiusClientRootCertificate[] |
| radiusServerAddress | The radius server address property of the VpnServerConfiguration resource for point to site client connection. | string |
| radiusServerRootCertificates | Radius Server root certificate of VpnServerConfiguration. | VpnServerConfigRadiusServerRootCertificate[] |
| radiusServers | Multiple Radius Server configuration for VpnServerConfiguration. | RadiusServer[] |
| radiusServerSecret | The radius secret property of the VpnServerConfiguration resource for point to site client connection. | string |
| vpnAuthenticationTypes | VPN authentication types for the VpnServerConfiguration. | String array containing any of: 'AAD' 'Certificate' 'Radius' |
| vpnClientIpsecPolicies | VpnClientIpsecPolicies for VpnServerConfiguration. | IpsecPolicy[] |
| vpnClientRevokedCertificates | VPN client revoked certificate of VpnServerConfiguration. | VpnServerConfigVpnClientRevokedCertificate[] |
| vpnClientRootCertificates | VPN client root certificate of VpnServerConfiguration. | VpnServerConfigVpnClientRootCertificate[] |
| vpnProtocols | VPN protocols for the VpnServerConfiguration. | String array containing any of: 'IkeV2' 'OpenVPN' |
VpnServerConfigVpnClientRevokedCertificate
| Name | Description | Value |
|---|---|---|
| name | The certificate name. | string |
| thumbprint | The revoked VPN client certificate thumbprint. | string |
VpnServerConfigVpnClientRootCertificate
| Name | Description | Value |
|---|---|---|
| name | The certificate name. | string |
| publicCertData | The certificate public data. | string |
Usage Examples
Azure Verified Modules
The following Azure Verified Modules can be used to deploy this resource type.
| Module | Description |
|---|---|
| VPN Server Configuration | AVM Resource Module for VPN Server Configuration |
ARM template resource definition
The vpnServerConfigurations resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/vpnServerConfigurations resource, add the following JSON to your template.
{
"type": "Microsoft.Network/vpnServerConfigurations",
"apiVersion": "2024-07-01",
"name": "string",
"___location": "string",
"properties": {
"aadAuthenticationParameters": {
"aadAudience": "string",
"aadIssuer": "string",
"aadTenant": "string"
},
"configurationPolicyGroups": [
{
"id": "string",
"name": "string",
"properties": {
"isDefault": "bool",
"policyMembers": [
{
"attributeType": "string",
"attributeValue": "string",
"name": "string"
}
],
"priority": "int"
}
}
],
"name": "string",
"radiusClientRootCertificates": [
{
"name": "string",
"thumbprint": "string"
}
],
"radiusServerAddress": "string",
"radiusServerRootCertificates": [
{
"name": "string",
"publicCertData": "string"
}
],
"radiusServers": [
{
"radiusServerAddress": "string",
"radiusServerScore": "int",
"radiusServerSecret": "string"
}
],
"radiusServerSecret": "string",
"vpnAuthenticationTypes": [ "string" ],
"vpnClientIpsecPolicies": [
{
"dhGroup": "string",
"ikeEncryption": "string",
"ikeIntegrity": "string",
"ipsecEncryption": "string",
"ipsecIntegrity": "string",
"pfsGroup": "string",
"saDataSizeKilobytes": "int",
"saLifeTimeSeconds": "int"
}
],
"vpnClientRevokedCertificates": [
{
"name": "string",
"thumbprint": "string"
}
],
"vpnClientRootCertificates": [
{
"name": "string",
"publicCertData": "string"
}
],
"vpnProtocols": [ "string" ]
},
"tags": {
"{customized property}": "string"
}
}
Property Values
Microsoft.Network/vpnServerConfigurations
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2024-07-01' |
| ___location | Resource ___location. | string |
| name | The resource name | string (required) |
| properties | Properties of the P2SVpnServer configuration. | VpnServerConfigurationProperties |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
