search

Azure / azure-sdk-for-python

This repository is for active development of the Azure SDK for Python. For consumers of the SDK we recommend visiting our public developer docs at https://learn.microsoft.com/python/azure/ or our versioned developer docs at https://azure.github.io/azure-sdk-for-python.
MIT License
4.61k stars 2.82k forks source link

Unable to create VPN Client configuration #23009

Closed MPereira95 closed 2 years ago

MPereira95 commented 2 years ago

Hello, i'm trying to build a virtual network gateway with the vpn_client_configuration parameters.

Here's an example of my code:

virtual_network_gateway = network_client.virtual_network_gateways.begin_create_or_update(
    GROUP_NAME,
    VIRTUAL_NETWORK_GATEWAY,
        {
        "ip_configurations": [
        {
            "private_ip_allocation_method": "Dynamic",
            "subnet": {
            "id": "/subscriptions/" + SUBSCRIPTION_ID + "/resourceGroups/" + GROUP_NAME + "/providers/Microsoft.Network/virtualNetworks/" + VIRTUAL_NETWORK_NAME + "/subnets/" + SUBNET + ""
            },
            "public_ip_address": {
            "id": "/subscriptions/" + SUBSCRIPTION_ID + "/resourceGroups/" + GROUP_NAME + "/providers/Microsoft.Network/publicIPAddresses/" + PUBLIC_IP_ADDRESS_NAME + ""
            },
            "name": IP_CONFIGURATION_NAME
        }
        ],
            "gateway_type": "Vpn",
            "vpn_type": "RouteBased",
            "enable_bgp": False,
            "active_active": False,
            "enable_dns_forwarding": False,
            "sku": {
            "name": "VpnGw1",
            "tier": "VpnGw1",
            },

            "vpn_client_configuration" : {
            "vpn_client_address_pool" : {
            "address_prefix" : ["192.168.0.0/24"]
            },
            "vpn_client_root_certificates " : [
            {   
            "name" : "testCA",
            "public_cert_data" : ROOT_CERT
            }
            ],
            "vpn_client_protocols" : [
            "OpenVPN"
            ]
            },
            "vpn_gateway_generation" : "Generation1",
            "location": "westeurope"

    }
).result()

It creates the virtual netwok gateway with all of the information except the client configuration!

Screenshot 2022-02-10 at 16 07 32

I couldn't find any samples so i'm not sure if the issue is the syntax, but i followed this document:

https://docs.microsoft.com/en-us/python/api/azure-mgmt-network/azure.mgmt.network.v2020_04_01.models.vpnclientconfiguration?view=azure-python

Thanks for the help!

azure-sdk commented 2 years ago

Label prediction was below confidence level 0.6 for Model:ServiceLabels: 'Service Bus:0.103939325,Event Hubs:0.07751969,Cosmos:0.057027698'

xiangyan99 commented 2 years ago

Thanks for the feedback, we’ll investigate asap.

Wzb123456789 commented 2 years ago

@MPereira95 Thanks for your feedback, after my investigation, I noticed that the sku parameter in the example model you gave needs to be changed to VpnGw2, and the location parameter needs to be consistent with the location of resource groups.

Also I found a tutorial to create a virtual gateway, please go to the link: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal#add

MPereira95 commented 2 years ago

@Wzb123456789 I changed the SKU but the VPN client configuration is stil not there. I don't want to do this manually trough the portal. I want this to be an automatic process, that's why i define the address prefix, the root certificate and the vpn protocol but still the information is not reaching Azure because when I open the JSON View of the virtual gateway there is no reference to vpn_client_configuration. The location for all my resources is westeurope so that is not the issue.

Wzb123456789 commented 2 years ago

@MPereira95 For more complex parameters, we prefer to use model to pass parameters. The following is the parameter model that I have tried to successfully create a virtual gateway.

vn_para = VirtualNetworkGateway(
    ip_configurations=[VirtualNetworkGatewayIPConfiguration(
        private_ip_allocation_method="Dynamic",
        subnet=SubResource(
            id="/subscriptions/" + SUBSCRIPTION_ID + "/resourceGroups/" + GROUP_NAME + "/providers/Microsoft.Network/virtualNetworks/" + VIRTUAL_NETWORK_NAME + "/subnets/" + SUBNET + ""),
        public_ip_address=SubResource(
            id="/subscriptions/" + SUBSCRIPTION_ID + "/resourceGroups/" + GROUP_NAME + "/providers/Microsoft.Network/publicIPAddresses/" + PUBLIC_IP_ADDRESS_NAME + ""),
        name=IP_CONFIGURATION_NAME
    )],
    gateway_type="Vpn",
    vpn_type="RouteBased",
    enable_bgp=False,
    active=False,
    enable_dns_forwarding=False,
    sku=VirtualNetworkGatewaySku(name="VpnGw2", tier="VpnGw2"),
    vpn_client_configuration=VpnClientConfiguration(
        vpn_client_address_pool=AddressSpace(address_prefixes=["192.168.0.0/24"]),
        vpn_authentication_types=['Certificate'],
        vpn_client_root_certificates=[VpnClientRootCertificate(name="testCA", public_cert_data=ROOT_CERT)],
        vpn_client_protocols=["OpenVPN"],
    ),
    vpn_gateway_generation="Generation2",
    location="westus"
)
MPereira95 commented 2 years ago

@Wzb123456789 Thank you! This solved my problem