Azure · wyunchi-ms · Aug 28, 2020 · Jul 21, 2020 · Jul 21, 2020 · Jul 22, 2020
diff --git a/src/Network/Network.Test/ScenarioTests/CortexTests.ps1 b/src/Network/Network.Test/ScenarioTests/CortexTests.ps1
@@ -176,6 +176,14 @@ function Test-CortexCRUD
 
 		$vpnGatewaysAll = Get-AzureRmVpnGateway
         Assert-NotNull $vpnGatewaysAll
+
+		# Reset/Reboot the VpnGateway using Reset-AzVpnGateway
+        $job = Reset-AzVpnGateway -VpnGateway $vpnGateway -AsJob
+	    $job | Wait-Job
+	    $actual = $job | Receive-Job
+
+		$vpnGateway = Get-AzVpnGateway -ResourceGroupName $rgName -Name $vpnGatewayName
+		Assert-AreEqual "Succeeded" $vpnGateway.ProvisioningState
 
 		# Create the VpnConnection
 		$createdVpnConnection = New-AzVpnConnection -ResourceGroupName $rgName -ParentResourceName $vpnGatewayName -Name $vpnConnectionName -VpnSite $vpnSite -ConnectionBandwidth 20 -UseLocalAzureIpAddress 
@@ -548,10 +556,9 @@ function Test-CortexExpressRouteCRUD
 		$vpnClientAddressSpaces = New-Object string[] 2
 		$vpnClientAddressSpaces[0] = "192.168.2.0/24"
 		$vpnClientAddressSpaces[1] = "192.168.3.0/24"
-		$customDnsServers = New-Object string[] 2
+		$customDnsServers = New-Object string[] 1
 		$customDnsServers[0] = "7.7.7.7"
-		$customDnsServers[1] = "8.8.8.8"
-		$createdP2SVpnGateway = New-AzP2sVpnGateway -ResourceGroupName $rgName -Name $P2SvpnGatewayName -VirtualHub $virtualHub -VpnGatewayScaleUnit 1 -VpnClientAddressPool $vpnClientAddressSpaces -VpnServerConfiguration $vpnServerConfig1 -CustomDnsServer $customDnsServers
+		$createdP2SVpnGateway = New-AzP2sVpnGateway -ResourceGroupName $rgName -Name $P2SvpnGatewayName -VirtualHub $virtualHub -VpnGatewayScaleUnit 1 -VpnClientAddressPool $vpnClientAddressSpaces -VpnServerConfiguration $vpnServerConfig1 -CustomDnsServer $customDnsServers -EnableInternetSecurityFlag
 		Assert-AreEqual "Succeeded" $createdP2SVpnGateway.ProvisioningState
 
 		# Get the created P2SVpnGateway using Get-AzP2sVpnGateway
@@ -560,9 +567,17 @@ function Test-CortexExpressRouteCRUD
 		Assert-AreEqual $P2SvpnGatewayName $P2SVpnGateway.Name
 		Assert-AreEqual $vpnServerConfig1.Id $P2SVpnGateway.VpnServerConfiguration.Id
 		Assert-AreEqual "Succeeded" $P2SVpnGateway.ProvisioningState
-		Assert-AreEqual 2 @($P2SVpnGateway.CustomDnsServers).Count
+		Assert-AreEqual 1 @($P2SVpnGateway.CustomDnsServers).Count
         Assert-AreEqual "7.7.7.7" $P2SVpnGateway.CustomDnsServers[0]
-		Assert-AreEqual "8.8.8.8" $P2SVpnGateway.CustomDnsServers[1]
+		Assert-AreEqual $True $P2SVpnGateway.P2SConnectionConfigurations[0].EnableInternetSecurity
+
+		# Reset/Reboot the P2SVpnGateway using Reset-AzP2sVpnGateway
+        $job = Reset-AzP2sVpnGateway -P2SVpnGateway $P2SVpnGateway -AsJob
+	    $job | Wait-Job
+	    $actual = $job | Receive-Job
+
+		$P2SVpnGateway = Get-AzP2sVpnGateway -ResourceGroupName $rgName -Name $P2SvpnGatewayName
+		Assert-AreEqual "Succeeded" $P2SVpnGateway.ProvisioningState
 