| type | The resource type | 'Microsoft.Network/vpnServerConfigurations' |
AadAuthenticationParameters
| Name | Description | Value |
|---|---|---|
| aadAudience | AAD Vpn authentication parameter AAD audience. | string |
| aadIssuer | AAD Vpn authentication parameter AAD issuer. | string |
| aadTenant | AAD Vpn authentication parameter AAD tenant. | string |
IpsecPolicy
| Name | Description | Value |
|---|---|---|
| dhGroup | The DH Group used in IKE Phase 1 for initial SA. | 'DHGroup1' 'DHGroup14' 'DHGroup2' 'DHGroup2048' 'DHGroup24' 'ECP256' 'ECP384' 'None' (required) |
| ikeEncryption | The IKE encryption algorithm (IKE phase 2). | 'AES128' 'AES192' 'AES256' 'DES' 'DES3' 'GCMAES128' 'GCMAES256' (required) |
| ikeIntegrity | The IKE integrity algorithm (IKE phase 2). | 'GCMAES128' 'GCMAES256' 'MD5' 'SHA1' 'SHA256' 'SHA384' (required) |
| ipsecEncryption | The IPSec encryption algorithm (IKE phase 1). | 'AES128' 'AES192' 'AES256' 'DES' 'DES3' 'GCMAES128' 'GCMAES192' 'GCMAES256' 'None' (required) |
| ipsecIntegrity | The IPSec integrity algorithm (IKE phase 1). | 'GCMAES128' 'GCMAES192' 'GCMAES256' 'MD5' 'SHA1' 'SHA256' (required) |
| pfsGroup | The Pfs Group used in IKE Phase 2 for new child SA. | 'ECP256' 'ECP384' 'None' 'PFS1' 'PFS14' 'PFS2' 'PFS2048' 'PFS24' 'PFSMM' (required) |
| saDataSizeKilobytes | The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel. | int (required) |
| saLifeTimeSeconds | The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel. | int (required) |
RadiusServer
| Name | Description | Value |
|---|---|---|
| radiusServerAddress | The address of this radius server. | string (required) |
| radiusServerScore | The initial score assigned to this radius server. | int |
| radiusServerSecret | The secret used for this radius server. | string |
ResourceTags
| Name | Description | Value |
|---|
VpnServerConfigRadiusClientRootCertificate
| Name | Description | Value |
|---|---|---|
| name | The certificate name. | string |
| thumbprint | The Radius client root certificate thumbprint. | string |
VpnServerConfigRadiusServerRootCertificate
| Name | Description | Value |
|---|---|---|
| name | The certificate name. | string |
| publicCertData | The certificate public data. | string |
VpnServerConfigurationPolicyGroup
| Name | Description | Value |
|---|---|---|
| id | Resource ID. | string |
| name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
| properties | Properties of the VpnServerConfigurationPolicyGroup. | VpnServerConfigurationPolicyGroupProperties |
VpnServerConfigurationPolicyGroupMember
| Name | Description | Value |
|---|---|---|
| attributeType | The Vpn Policy member attribute type. | 'AADGroupId' 'CertificateGroupId' 'RadiusAzureGroupId' |
| attributeValue | The value of Attribute used for this VpnServerConfigurationPolicyGroupMember. | string |
| name | Name of the VpnServerConfigurationPolicyGroupMember. | string |
VpnServerConfigurationPolicyGroupProperties
| Name | Description | Value |
|---|---|---|
| isDefault | Shows if this is a Default VpnServerConfigurationPolicyGroup or not. | bool |
| policyMembers | Multiple PolicyMembers for VpnServerConfigurationPolicyGroup. | VpnServerConfigurationPolicyGroupMember[] |
| priority | Priority for VpnServerConfigurationPolicyGroup. | int |
VpnServerConfigurationProperties
| Name | Description | Value |
|---|---|---|
| aadAuthenticationParameters | The set of aad vpn authentication parameters. | AadAuthenticationParameters |
| configurationPolicyGroups | List of all VpnServerConfigurationPolicyGroups. | VpnServerConfigurationPolicyGroup[] |
| name | The name of the VpnServerConfiguration that is unique within a resource group. | string |
