@@ -582,13 +582,18 @@ function Test-CortexExpressRouteCRUD
582582 $virtualHubName = Get-ResourceName
583583 $VpnServerConfiguration1Name = Get-ResourceName
584584 $VpnServerConfiguration2Name = Get-ResourceName
585+ $VpnServerConfigurationMultiAuthName = Get-ResourceName
585586 $P2SVpnGatewayName = Get-ResourceName
586587 $vpnclientAuthMethod = " EAPTLS"
588+
589+ $aadTenant = " https://login.microsoftonline.com/0ab2c4f4-81e6-44cc-a0b2-b3a47a1443f4"
590+ $aadIssuer = " https://sts.windows.net/0ab2c4f4-81e6-44cc-a0b2-b3a47a1443f4/"
591+ $aadAudience = " a21fce82-76af-45e6-8583-a08cb3b956f9"
587592
588593 $storeName = ' blob' + $rgName
589594
590595 try
591- {
596+ {
592597 # Create the resource group
593598 $resourceGroup = New-AzResourceGroup - Name $rgname - Location $rglocation
594599
@@ -610,11 +615,11 @@ function Test-CortexExpressRouteCRUD
610615 $listOfCerts = New-Object " System.Collections.Generic.List[String]"
611616 $listOfCerts.Add ($VpnServerConfigCertFilePath )
612617 $vpnclientipsecpolicy1 = New-AzVpnClientIpsecPolicy - IpsecEncryption AES256 - IpsecIntegrity SHA256 - SALifeTime 86471 - SADataSize 429496 - IkeEncryption AES256 - IkeIntegrity SHA384 - DhGroup DHGroup14 - PfsGroup PFS14
613- New-AzVpnServerConfiguration - Name $VpnServerConfiguration1Name - ResourceGroupName $rgName - VpnProtocol IkeV2 - VpnAuthenticationType Certificate - VpnClientRootCertificateFilesList $listOfCerts - VpnClientRevokedCertificateFilesList $listOfCerts - VpnClientIpsecPolicy $vpnclientipsecpolicy1 - Location $rglocation
618+ New-AzVpnServerConfiguration - Name $VpnServerConfiguration1Name - ResourceGroupName $rgName - VpnProtocol IkeV2 - VpnAuthenticationType Certificate - VpnClientRootCertificateFilesList $listOfCerts - VpnClientRevokedCertificateFilesList $listOfCerts - VpnClientIpsecPolicy $vpnclientipsecpolicy1 - Location $rglocation
614619
615- # Get created VpnServerConfiguration using Get-AzVpnServerConfiguration
616- $vpnServerConfig1 = Get-AzVpnServerConfiguration - ResourceGroupName $rgName - Name $VpnServerConfiguration1Name
617- Assert-NotNull $vpnServerConfig1
620+ # Get created VpnServerConfiguration using Get-AzVpnServerConfiguration
621+ $vpnServerConfig1 = Get-AzVpnServerConfiguration - ResourceGroupName $rgName - Name $VpnServerConfiguration1Name
622+ Assert-NotNull $vpnServerConfig1
618623 Assert-AreEqual $rgName $vpnServerConfig1.ResourceGroupName
619624 Assert-AreEqual $VpnServerConfiguration1Name $vpnServerConfig1.Name
620625 $protocols = $vpnServerConfig1.VpnProtocols
@@ -640,35 +645,35 @@ function Test-CortexExpressRouteCRUD
640645 Assert-AreEqual $vpnServerConfig1.Id $P2SVpnGateway.VpnServerConfiguration.Id
641646 Assert-AreEqual " Succeeded" $P2SVpnGateway.ProvisioningState
642647 Assert-AreEqual 1 @ ($P2SVpnGateway.CustomDnsServers ).Count
643- Assert-AreEqual " 7.7.7.7" $P2SVpnGateway.CustomDnsServers [0 ]
648+ Assert-AreEqual " 7.7.7.7" $P2SVpnGateway.CustomDnsServers [0 ]
644649 Assert-AreEqual $True $P2SVpnGateway.P2SConnectionConfigurations [0 ].EnableInternetSecurity