 		# Get all associated VpnServerConfigurations at Wan level using Get-AzVirtualWanVpnServerConfiguration
         $associatedVpnServerConfigs = Get-AzVirtualWanVpnServerConfiguration -Name $virtualWanName -ResourceGroupName $rgName
@@ -620,7 +635,7 @@ function Test-CortexExpressRouteCRUD
 
         # Update existing P2SVpnGateway  with new VpnClientAddressPool and CustomDnsServers using Update-AzP2sVpnGateway
         $vpnClientAddressSpaces[1] = "192.168.4.0/24"
-        $updatedP2SVpnGateway = Update-AzP2sVpnGateway -ResourceGroupName $rgName -Name $P2SvpnGatewayName -VpnClientAddressPool $vpnClientAddressSpaces -CustomDnsServer 9.9.9.9
+        $updatedP2SVpnGateway = Update-AzP2sVpnGateway -ResourceGroupName $rgName -Name $P2SvpnGatewayName -VpnClientAddressPool $vpnClientAddressSpaces -CustomDnsServer 9.9.9.9 -DisableInternetSecurityFlag
 
         $P2SVpnGateway = Get-AzP2sVpnGateway -ResourceGroupName $rgName -Name $P2SvpnGatewayName
 		Assert-AreEqual $P2SvpnGatewayName $P2SVpnGateway.Name
@@ -630,6 +645,7 @@ function Test-CortexExpressRouteCRUD
         Assert-AreEqual $setVpnClientAddressSpacesString $P2SVpnGateway.P2SConnectionConfigurations[0].VpnClientAddressPool.AddressPrefixes
 		Assert-AreEqual 1 @($P2SVpnGateway.CustomDnsServers).Count
         Assert-AreEqual "9.9.9.9" $P2SVpnGateway.CustomDnsServers[0]
+		Assert-AreEqual $false $P2SVpnGateway.P2SConnectionConfigurations[0].EnableInternetSecurity
 
 		# Update existing P2SVpnGateway to remove the CustomDnsServers
 		$P2SVpnGateway = Get-AzP2sVpnGateway -ResourceGroupName $rgName -Name $P2SvpnGatewayName

diff --git a/...est/SessionRecords/Commands.Network.Test.ScenarioTests.CortexTests/TestP2SCortexCRUD.json b/...est/SessionRecords/Commands.Network.Test.ScenarioTests.CortexTests/TestP2SCortexCRUD.json
diff --git a/src/Network/Network/Az.Network.psd1 b/src/Network/Network/Az.Network.psd1
@@ -399,7 +399,7 @@ CmdletsToExport = 'Add-AzApplicationGatewayAuthenticationCertificate',
                'Remove-AzVirtualHub', 'Set-AzVirtualHub', 'New-AzVirtualHubRoute', 
                'Add-AzVirtualHubRoute', 'New-AzVirtualHubRouteTable', 
                'Add-AzVirtualHubRouteTable', 'Get-AzVirtualHubRouteTable', 
-               'Remove-AzVirtualHubRouteTable', 'New-AzVpnGateway', 
+               'Remove-AzVirtualHubRouteTable', 'New-AzVpnGateway', 'Reset-AzVpnGateway',
                'Get-AzVpnGateway', 'Update-AzVpnGateway', 'Remove-AzVpnGateway', 
                'New-AzVpnSite', 'New-AzVpnSiteLink', 'New-AzVpnSiteLinkConnection', 
                'Get-AzVpnSite', 'Update-AzVpnSite', 'Remove-AzVpnSite', 
@@ -414,7 +414,7 @@ CmdletsToExport = 'Add-AzApplicationGatewayAuthenticationCertificate',
                'Get-AzP2sVpnGatewayConnectionHealth', 
                'Get-AzP2sVpnGatewayDetailedConnectionHealth', 
                'Get-AzP2sVpnGatewayVpnProfile', 'New-AzP2sVpnGateway', 
-               'Remove-AzP2sVpnGateway', 'Update-AzP2sVpnGateway', 
+               'Remove-AzP2sVpnGateway', 'Update-AzP2sVpnGateway', 'Reset-AzP2sVpnGateway',
                'Get-AzVirtualWanVpnConfiguration', 'Get-AzFirewall', 
                'Set-AzFirewall', 'New-AzFirewall', 'Remove-AzFirewall', 
                'New-AzFirewallApplicationRuleCollection', 