| radiusClientRootCertificates | Radius client root certificate of VpnServerConfiguration. | VpnServerConfigRadiusClientRootCertificate[] |
| radiusServerAddress | The radius server address property of the VpnServerConfiguration resource for point to site client connection. | string |
| radiusServerRootCertificates | Radius Server root certificate of VpnServerConfiguration. | VpnServerConfigRadiusServerRootCertificate[] |
| radiusServers | Multiple Radius Server configuration for VpnServerConfiguration. | RadiusServer[] |
| radiusServerSecret | The radius secret property of the VpnServerConfiguration resource for point to site client connection. | string |
| vpnAuthenticationTypes | VPN authentication types for the VpnServerConfiguration. | String array containing any of: 'AAD' 'Certificate' 'Radius' |
| vpnClientIpsecPolicies | VpnClientIpsecPolicies for VpnServerConfiguration. | IpsecPolicy[] |
| vpnClientRevokedCertificates | VPN client revoked certificate of VpnServerConfiguration. | VpnServerConfigVpnClientRevokedCertificate[] |
| vpnClientRootCertificates | VPN client root certificate of VpnServerConfiguration. | VpnServerConfigVpnClientRootCertificate[] |
| vpnProtocols | VPN protocols for the VpnServerConfiguration. | String array containing any of: 'IkeV2' 'OpenVPN' |
VpnServerConfigVpnClientRevokedCertificate
| Name | Description | Value |
|---|---|---|
| name | The certificate name. | string |
| thumbprint | The revoked VPN client certificate thumbprint. | string |
VpnServerConfigVpnClientRootCertificate
| Name | Description | Value |
|---|---|---|
| name | The certificate name. | string |
| publicCertData | The certificate public data. | string |
Usage Examples
Azure Quickstart Templates
The following Azure Quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Azure Virtual WAN (vWAN) Multi-Hub Deployment |
This template allows you to create an Azure Virtual WAN (vWAN) multi-hub deployment including all gateways and VNET connections. |
| Azure vWAN Multi-Hub Deployment with Custom Routing Tables |
This template allows you to create an Azure Virtual WAN (vWAN) multi-hub deployment, including all gateways and VNET connections, and demonstrate the usage of Route Tables for custom routing. |
| vWAN P2S deployment with multi address pool and user groups |
This template deploys Azure Virtual WAN (vWAN) with a P2S configured with multiple address pool and user groups |
Terraform (AzAPI provider) resource definition
The vpnServerConfigurations resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/vpnServerConfigurations resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Network/vpnServerConfigurations@2024-07-01"
name = "string"
parent_id = "string"
___location = "string"
tags = {
{customized property} = "string"
}
body = {
properties = {
aadAuthenticationParameters = {
aadAudience = "string"
aadIssuer = "string"
aadTenant = "string"
}
configurationPolicyGroups = [
{
id = "string"
name = "string"
properties = {
isDefault = bool
policyMembers = [
{
attributeType = "string"
attributeValue = "string"
name = "string"
}
]
priority = int
}
}
]
name = "string"
radiusClientRootCertificates = [
{
name = "string"
thumbprint = "string"
}
]
radiusServerAddress = "string"
radiusServerRootCertificates = [
{
name = "string"
publicCertData = "string"
}
]
radiusServers = [
{
radiusServerAddress = "string"
radiusServerScore = int
radiusServerSecret = "string"
}
]
radiusServerSecret = "string"
vpnAuthenticationTypes = [
"string"
]
vpnClientIpsecPolicies = [
{
dhGroup = "string"
ikeEncryption = "string"
ikeIntegrity = "string"
ipsecEncryption = "string"
ipsecIntegrity = "string"
pfsGroup = "string"
saDataSizeKilobytes = int
saLifeTimeSeconds = int
}
]
vpnClientRevokedCertificates = [
{