645650 Assert-AreEqual $True $P2SVpnGateway.IsRoutingPreferenceInternet
646651
647652 # Reset/Reboot the P2SVpnGateway using Reset-AzP2sVpnGateway
648- $job = Reset-AzP2sVpnGateway - P2SVpnGateway $P2SVpnGateway - AsJob
649- $job | Wait-Job
650- $actual = $job | Receive-Job
653+ $job = Reset-AzP2sVpnGateway - P2SVpnGateway $P2SVpnGateway - AsJob
654+ $job | Wait-Job
655+ $actual = $job | Receive-Job
651656
652657 $P2SVpnGateway = Get-AzP2sVpnGateway - ResourceGroupName $rgName - Name $P2SvpnGatewayName
653658 Assert-AreEqual " Succeeded" $P2SVpnGateway.ProvisioningState
654659
655660 # Get all associated VpnServerConfigurations at Wan level using Get-AzVirtualWanVpnServerConfiguration
656- $associatedVpnServerConfigs = Get-AzVirtualWanVpnServerConfiguration - Name $virtualWanName - ResourceGroupName $rgName
657- Assert-NotNull $associatedVpnServerConfigs
658- Assert-AreEqual 1 @ ($associatedVpnServerConfigs.VpnServerConfigurationResourceIds ).Count
659- Assert-AreEqual $vpnServerConfig1.Id $associatedVpnServerConfigs.VpnServerConfigurationResourceIds [0 ]
661+ $associatedVpnServerConfigs = Get-AzVirtualWanVpnServerConfiguration - Name $virtualWanName - ResourceGroupName $rgName
662+ Assert-NotNull $associatedVpnServerConfigs
663+ Assert-AreEqual 1 @ ($associatedVpnServerConfigs.VpnServerConfigurationResourceIds ).Count
664+ Assert-AreEqual $vpnServerConfig1.Id $associatedVpnServerConfigs.VpnServerConfigurationResourceIds [0 ]
660665
661- # Get VpnServerConfiguration1 and see that it shows as attached to P2SVpnGateway created.
662- $vpnServerConfig1 = Get-AzVpnServerConfiguration - ResourceGroupName $rgName - Name $VpnServerConfiguration1Name
663- Assert-NotNull $vpnServerConfig1
664- Assert-AreEqual $vpnServerConfig1.P2sVpnGateways [0 ].Id $P2SVpnGateway.Id
666+ # Get VpnServerConfiguration1 and see that it shows as attached to P2SVpnGateway created.
667+ $vpnServerConfig1 = Get-AzVpnServerConfiguration - ResourceGroupName $rgName - Name $VpnServerConfiguration1Name
668+ Assert-NotNull $vpnServerConfig1
669+ Assert-AreEqual $vpnServerConfig1.P2sVpnGateways [0 ].Id $P2SVpnGateway.Id
665670
666- # List all VpnServerConfigurations under Resource group
667- $vpnServerConfigs = Get-AzVpnServerConfiguration - ResourceGroupName $rgName
668- Assert-NotNull $vpnServerConfigs
669- Assert-AreEqual 1 @ ($vpnServerConfigs ).Count
670-
671- # Generate vpn profile at Hub/P2SVpnGateway level using Get-AzP2sVpnGatewayVpnProfile
671+ # List all VpnServerConfigurations under Resource group
672+ $vpnServerConfigs = Get-AzVpnServerConfiguration - ResourceGroupName $rgName
673+ Assert-NotNull $vpnServerConfigs
674+ Assert-AreEqual 1 @ ($vpnServerConfigs ).Count
675+
676+ # Generate vpn profile at Hub/P2SVpnGateway level using Get-AzP2sVpnGatewayVpnProfile
672677 $vpnProfileResponse = Get-AzP2sVpnGatewayVpnProfile - Name $P2SVpnGatewayName - ResourceGroupName $rgName - AuthenticationMethod $vpnclientAuthMethod
673678 Assert-NotNull $vpnProfileResponse.ProfileUrl