diff --git a/src/Network/Network/ChangeLog.md b/src/Network/Network/ChangeLog.md
@@ -58,6 +58,11 @@
 * Onboarded Application Gateway to Private Link Common Cmdlets
 * Onboarded StorageSync to Private Link Common Cmdlets
 * Onboarded SignalR to Private Link Common Cmdlets
+* Updated below commands for feature: Enable internet security set/remove on VirtualWan P2SVpnGateway.
+- Updated `New-AzP2sVpnGateway`: Added optional switch parameter `EnableInternetSecurityFlag` for customers to set true to enable internet security on P2SVpnGateway, which will be applied for Point to site clients.
+- Updated `Update-AzP2sVpnGateway`: Added optional switch parameters `EnableInternetSecurityFlag` or `DisableInternetSecurityFlag` for customers to set true/false to enable/disable internet security on P2SVpnGateway, which will be applied for Point to site clients.
+* Added new cmdlet `Reset-AzP2sVpnGateway` for customers to reset/reboot their VirtualWan P2SVpnGateway for troubleshooting.
+* Added new cmdlet `Reset-AzVpnGateway` for customers to reset/reboot their VirtualWan VpnGateway for troubleshooting.
 
 ## Version 3.1.0
 * Added support for AddressPrefixType parameter to `Remove-AzExpressRouteCircuitConnectionConfig`

diff --git a/src/Network/Network/Cortex/P2SVpnGateway/NewAzureRmP2sVpnGatewayCommand.cs b/src/Network/Network/Cortex/P2SVpnGateway/NewAzureRmP2sVpnGatewayCommand.cs
@@ -142,6 +142,11 @@ public class NewAzureRmP2SVpnGatewayCommand : P2SVpnGatewayBaseCmdlet
            HelpMessage = "The routing configuration for this P2SVpnGateway P2SConnectionConfiguration")]
         public PSRoutingConfiguration RoutingConfiguration { get; set; }
 
+        [Parameter(
+            Mandatory = false,
+            HelpMessage = "Flag to enable internet security feature on this P2SVpnGateway P2SConnectionConfiguration.")]
+        public SwitchParameter EnableInternetSecurityFlag { get; set; }
+
         [Parameter(
             Mandatory = false,
             HelpMessage = "A hashtable which represents resource tags.")]
@@ -203,7 +208,8 @@ public override void Execute()
                 VpnClientAddressPool = new PSAddressSpace()
                 {
                     AddressPrefixes = new List<string>(this.VpnClientAddressPool)
-                }
+                },
+                EnableInternetSecurity = this.EnableInternetSecurityFlag.IsPresent
             };
 
             if (this.RoutingConfiguration != null)

