跳过导航

The Azure Quickstart templates are currently available in English

VPN Custom IPSec Policy

Nathan McGee 提供
上次更新时间: 2021/5/3

This custom IPSec Policy allows more granular configuration of the IKE Parameters. This allows you to deploy a site-to-site VPN Policy to support specific settings on your VPN Endpoit Device.

此 Azure Resource Manager (ARM) 模板由社区的某个成员(而不是由 Microsoft)创建。每个 ARM 模板都根据其所有者(不是 Microsoft)的许可协议向你授予许可。Microsoft 不对由社区成员提供并授予许可的 ARM 模板负责,并且不针对安全性、兼容性和性能进行筛选。社区 ARM 模板不由任何 Microsoft 支持计划或服务提供支持,按“原样”提供,没有任何种类的担保。

参数

参数名 说明
location Resource Location
vpnGateway_Name Name of existing Virtual Network Gateway to deploy the connection to
localGateway_Name Name of existing Local Network Gateway to deploy the connection to
vpnName Name of the VPN connection between Azure and On-Premises (ex: AzureUKS-to-LDN)
vpnProtocol Protocol utilised by the VPN Connection (IKEv1, IKEv2)
saLifeTimeSeconds Security Association Lifetime (Seconds)
saDataSizeKilobytes Security Association Data Size (KB)
ipsecEncryption IPSec Encryption
ipsecIntegrity IPSec Integrity
ikeEncryption IKE Encryption
ikeIntegrity IKE Integrity
dhGroup Diffie-Hellman Group
pfsGroup Perfect Forward Secrecy Group
sharedKey Pre-Shared Key
policyBasedTrafficSelectors Enable this if the OnPremises VPN endpoint needs to be configured as a Policy-Based VPN

使用模板

PowerShell

New-AzResourceGroup -Name <resource-group-name> -Location <resource-group-location> #use this command when you need to create a new resource group for your deployment
New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.network/vpn-custom-ipsec-policy/azuredeploy.json
安装和配置 Azure PowerShell

命令行

az group create --name <resource-group-name> --location <resource-group-location> #use this command when you need to create a new resource group for your deployment
az group deployment create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.network/vpn-custom-ipsec-policy/azuredeploy.json
安装和配置 Azure 跨平台命令行界面