674679 Assert-AreEqual True ($vpnProfileResponse.ProfileUrl -Match " zip"
@@ -683,14 +688,23 @@ function Test-CortexExpressRouteCRUD
683688 $Secure_String_Pwd = ConvertTo-SecureString " TestRadiusServerPassword" - AsPlainText - Force
684689 New-AzVpnServerConfiguration - Name $VpnServerConfiguration2Name - ResourceGroupName $rgName - VpnProtocol IkeV2 - VpnAuthenticationType Radius - RadiusServerAddress " TestRadiusServer" - RadiusServerSecret $Secure_String_Pwd - RadiusServerRootCertificateFilesList $listOfCerts - RadiusClientRootCertificateFilesList $listOfCerts - Location $rglocation
685690
686- $vpnServerConfig2 = Get-AzVpnServerConfiguration - ResourceGroupName $rgName - Name $VpnServerConfiguration2Name
691+ $vpnServerConfig2 = Get-AzVpnServerConfiguration - ResourceGroupName $rgName - Name $VpnServerConfiguration2Name
687692 Assert-AreEqual " Succeeded" $vpnServerConfig2.ProvisioningState
688693 Assert-AreEqual " TestRadiusServer" $vpnServerConfig2.RadiusServerAddress
689694
690- # List all VpnServerConfigurations under Resource group
691- $vpnServerConfigs = Get-AzVpnServerConfiguration - ResourceGroupName $rgName
692- Assert-NotNull $vpnServerConfigs
693- Assert-AreEqual 2 @ ($vpnServerConfigs ).Count
695+ # Create the VpnServerConfigurationMultiAuth with Radius and Certificate settings using New-AzVpnServerConfiguration
696+ New-AzVpnServerConfiguration - Name $VpnServerConfigurationMultiAuthName - ResourceGroupName $rgName - VpnProtocol OpenVpn - VpnAuthenticationType Radius, Certificate - RadiusServerAddress " TestRadiusServer" - RadiusServerSecret $Secure_String_Pwd - RadiusServerRootCertificateFilesList $listOfCerts - RadiusClientRootCertificateFilesList $listOfCerts - VpnClientRootCertificateFilesList $listOfCerts - Location $rglocation
697+
698+ $vpnServerConfigMultiAuth = Get-AzVpnServerConfiguration - ResourceGroupName $rgName - Name $VpnServerConfigurationMultiAuthName
699+ Assert-AreEqual " Succeeded" $vpnServerConfigMultiAuth.ProvisioningState
700+ Assert-AreEqual " TestRadiusServer" $vpnServerConfigMultiAuth.RadiusServerAddress
701+ $authenticationTypes = $vpnServerConfigMultiAuth.VpnAuthenticationTypes
702+ Assert-AreEqual 2 @ ($authenticationTypes ).Count
703+
704+ # List all VpnServerConfigurations under Resource group
705+ $vpnServerConfigs = Get-AzVpnServerConfiguration - ResourceGroupName $rgName
706+ Assert-NotNull $vpnServerConfigs
707+ Assert-AreEqual 3 @ ($vpnServerConfigs ).Count
694708
695709 # Update existing VpnServerConfiguration2 using Update-AzVpnServerConfiguration
696710 Update-AzVpnServerConfiguration - Name $VpnServerConfiguration2Name - ResourceGroupName $rgName - RadiusServerAddress " TestRadiusServer1"
@@ -704,49 +718,69 @@ function Test-CortexExpressRouteCRUD
704718
705719 Update-AzVpnServerConfiguration - InputObject $VpnServerConfig2Get - RadiusServerAddress " TestRadiusServer3"
706720 $VpnServerConfig2Get = Get-AzVpnServerConfiguration - ResourceGroupName $rgName - Name $VpnServerConfiguration2Name
707- Assert-AreEqual " TestRadiusServer3" $VpnServerConfig2Get.RadiusServerAddress
