az account list -o table# General
Location="westeurope"
RGroup="AdatumRG"
# Virtual Network (VNet)
VNet_Name="AdatumVNet"
VNet_AddressPrefixes="172.18.0.0/16"
VNet_FirstSubnetName="Deployment"
VNet_FirstSubnetPrefix="172.18.0.0/24"
VNet_GatewaySubnetPrefix="172.18.255.240/28"
# Virtual Network Gateway (Vng)
Vng_Name="AdatumVNG"
Vng_Pip="$Vng_Name-Pip"
Vng_ClientAddressPrefix="192.168.0.0/24"
# Local Network Gateway (Lng)
Lng_Name="BerlinLNG"
Lng_Pip=$(host -4 nielsabel.ddns.net | awk '/has address/{print $4}')
Lng_LocalAddressPrefix="192.168.42.0/24"
# VPN Connection (Vpn)
Vpn_Name="Adatum-Berlin-VPN"
Vpn_SharedKey='%0anbdabK=Fdce2f0d414a6!c1a4b1fk'Syntax: Create a new resource group
az group create --name $RGroup --location $Location
az group list -o tableSyntax: Create a virtual network
az network vnet create --name $VNet_Name \
--location $Location \
--resource-group $RGroup \
--address-prefixes $VNet_AddressPrefixes \
--subnet-name $VNet_FirstSubnetName \
--subnet-prefix $VNet_FirstSubnetPrefix
az network vnet list -o tableSyntax: Create a subnet
az network vnet subnet create --name GatewaySubnet \
--address-prefix $VNet_GatewaySubnetPrefix \
--vnet-name $VNet_Name \
--resource-group $RGroup
az network vnet subnet list --resource-group $RGroup --vnet-name $VNet_Name -o tableSyntax: Create a public IP address
az network public-ip create --name $Vng_Pip \
--resource-group $RGroup \
--allocation-method dynamic \
--location $Location
az network public-ip list -o table --resource-group $RGroupSyntax: Create a virtual network gateway
az network vnet-gateway create --name $Vng_Name \
--location $Location \
--resource-group $RGroup \
--vnet $VNet_Name \
--address-prefixes $Vng_ClientAddressPrefix \
--public-ip-addresses $Vng_Pip \
--vpn-type PolicyBased \
--sku Basic \
--no-wait
az network vnet-gateway list --resource-group $RGroup -o tableSyntax: Create a local VPN gateway
az network local-gateway create --name $Lng_Name \
--location $Location \
--resource-group $RGroup \
--gateway-ip-address $Lng_Pip \
--local-address-prefix $Lng_LocalAddressPrefix \
--no-wait
az network local-gateway list --resource-group $RGroup -o tableSyntax: Create a VPN connection
az network vpn-connection create --name $Vpn_Name \
--location $Location \
--resource-group $RGroup \
--vnet-gateway1 $Vng_Name \
--local-gateway2 $Lng_Name \
--shared-key $Vpn_SharedKey
az network vpn-connection list --resource-group $RGroup -o tableBjoern Olausson: Site-to-Site VPN with Fritz!Box
vpncfg {
connections {
enabled = yes;
conn_type = conntype_lan;
name = "HeidelbergGW";
always_renew = no;
reject_not_encrypted = no;
dont_filter_netbios = yes;
localip = 0.0.0.0;
local_virtualip = 0.0.0.0;
remoteip = 23.97.252.224;
remote_virtualip = 0.0.0.0;
localid {
fqdn = "nielsabel.ddns.net";
}
remoteid {
ipaddr = 23.97.252.224;
}
mode = phase1_mode_aggressive;
phase1ss = "all/all/all";
keytype = connkeytype_pre_shared;
key = "%0anbdabK=Fdce2f0d414a6!c1a4b1fk";
cert_do_server_auth = no;
use_nat_t = yes;
use_xauth = no;
use_cfgmode = no;
phase2localid {
ipnet {
ipaddr = 192.168.42.0;
mask = 255.255.255.0;
}
}
phase2remoteid {
ipnet {
ipaddr = 172.17.0.0;
mask = 255.255.0.0;
}
}
phase2ss = "esp-all-all/ah-none/comp-all/no-pfs";
accesslist = "permit ip any 172.17.0.0 255.255.0.0";
}
ike_forward_rules = "udp 0.0.0.0:500 0.0.0.0:500",
"udp 0.0.0.0:4500 0.0.0.0:4500";
}Lng_Pip=$(host -4 nielsabel.ddns.net | awk '/has address/{print $4}')
az network local-gateway update --name $Lng_Name \
--resource-group $RGroup \
--gateway-ip-address $Lng_Pip