name = "string"
thumbprint = "string"
}
]
vpnClientRootCertificates = [
{
name = "string"
publicCertData = "string"
}
]
vpnProtocols = [
"string"
]
}
}
}
Property Values
Microsoft.Network/vpnServerConfigurations
| Name | Description | Value |
|---|---|---|
| ___location | Resource ___location. | string |
| name | The resource name | string (required) |
| parent_id | The ID of the resource to apply this extension resource to. | string (required) |
| properties | Properties of the P2SVpnServer configuration. | VpnServerConfigurationProperties |
| tags | Resource tags | Dictionary of tag names and values. |
| type | The resource type | "Microsoft.Network/vpnServerConfigurations@2024-07-01" |
AadAuthenticationParameters
| Name | Description | Value |
|---|---|---|
| aadAudience | AAD Vpn authentication parameter AAD audience. | string |
| aadIssuer | AAD Vpn authentication parameter AAD issuer. | string |
| aadTenant | AAD Vpn authentication parameter AAD tenant. | string |
IpsecPolicy
| Name | Description | Value |
|---|---|---|
| dhGroup | The DH Group used in IKE Phase 1 for initial SA. | 'DHGroup1' 'DHGroup14' 'DHGroup2' 'DHGroup2048' 'DHGroup24' 'ECP256' 'ECP384' 'None' (required) |
| ikeEncryption | The IKE encryption algorithm (IKE phase 2). | 'AES128' 'AES192' 'AES256' 'DES' 'DES3' 'GCMAES128' 'GCMAES256' (required) |
| ikeIntegrity | The IKE integrity algorithm (IKE phase 2). | 'GCMAES128' 'GCMAES256' 'MD5' 'SHA1' 'SHA256' 'SHA384' (required) |
| ipsecEncryption | The IPSec encryption algorithm (IKE phase 1). | 'AES128' 'AES192' 'AES256' 'DES' 'DES3' 'GCMAES128' 'GCMAES192' 'GCMAES256' 'None' (required) |
| ipsecIntegrity | The IPSec integrity algorithm (IKE phase 1). | 'GCMAES128' 'GCMAES192' 'GCMAES256' 'MD5' 'SHA1' 'SHA256' (required) |
| pfsGroup | The Pfs Group used in IKE Phase 2 for new child SA. | 'ECP256' 'ECP384' 'None' 'PFS1' 'PFS14' 'PFS2' 'PFS2048' 'PFS24' 'PFSMM' (required) |
| saDataSizeKilobytes | The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel. | int (required) |
| saLifeTimeSeconds | The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel. | int (required) |
RadiusServer
| Name | Description | Value |
|---|---|---|
| radiusServerAddress | The address of this radius server. | string (required) |
| radiusServerScore | The initial score assigned to this radius server. | int |
| radiusServerSecret | The secret used for this radius server. | string |
ResourceTags
| Name | Description | Value |
|---|
VpnServerConfigRadiusClientRootCertificate
| Name | Description | Value |
|---|---|---|
| name | The certificate name. | string |
| thumbprint | The Radius client root certificate thumbprint. | string |
VpnServerConfigRadiusServerRootCertificate
| Name | Description | Value |
|---|---|---|
| name | The certificate name. | string |
| publicCertData | The certificate public data. | string |
VpnServerConfigurationPolicyGroup
| Name | Description | Value |
|---|---|---|
| id | Resource ID. | string |
| name | The name of the resource that is unique within a resource group. This name can be used to access the resource. | string |
| properties | Properties of the VpnServerConfigurationPolicyGroup. | VpnServerConfigurationPolicyGroupProperties |
VpnServerConfigurationPolicyGroupMember
| Name | Description | Value |
|---|---|---|
| attributeType | The Vpn Policy member attribute type. | 'AADGroupId' 'CertificateGroupId' 'RadiusAzureGroupId' |
| attributeValue | The value of Attribute used for this VpnServerConfigurationPolicyGroupMember. | string |
| name | Name of the VpnServerConfigurationPolicyGroupMember. | string |
VpnServerConfigurationPolicyGroupProperties
| Name | Description | Value |
|---|---|---|