721+ Assert-AreEqual " TestRadiusServer3" $VpnServerConfig2Get.RadiusServerAddress
722+
723+ # Update existing VpnServerConfigurationMultiAuth using Update-AzVpnServerConfiguration
724+ Update-AzVpnServerConfiguration - Name $VpnServerConfigurationMultiAuthName - ResourceGroupName $rgName - VpnAuthenticationType Radius
725+ $vpnServerConfigMultiAuth = Get-AzVpnServerConfiguration - ResourceGroupName $rgName - Name $VpnServerConfigurationMultiAuthName
726+ Assert-AreEqual " Succeeded" $vpnServerConfigMultiAuth.ProvisioningState
727+ Assert-AreEqual " TestRadiusServer" $vpnServerConfigMultiAuth.RadiusServerAddress
728+ $authenticationTypes = $vpnServerConfigMultiAuth.VpnAuthenticationTypes
729+ Assert-AreEqual 1 @ ($authenticationTypes ).Count
708730
709- # Update existing P2SVpnGateway with new VpnClientAddressPool and CustomDnsServers using Update-AzP2sVpnGateway
710- $vpnClientAddressSpaces [1 ] = " 192.168.4.0/24"
711- $updatedP2SVpnGateway = Update-AzP2sVpnGateway - ResourceGroupName $rgName - Name $P2SvpnGatewayName - VpnClientAddressPool $vpnClientAddressSpaces - CustomDnsServer 9.9 .9.9 - DisableInternetSecurityFlag
731+ Update-AzVpnServerConfiguration - Name $VpnServerConfigurationMultiAuthName - ResourceGroupName $rgName - VpnAuthenticationType Radius, Certificate, AAD - VpnClientRootCertificateFilesList $listOfCerts - AadAudience $aadAudience - AadIssuer $aadIssuer - AadTenant $aadTenant
732+ $vpnServerConfigMultiAuth = Get-AzVpnServerConfiguration - ResourceGroupName $rgName - Name $VpnServerConfigurationMultiAuthName
733+ Assert-AreEqual " Succeeded" $vpnServerConfigMultiAuth.ProvisioningState
734+ Assert-AreEqual " TestRadiusServer" $vpnServerConfigMultiAuth.RadiusServerAddress
735+ Assert-NotNull $vpnServerConfigMultiAuth.AadAuthenticationParameters.AadTenant ;
736+ $authenticationTypes = $vpnServerConfigMultiAuth.VpnAuthenticationTypes
737+ Assert-AreEqual 3 @ ($authenticationTypes ).Count
712738
713- $P2SVpnGateway = Get-AzP2sVpnGateway - ResourceGroupName $rgName - Name $P2SvpnGatewayName
739+ # Update existing P2SVpnGateway with new VpnClientAddressPool and CustomDnsServers using Update-AzP2sVpnGateway
740+ $vpnClientAddressSpaces [1 ] = " 192.168.4.0/24"
741+ $updatedP2SVpnGateway = Update-AzP2sVpnGateway - ResourceGroupName $rgName - Name $P2SvpnGatewayName - VpnClientAddressPool $vpnClientAddressSpaces - CustomDnsServer 9.9 .9.9 - DisableInternetSecurityFlag
742+
743+ $P2SVpnGateway = Get-AzP2sVpnGateway - ResourceGroupName $rgName - Name $P2SvpnGatewayName
714744 Assert-AreEqual $P2SvpnGatewayName $P2SVpnGateway.Name
715745 Assert-AreEqual " Succeeded" $P2SVpnGateway.ProvisioningState
716746 Assert-AreEqual $vpnServerConfig1.Id $P2SVpnGateway.VpnServerConfiguration.Id
717747 $setVpnClientAddressSpacesString = [system.String ]::Join(" " , $vpnClientAddressSpaces )
718- Assert-AreEqual $setVpnClientAddressSpacesString $P2SVpnGateway.P2SConnectionConfigurations [0 ].VpnClientAddressPool.AddressPrefixes