diff --git a/src/Network/Network/Cortex/P2SVpnGateway/ResetAzureP2SVpnGatewayCommand.cs b/src/Network/Network/Cortex/P2SVpnGateway/ResetAzureP2SVpnGatewayCommand.cs
@@ -0,0 +1,106 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using AutoMapper;
+using Microsoft.Azure.Commands.Network.Models;
+using Microsoft.Azure.Commands.ResourceManager.Common.ArgumentCompleters;
+using Microsoft.Azure.Commands.ResourceManager.Common.Tags;
+using Microsoft.Azure.Management.Internal.Resources.Utilities.Models;
+using Microsoft.Azure.Management.Network;
+using System;
+using System.Management.Automation;
+
+namespace Microsoft.Azure.Commands.Network
+{
+    [Cmdlet("Reset",
+    ResourceManager.Common.AzureRMConstants.AzureRMPrefix + "P2sVpnGateway",
+    DefaultParameterSetName = CortexParameterSetNames.ByP2SVpnGatewayName,
+    SupportsShouldProcess = true),
+    OutputType(typeof(PSP2SVpnGateway))]
+    public class ResetAzureP2SVpnGatewayCommand : P2SVpnGatewayBaseCmdlet
+    {
+        [Parameter(
+            ParameterSetName = CortexParameterSetNames.ByP2SVpnGatewayName,
+            Mandatory = true,
+            HelpMessage = "The resource group name.")]
+        [ResourceGroupCompleter]
+        [ValidateNotNullOrEmpty]
+        public string ResourceGroupName { get; set; }
+
+        [Alias("ResourceName", "P2SVpnGatewayName", "GatewayName")]
+        [Parameter(
+            ParameterSetName = CortexParameterSetNames.ByP2SVpnGatewayName,
+            Mandatory = true,
+            HelpMessage = "The p2s vpn gateway name.")]
+        [ResourceNameCompleter("Microsoft.Network/p2sVpnGateways", "ResourceGroupName")]
+        [ValidateNotNullOrEmpty]
+        public string Name { get; set; }
+
+        [Alias("P2SVpnGateway")]
+        [Parameter(
+            ParameterSetName = CortexParameterSetNames.ByP2SVpnGatewayObject,
+            Mandatory = true,
+            ValueFromPipeline = true,
+            HelpMessage = "The p2s vpn gateway to reset")]
+        [ValidateNotNullOrEmpty]
+        public PSP2SVpnGateway InputObject { get; set; }
+
+        [Parameter(
+            ParameterSetName = CortexParameterSetNames.ByP2SVpnGatewayResourceId,
+            Mandatory = true,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "The Azure resource ID of the P2SVpnGateway to reset.")]
+        [ValidateNotNullOrEmpty]
+        public string ResourceId { get; set; }
+
+        [Parameter(Mandatory = false, HelpMessage = "Run cmdlet in the background")]
+        public SwitchParameter AsJob { get; set; }
+
+        public override void Execute()
+        {
+            PSP2SVpnGateway existingVpnGateway = null;
+            if (ParameterSetName.Equals(CortexParameterSetNames.ByP2SVpnGatewayObject))
+            {
+                existingVpnGateway = this.InputObject;
+                this.ResourceGroupName = this.InputObject.ResourceGroupName;
+                this.Name = this.InputObject.Name;
+            }
+            else
+            {
+                if (ParameterSetName.Equals(CortexParameterSetNames.ByP2SVpnGatewayResourceId))
+                {
+                    var parsedResourceId = new ResourceIdentifier(ResourceId);
+                    Name = parsedResourceId.ResourceName;
+                    ResourceGroupName = parsedResourceId.ResourceGroupName;
+                }
+
+                existingVpnGateway = this.GetP2SVpnGateway(this.ResourceGroupName, this.Name);
+            }
+
+            if (existingVpnGateway == null)
+            {
+                throw new PSArgumentException(Properties.Resources.P2SVpnGatewayNotFound);
+            }
+
+            string shouldProcessMessage = string.Format("Execute {0}P2sVpnGateway for ResourceGroupName {1} P2SVpnGateway {2}", ResourceManager.Common.AzureRMConstants.AzureRMPrefix, this.ResourceGroupName, this.Name);
+            if (ShouldProcess(shouldProcessMessage, VerbsCommon.Reset))
+            {
+                this.P2SVpnGatewayClient.Reset(this.ResourceGroupName, this.Name);
+
+                var getVpnGateway = this.GetP2SVpnGateway(this.ResourceGroupName, this.Name);
+                WriteObject(getVpnGateway);
+            }
+        }
+    }
+}
diff --git a/src/Network/Network/Cortex/P2SVpnGateway/UpdateAzureRmP2SVpnGatewayCommand.cs b/src/Network/Network/Cortex/P2SVpnGateway/UpdateAzureRmP2SVpnGatewayCommand.cs
@@ -163,6 +163,16 @@ public class UpdateAzureRmP2SVpnGatewayCommand : P2SVpnGatewayBaseCmdlet
            HelpMessage = "The routing configuration for this P2SVpnGateway P2SConnectionConfiguration")]
         public PSRoutingConfiguration RoutingConfiguration { get; set; }
 
+        [Parameter(
+            Mandatory = false,
+            HelpMessage = "Flag to enable internet security feature on this P2SVpnGateway P2SConnectionConfiguration.")]
+        public SwitchParameter EnableInternetSecurityFlag { get; set; }
+
+        [Parameter(
+            Mandatory = false,
+            HelpMessage = "Flag to disable internet security feature on this P2SVpnGateway P2SConnectionConfiguration.")]
+        public SwitchParameter DisableInternetSecurityFlag { get; set; }
+
         [Parameter(
             Mandatory = false,
             HelpMessage = "A hashtable which represents resource tags.")]
@@ -206,28 +216,42 @@ public override void Execute()
             }
 
