You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/vpn-gateway/vpn-gateway-download-vpndevicescript.md
+28-35Lines changed: 28 additions & 35 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,70 +5,63 @@ titleSuffix: Azure VPN Gateway
5
5
author: cherylmc
6
6
ms.service: vpn-gateway
7
7
ms.topic: how-to
8
-
ms.date: 10/24/2022
8
+
ms.date: 03/13/2024
9
9
ms.author: cherylmc
10
10
ms.custom: devx-track-azurepowershell
11
11
12
12
---
13
13
# Download VPN device configuration scripts for S2S VPN connections
14
14
15
-
This article walks you through downloading VPN device configuration scripts for S2S VPN connections with Azure VPN Gateways. The following diagram shows the high-level workflow.
15
+
This article walks you through downloading VPN device configuration scripts for site-to-site (S2S) VPN connections with Azure VPN Gateway. The following diagram shows the high-level workflow.
:::image type="content" source="./media/vpn-gateway-download-vpndevicescript/downloaddevicescript.png" alt-text="Diagram shows the high level workflow for VPN device configuration scripts." lightbox="./media/vpn-gateway-download-vpndevicescript/downloaddevicescript.png":::
A cross-premises VPN connection consists of an Azure VPN gateway, an on-premises VPN device, and an IPsec S2S VPN tunnel connecting the two. The typical work flow includes the following steps:
22
22
23
-
1. Create and configure an Azure VPN gateway (virtual network gateway)
24
-
2. Create and configure an Azure local network gateway that represents your on-premises network and VPN device
25
-
3. Create and configure an Azure VPN connection between the Azure VPN gateway and the local network gateway
26
-
4. Configure the on-premises VPN device represented by the local network gateway to establish the actual S2S VPN tunnel with the Azure VPN gateway
23
+
1. Create and configure an Azure VPN gateway (virtual network gateway).
24
+
1. Create and configure an Azure local network gateway that represents your on-premises network and VPN device.
25
+
1. Create and configure an Azure VPN connection between the Azure VPN gateway and the local network gateway.
26
+
1. Configure the on-premises VPN device represented by the local network gateway to establish the actual S2S VPN tunnel with the Azure VPN gateway.
27
27
28
28
You can complete steps 1 through 3 using the Azure [portal](./tutorial-site-to-site-portal.md), [PowerShell](vpn-gateway-create-site-to-site-rm-powershell.md), or [CLI](vpn-gateway-howto-site-to-site-resource-manager-cli.md). The last step involves configuring the on-premises VPN devices outside of Azure. This feature allows you to download a configuration script for your VPN device with the corresponding values of your Azure VPN gateway, virtual network, and on-premises network address prefixes, and VPN connection properties, etc. already filled in. You can use the script as a starting point, or apply the script directly to your on-premises VPN devices via the configuration console.
29
29
30
-
> [!IMPORTANT]
31
-
> * The syntax for each VPN device configuration script is different, and heavily dependent on the models and firmware versions. Pay special attention to your device model and version information against the available templates.
32
-
> * Some parameter values must be unique on the device, and cannot be determined without accessing the device. The Azure-generated configuration scripts pre-fill these values, but you need to ensure the provided values are valid on your device. For examples:
33
-
> * Interface numbers
34
-
> * Access control list numbers
35
-
> * Policy names or numbers, etc.
36
-
> * Look for the keyword, "**REPLACE**", embedded in the script to find the parameters you need to verify before applying the script.
37
-
> * Some templates include a "**CLEANUP**" section you can apply to remove the configurations. The cleanup sections are commented out by default.
30
+
The syntax for each VPN device configuration script is different and heavily dependent on the models and firmware versions. Pay special attention to your device model and version information against the available templates.
38
31
39
-
## Download the configuration script from Azure portal
32
+
* Some parameter values must be unique on the device, and can't be determined without accessing the device. The Azure-generated configuration scripts prefill these values, but you need to ensure the provided values are valid on your device. For examples:
40
33
41
-
Create an Azure VPN gateway, local network gateway, and a connection resource connecting the two. The following page guides you through the steps:
42
-
43
-
*[Create a Site-to-Site connection in the Azure portal](./tutorial-site-to-site-portal.md)
44
-
45
-
Once the connection resource is created, follow the instructions below to download the VPN device configuration scripts:
34
+
* Interface numbers
35
+
* Access control list numbers
36
+
* Policy names or numbers, etc.
46
37
47
-
1. From a browser, navigate to the [Azure portal](https://portal.azure.com) and, if necessary, sign in with your Azure account
48
-
2. Go to the connection resource you created. You can find the list of all connection resources by clicking "All services", then "NETWORKING", and "Connections."
38
+
* Look for the keyword, "**REPLACE**", embedded in the script to find the parameters you need to verify before applying the script.
39
+
* Some templates include a "**CLEANUP**" section you can apply to remove the configurations. The cleanup sections are commented out by default.
:::image type="content" source="./media/vpn-gateway-download-vpndevicescript/download-configuration.png" alt-text="Screenshot of the configuration screen showing the download configuration link." lightbox="./media/vpn-gateway-download-vpndevicescript/download-configuration.png":::
63
54
64
-
6. You're prompted to save the downloaded script (a text file) from your browser.
65
-
7. Once you downloaded the configuration script, open it with a text editor and search for the keyword "REPLACE" to identify and examine the parameters that may need to be replaced.
55
+
1. On the **Download configuration** page, from the dropdowns, select the device vendor, device family, and firmware version.
:::image type="content" source="./media/vpn-gateway-download-vpndevicescript/download-configuration-page.png" alt-text="Screenshot of the configuration screen showing the download configuration page to select vendor, family, and firmware version." lightbox="./media/vpn-gateway-download-vpndevicescript/download-configuration-page.png":::
68
58
69
-
## Download the configuration script using Azure PowerShell
59
+
1. Once you've selected the device, click **Download configuration**. The configuration is generated and you're prompted to save the downloaded script (a text file) from your browser.
60
+
1. Open the configuration script with a text editor and search for the keyword "REPLACE" to identify and examine the parameters that might need to be replaced before applying the script to your VPN device.
70
61
62
+
:::image type="content" source="./media/vpn-gateway-download-vpndevicescript/edit-script.png" alt-text="Screenshot shows the configuration file opened using a text editor." lightbox="./media/vpn-gateway-download-vpndevicescript/edit-script.png":::
71
63
64
+
## Download the configuration script - Azure PowerShell
72
65
73
66
You can also download the configuration script using Azure PowerShell, as shown in the following example:
0 commit comments