748+ Assert-AreEqual $setVpnClientAddressSpacesString $P2SVpnGateway.P2SConnectionConfigurations [0 ].VpnClientAddressPool.AddressPrefixes
719749 Assert-AreEqual 1 @ ($P2SVpnGateway.CustomDnsServers ).Count
720- Assert-AreEqual " 9.9.9.9" $P2SVpnGateway.CustomDnsServers [0 ]
750+ Assert-AreEqual " 9.9.9.9" $P2SVpnGateway.CustomDnsServers [0 ]
721751 Assert-AreEqual $false $P2SVpnGateway.P2SConnectionConfigurations [0 ].EnableInternetSecurity
722752
723753 # Update existing P2SVpnGateway to remove the CustomDnsServers
724754 $P2SVpnGateway = Get-AzP2sVpnGateway - ResourceGroupName $rgName - Name $P2SvpnGatewayName
725755 Update-AzP2sVpnGateway - ResourceGroupName $rgName - Name $P2SvpnGatewayName - CustomDnsServer @ ()
726- $P2SVpnGateway = Get-AzP2sVpnGateway - ResourceGroupName $rgName - Name $P2SvpnGatewayName
727- Assert-AreEqual 0 @ ($P2SVpnGateway.CustomDnsServers ).Count
756+ $P2SVpnGateway = Get-AzP2sVpnGateway - ResourceGroupName $rgName - Name $P2SvpnGatewayName
757+ Assert-AreEqual 0 @ ($P2SVpnGateway.CustomDnsServers ).Count
728758
729- $associatedVpnServerConfigs = Get-AzVirtualWanVpnServerConfiguration - ResourceId $virtualWan.Id
730- Assert-NotNull $associatedVpnServerConfigs
731- Assert-AreEqual 1 @ ($associatedVpnServerConfigs.VpnServerConfigurationResourceIds ).Count
732- Assert-AreEqual $vpnServerConfig1.Id $associatedVpnServerConfigs.VpnServerConfigurationResourceIds [0 ]
759+ $associatedVpnServerConfigs = Get-AzVirtualWanVpnServerConfiguration - ResourceId $virtualWan.Id
760+ Assert-NotNull $associatedVpnServerConfigs
761+ Assert-AreEqual 1 @ ($associatedVpnServerConfigs.VpnServerConfigurationResourceIds ).Count
762+ Assert-AreEqual $vpnServerConfig1.Id $associatedVpnServerConfigs.VpnServerConfigurationResourceIds [0 ]
733763
734- # Delete VpnServerConfiguration2 using Remove-AzVirtualWanVpnServerConfiguration
764+ # Delete VpnServerConfiguration2 using Remove-AzVpnServerConfiguration
735765 $delete = Remove-AzVpnServerConfiguration - InputObject $VpnServerConfig2Get - Force - PassThru
736766 Assert-AreEqual $True $delete
737767
768+ # Delete VpnServerConfigurationMultiAuthName using Remove-AzVpnServerConfiguration
769+ $delete = Remove-AzVpnServerConfiguration - ResourceGroupName $rgName - Name $VpnServerConfigurationMultiAuthName - Force - PassThru
770+ Assert-AreEqual $True $delete
771+
738772 $vpnServerConfigs = Get-AzVpnServerConfiguration - ResourceGroupName $rgName
739- Assert-NotNull $vpnServerConfigs
740- Assert-AreEqual 1 @ ($vpnServerConfigs ).Count
741-
742- # Get aggreagated point to site connections health from P2SVpnGateway
743- # $aggregatedConnectionHealth = Get-AzP2sVpnGatewayConnectionHealth -Name $P2SvpnGatewayName -ResourceGroupName $rgName
744- # Assert-NotNull $aggregatedConnectionHealth
745- # Assert-NotNull $aggregatedConnectionHealth.VpnClientConnectionHealth
746- # Assert-AreEqual 0 $aggregatedConnectionHealth.VpnClientConnectionHealth.VpnClientConnectionsCount
747-
748- # Get a SAS url for getting detained point to site connections health details.