             //// Modify the P2SConnectionConfigurations
-            if (this.VpnClientAddressPool != null)
+            if (existingP2SVpnGateway.P2SConnectionConfigurations == null || !existingP2SVpnGateway.P2SConnectionConfigurations.Any())
             {
-                if (existingP2SVpnGateway.P2SConnectionConfigurations != null && existingP2SVpnGateway.P2SConnectionConfigurations.Any())
-                {
-                    existingP2SVpnGateway.P2SConnectionConfigurations[0].VpnClientAddressPool.AddressPrefixes.Clear();
-                    existingP2SVpnGateway.P2SConnectionConfigurations[0].VpnClientAddressPool.AddressPrefixes = new List<string>(this.VpnClientAddressPool);
-                }
-                else
+                PSP2SConnectionConfiguration p2sConnectionConfig = new PSP2SConnectionConfiguration()
                 {
-                    PSP2SConnectionConfiguration p2sConnectionConfig = new PSP2SConnectionConfiguration()
+                    Name = P2SConnectionConfigurationName,
+                    VpnClientAddressPool = new PSAddressSpace()
                     {
-                        Name = P2SConnectionConfigurationName,
-                        VpnClientAddressPool = new PSAddressSpace()
-                        {
-                            AddressPrefixes = new List<string>(this.VpnClientAddressPool)
-                        }
-                    };
-                    existingP2SVpnGateway.P2SConnectionConfigurations = new List<PSP2SConnectionConfiguration>()
+                        AddressPrefixes = new List<string>()
+                    }
+                };
+
+                existingP2SVpnGateway.P2SConnectionConfigurations = new List<PSP2SConnectionConfiguration>()
                     {
                         p2sConnectionConfig
                     };
-                }
+            }
+
+            if (this.VpnClientAddressPool != null)
+            {
+                existingP2SVpnGateway.P2SConnectionConfigurations[0].VpnClientAddressPool.AddressPrefixes.Clear();
+                existingP2SVpnGateway.P2SConnectionConfigurations[0].VpnClientAddressPool.AddressPrefixes = new List<string>(this.VpnClientAddressPool);
+            }
+
+            if (this.EnableInternetSecurityFlag.IsPresent && this.DisableInternetSecurityFlag.IsPresent)
+            {
+                throw new ArgumentException("Both EnableInternetSecurityFlag and DisableInternetSecurityFlag Parameters can not be passed.");
+            }
+
+            if (this.EnableInternetSecurityFlag.IsPresent)
+            {
+                existingP2SVpnGateway.P2SConnectionConfigurations[0].EnableInternetSecurity = true;
+            }
+
+            if (this.DisableInternetSecurityFlag.IsPresent)
+            {
+                existingP2SVpnGateway.P2SConnectionConfigurations[0].EnableInternetSecurity = false;
             }
 
             if (this.RoutingConfiguration != null)
@@ -237,22 +261,7 @@ public override void Execute()
                     throw new PSArgumentException(Properties.Resources.StaticRoutesNotSupportedForThisRoutingConfiguration);
                 }
 
-                if (existingP2SVpnGateway.P2SConnectionConfigurations != null && existingP2SVpnGateway.P2SConnectionConfigurations.Any())
-                {
-                    existingP2SVpnGateway.P2SConnectionConfigurations[0].RoutingConfiguration = RoutingConfiguration;
-                }
-                else
-                {
-                    PSP2SConnectionConfiguration p2sConnectionConfig = new PSP2SConnectionConfiguration()
-                    {
-                        Name = P2SConnectionConfigurationName,
-                        RoutingConfiguration = RoutingConfiguration
-                    };
-                    existingP2SVpnGateway.P2SConnectionConfigurations = new List<PSP2SConnectionConfiguration>()
-                    {
-                        p2sConnectionConfig
-                    };
-                }
+                existingP2SVpnGateway.P2SConnectionConfigurations[0].RoutingConfiguration = RoutingConfiguration;
             }
 
             // Set the custom dns servers, if it is specified by customer.