Setup Azure VPN using PowerShell

Hey Scripters! Today I want to share with you my script for setup Azure VPN using PowerShell.

In few words, script is using basic Azure module command.
At the begginig you should have your VPN device already configured and once it is done, you can start configuration from Azure site.
To configure VPN device you should already have public IP created in Azure.
All variables depends on your on premise environment configuration. You should know for example, which VNET will be used in Azure.

Script:

# Variables
$ResourceGroupName = "rg_name"
$Location = "West Europe"
$subnet1Name = "default"
$subnet1Prefix = "10.0.0.0/24"
$subnet2Name = "GatewaySubnet"
$subnet2Prefix = "10.0.0.0/27"
$VNETName = "vpn-vnet-prod"
$VnetPrefix = "10.0.0.0/23"
$LocalNetworkGatewayName = "vpn-lgw-prod"
$GatewayIPName = "vpn-vgw-pip-prod"
$VNETGatewayName = "vpn-vgw-prod"
$GatewayIPAddress = "193.0.0.0"     ### Adress IP of VPN device onpremise 
$AddressPrefix = "10.1.0.0/26"      ### Onpremise adress space
$VPNConnectionName = "Azure-OnPremise"
$GatewayConfigName = "vgwipconfig1"
$PSKKey = "SuperSecretPassword"

# Create RG
New-AzureRmResourceGroup -Name $ResourceGroupName -Location $Location

#Create Public IP for VPN
$GatewayPublicIP = New-AzureRmPublicIpAddress -Name $GatewayIPName -ResourceGroupName $ResourceGroupName -Location $Location -AllocationMethod Dynamic

# Now you can configure your VPN device using public IP from above variable 🙂

# Create VNET and subnets
$subnet1 = New-AzureRmVirtualNetworkSubnetConfig -Name $subnet1Name -AddressPrefix $subnet1Prefix
$subnet2 = New-AzureRmVirtualNetworkSubnetConfig -Name $subnet2Name -AddressPrefix $subnet2Prefix
New-AzureRmVirtualNetwork -Name $VNETName -ResourceGroupName $ResourceGroupName -Location $Location -AddressPrefix $VnetPrefix -Subnet $subnet1, $subnet2

#Create the local network gateway

New-AzureRmLocalNetworkGateway -Name $LocalNetworkGatewayName -ResourceGroupName $ResourceGroupName -Location $Location -GatewayIpAddress $GatewayIPAddress -AddressPrefix $AddressPrefix

#Prepare IP adress gateway configuration
$GatewayPIP = Get-AzureRmPublicIpAddress -Name $GatewayIPName -ResourceGroupName $ResourceGroupName
$vnet = Get-AzureRmVirtualNetwork -Name $VNETName -ResourceGroupName $ResourceGroupName
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -Name $subnet2Name -VirtualNetwork $vnet
$GatewayIPConfig = New-AzureRmVirtualNetworkGatewayIpConfig -Name $GatewayConfigName -SubnetId $subnet.Id -PublicIpAddressId $GatewayPIP.Id

#Prepare virtual network gateway
New-AzureRmVirtualNetworkGateway -Name $VNETGatewayName -ResourceGroupName $ResourceGroupName -Location $Location -IpConfigurations $GatewayIPConfig -GatewayType Vpn -VpnType RouteBased -GatewaySku VpnGw1

$VNETGateway = Get-AzureRmVirtualNetworkGateway -Name $VNETGatewayName -ResourceGroupName $ResourceGroupName
$LocalNetworkGateway = Get-AzureRmLocalNetworkGateway -Name $LocalNetworkGatewayName -ResourceGroupName $ResourceGroupName

#Create VPN connection
New-AzureRmVirtualNetworkGatewayConnection -Name $VPNConnectionName -ResourceGroupName $ResourceGroupName `
-Location $Location -VirtualNetworkGateway1 $VNETGateway -LocalNetworkGateway2 $LocalNetworkGateway `
-ConnectionType IPsec -RoutingWeight 10 -SharedKey $PSKKey

Before I setup Azure VPN for the first time I thought it will be much complicated, but as you see it wasn’t at all.
If you have any questions regarding this script, please leave a comment.

I hope it will be usefull for some of you 😉
Enjoy >_!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.