749- $storetype = ' Standard_GRS'
773+ Assert-NotNull $vpnServerConfigs
774+ Assert-AreEqual 1 @ ($vpnServerConfigs ).Count
775+
776+ # Get aggreagated point to site connections health from P2SVpnGateway
777+ # $aggregatedConnectionHealth = Get-AzP2sVpnGatewayConnectionHealth -Name $P2SvpnGatewayName -ResourceGroupName $rgName
778+ # Assert-NotNull $aggregatedConnectionHealth
779+ # Assert-NotNull $aggregatedConnectionHealth.VpnClientConnectionHealth
780+ # Assert-AreEqual 0 $aggregatedConnectionHealth.VpnClientConnectionHealth.VpnClientConnectionsCount
781+
782+ # Get a SAS url for getting detained point to site connections health details.
783+ $storetype = ' Standard_GRS'
750784 $containerName = " cont$ ( $rgName ) "
751785 New-AzStorageAccount - ResourceGroupName $rgName - Name $storeName - Location $rglocation - Type $storetype
752786 $key = Get-AzStorageAccountKey - ResourceGroupName $rgName - Name $storeName
@@ -758,22 +792,22 @@ function Test-CortexExpressRouteCRUD
758792 $now = get-date
759793 $blobSasUrl = New-AzStorageBlobSASToken - Container $containerName - Blob emptyfile.txt - Context $context - Permission " rwd" - StartTime $now.AddHours (-1 ) - ExpiryTime $now.AddDays (1 ) - FullUri
760794
761- # Get detailed point to site connections health from P2SVpnGateway
762- $detailedConnectionHealth = Get-AzP2sVpnGatewayDetailedConnectionHealth - Name $P2SvpnGatewayName - ResourceGroupName $rgName - OutputBlobSasUrl $blobSasUrl
763- Assert-NotNull $detailedConnectionHealth
764- Assert-NotNull $detailedConnectionHealth.SasUrl
765- Assert-AreEqual $blobSasUrl $detailedConnectionHealth.SasUrl
795+ # Get detailed point to site connections health from P2SVpnGateway
796+ $detailedConnectionHealth = Get-AzP2sVpnGatewayDetailedConnectionHealth - Name $P2SvpnGatewayName - ResourceGroupName $rgName - OutputBlobSasUrl $blobSasUrl
797+ Assert-NotNull $detailedConnectionHealth
798+ Assert-NotNull $detailedConnectionHealth.SasUrl
799+ Assert-AreEqual $blobSasUrl $detailedConnectionHealth.SasUrl
766800 }
767801 finally
768802 {
769803 # Delete P2SVpnGateway using Remove-AzP2sVpnGateway
770804 $delete = Remove-AzP2sVpnGateway - Name $P2SVpnGatewayName - ResourceGroupName $rgName - Force - PassThru
771805 Assert-AreEqual $True $delete
772806
773- # Verify that there are no associated VpnServerConfigurations to Virtual wan anymore
774- $associatedVpnServerConfigs = Get-AzVirtualWanVpnServerConfiguration - Name $virtualWanName - ResourceGroupName $rgName
775- Assert-NotNull $associatedVpnServerConfigs
776- Assert-AreEqual 0 @ ($associatedVpnServerConfigs.VpnServerConfigurationResourceIds ).Count
807+ # Verify that there are no associated VpnServerConfigurations to Virtual wan anymore
808+ $associatedVpnServerConfigs = Get-AzVirtualWanVpnServerConfiguration - Name $virtualWanName - ResourceGroupName $rgName
809+ Assert-NotNull $associatedVpnServerConfigs
810+ Assert-AreEqual 0 @ ($associatedVpnServerConfigs.VpnServerConfigurationResourceIds ).Count
777811
778812 # Delete VpnServerConfiguration1 using Remove-AzVpnServerConfiguration
779813 $delete = Remove-AzVpnServerConfiguration - ResourceGroupName $rgName - Name $VpnServerConfiguration1Name - Force - PassThru
0 commit comments