| isDefault | Shows if this is a Default VpnServerConfigurationPolicyGroup or not. | bool |
| policyMembers | Multiple PolicyMembers for VpnServerConfigurationPolicyGroup. | VpnServerConfigurationPolicyGroupMember[] |
| priority | Priority for VpnServerConfigurationPolicyGroup. | int |
VpnServerConfigurationProperties
| Name | Description | Value |
|---|---|---|
| aadAuthenticationParameters | The set of aad vpn authentication parameters. | AadAuthenticationParameters |
| configurationPolicyGroups | List of all VpnServerConfigurationPolicyGroups. | VpnServerConfigurationPolicyGroup[] |
| name | The name of the VpnServerConfiguration that is unique within a resource group. | string |
| radiusClientRootCertificates | Radius client root certificate of VpnServerConfiguration. | VpnServerConfigRadiusClientRootCertificate[] |
| radiusServerAddress | The radius server address property of the VpnServerConfiguration resource for point to site client connection. | string |
| radiusServerRootCertificates | Radius Server root certificate of VpnServerConfiguration. | VpnServerConfigRadiusServerRootCertificate[] |
| radiusServers | Multiple Radius Server configuration for VpnServerConfiguration. | RadiusServer[] |
| radiusServerSecret | The radius secret property of the VpnServerConfiguration resource for point to site client connection. | string |
| vpnAuthenticationTypes | VPN authentication types for the VpnServerConfiguration. | String array containing any of: 'AAD' 'Certificate' 'Radius' |
| vpnClientIpsecPolicies | VpnClientIpsecPolicies for VpnServerConfiguration. | IpsecPolicy[] |
| vpnClientRevokedCertificates | VPN client revoked certificate of VpnServerConfiguration. | VpnServerConfigVpnClientRevokedCertificate[] |
| vpnClientRootCertificates | VPN client root certificate of VpnServerConfiguration. | VpnServerConfigVpnClientRootCertificate[] |
| vpnProtocols | VPN protocols for the VpnServerConfiguration. | String array containing any of: 'IkeV2' 'OpenVPN' |
VpnServerConfigVpnClientRevokedCertificate
| Name | Description | Value |
|---|---|---|
| name | The certificate name. | string |
| thumbprint | The revoked VPN client certificate thumbprint. | string |
VpnServerConfigVpnClientRootCertificate
| Name | Description | Value |
|---|---|---|
| name | The certificate name. | string |
| publicCertData | The certificate public data. | string |
Usage Examples
Terraform Samples
A basic example of deploying VPN Server Configuration.
terraform {
required_providers {
azapi = {
source = "Azure/azapi"
}
}
}
provider "azapi" {
skip_provider_registration = false
}
variable "resource_name" {
type = string
default = "acctest0001"
}
variable "___location" {
type = string
default = "westeurope"
}
variable "radius_server_secret" {
type = string
description = "The RADIUS server secret for VPN server configuration"
sensitive = true
}
resource "azapi_resource" "resourceGroup" {
type = "Microsoft.Resources/resourceGroups@2020-06-01"
name = var.resource_name
___location = var.___location
}
resource "azapi_resource" "vpnServerConfiguration" {
type = "Microsoft.Network/vpnServerConfigurations@2022-07-01"
parent_id = azapi_resource.resourceGroup.id
name = var.resource_name
___location = var.___location
body = {
properties = {
radiusClientRootCertificates = [
]
radiusServerAddress = ""
radiusServerRootCertificates = [
]
radiusServerSecret = var.radius_server_secret
radiusServers = [
{
radiusServerAddress = "10.105.1.1"
radiusServerScore = 15
radiusServerSecret = var.radius_server_secret
},
]
vpnAuthenticationTypes = [
"Radius",
]
vpnClientIpsecPolicies = [
]
vpnClientRevokedCertificates = [
]
vpnClientRootCertificates = [
]
vpnProtocols = [
"OpenVPN",
"IkeV2",
]
}
}
schema_validation_enabled = false
response_export_values = ["*"]
}