Merge pull request Azure#11031 from ninweninwe/network-december

[Network January] Disconnect VPN connections

Author: ninweninwe

src/Network/Network.Test/ScenarioTests/CortexTests.cs

@@ -58,5 +58,13 @@ public void TestP2SCortexCRUD()
         {
             TestRunner.RunTestScript("Test-P2SCortexCRUD");
         }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.LiveOnly)]
+        [Trait(Category.Owner, NrpTeamAlias.brooklynft)]
+        public void TestDisconnectAzP2sVpnGatewayVpnConnection()
+        {
+            TestRunner.RunTestScript("Test-DisconnectAzP2sVpnGatewayVpnConnection");
+        }
     }
 }

src/Network/Network.Test/ScenarioTests/CortexTests.ps1

@@ -683,6 +683,89 @@ function Test-CortexExpressRouteCRUD
 		$delete = Remove-AzVirtualWan -InputObject $virtualWan -Force -PassThru
 		Assert-AreEqual $True $delete
 
+		Clean-ResourceGroup $rgname
+     }
+}
+
+<# 
+.SYNOPSIS
+ Disconnect Point to site vpn gateway vpn connection
+ #>
+ function Test-DisconnectAzP2sVpnGatewayVpnConnection
+ {
+ param 
+    ( 
+        $basedir = ".\" 
+    )
+
+    # Setup
+    $rgname = Get-ResourceGroupName
+    $rglocation = "East US"
+ 
+    $virtualWanName = Get-ResourceName
+    $virtualHubName = Get-ResourceName
+    $VpnServerConfiguration1Name = Get-ResourceName
+    $P2SVpnGatewayName = Get-ResourceName
+    
+    try
+	{
+		# Create the resource group
+		New-AzResourceGroup -Name $rgname -Location $rglocation
+
+		# Create the Virtual Wan
+		New-AzVirtualWan -ResourceGroupName $rgName -Name $virtualWanName -Location $rglocation
+		$virtualWan = Get-AzVirtualWan -ResourceGroupName $rgName -Name $virtualWanName
+		Assert-AreEqual $virtualWanName $virtualWan.Name
+
+		# Create the Virtual Hub
+		New-AzVirtualHub -ResourceGroupName $rgName -Name $virtualHubName -Location $rglocation -AddressPrefix "192.168.1.0/24" -VirtualWan $virtualWan
+		$virtualHub = Get-AzVirtualHub -ResourceGroupName $rgName -Name $virtualHubName
+		Assert-AreEqual $virtualHubName $virtualHub.Name
+		Assert-AreEqual $virtualWan.Id $virtualhub.VirtualWan.Id
+
+		# Create the VpnServerConfiguration1 with VpnClient settings using New-AzVpnServerConfiguration
+		$VpnServerConfigCertFilePath = Join-Path -Path $basedir -ChildPath "\ScenarioTests\Data\ApplicationGatewayAuthCert.cer"
+		$listOfCerts = New-Object "System.Collections.Generic.List[String]"
+		$listOfCerts.Add($VpnServerConfigCertFilePath)
+		$vpnclientipsecpolicy1 = New-AzVpnClientIpsecPolicy -IpsecEncryption AES256 -IpsecIntegrity SHA256 -SALifeTime 86471 -SADataSize 429496 -IkeEncryption AES256 -IkeIntegrity SHA384 -DhGroup DHGroup14 -PfsGroup PFS14
+        New-AzVpnServerConfiguration -Name $VpnServerConfiguration1Name -ResourceGroupName $rgName -VpnProtocol IkeV2 -VpnAuthenticationType Certificate -VpnClientRootCertificateFilesList $listOfCerts -VpnClientRevokedCertificateFilesList $listOfCerts -VpnClientIpsecPolicy $vpnclientipsecpolicy1 -Location $rglocation
+
+        # Get created VpnServerConfiguration using Get-AzVpnServerConfiguration
+        $vpnServerConfig1 = Get-AzVpnServerConfiguration -ResourceGroupName $rgName -Name $VpnServerConfiguration1Name
+        Assert-NotNull $vpnServerConfig1
+		
+		# Create the P2SVpnGateway using New-AzP2sVpnGateway
+		$vpnClientAddressSpaces = New-Object string[] 2
+		$vpnClientAddressSpaces[0] = "192.168.2.0/24"
+		$vpnClientAddressSpaces[1] = "192.168.3.0/24"
+		New-AzP2sVpnGateway -ResourceGroupName $rgName -Name $P2SvpnGatewayName -VirtualHub $virtualHub -VpnGatewayScaleUnit 1 -VpnClientAddressPool $vpnClientAddressSpaces -VpnServerConfiguration $vpnServerConfig1
+		
+		# Get the created P2SVpnGateway using Get-AzP2sVpnGateway
+		$P2SVpnGateway = Get-AzP2sVpnGateway -ResourceGroupName $rgName -Name $P2SvpnGatewayName
+		Assert-AreEqual $P2SvpnGatewayName $P2SVpnGateway.Name
+		Assert-AreEqual "Succeeded" $P2SVpnGateway.ProvisioningState
+
+		$expected = Disconnect-AzP2SVpnGatewayVpnConnection -ResourceGroupName $rgname -ResourceName $P2SvpnGatewayName -VpnConnectionId @("IKEv2_1e1cfe59-5c7c-4315-a876-b11fbfdfeed4")
+        Assert-AreEqual $expected.Name $P2SVpnGateway.Name
+     }
+     finally
+     {
+		# Delete P2SVpnGateway using Remove-AzP2sVpnGateway
+		$delete = Remove-AzP2sVpnGateway -Name $P2SVpnGatewayName -ResourceGroupName $rgName -Force -PassThru
+		Assert-AreEqual $True $delete
+
+		# Delete VpnServerConfiguration1 using Remove-AzVpnServerConfiguration      
+		$delete = Remove-AzVpnServerConfiguration -ResourceGroupName $rgName -Name $VpnServerConfiguration1Name -Force -PassThru
+		Assert-AreEqual $True $delete
+
+		# Delete Virtual hub
+		$delete = Remove-AzVirtualHub -ResourceGroupName $rgname -Name $virtualHubName -Force -PassThru
+		Assert-AreEqual $True $delete
+
+		# Delete Virtual wan
+		$delete = Remove-AzVirtualWan -InputObject $virtualWan -Force -PassThru
+		Assert-AreEqual $True $delete
+
 		Clean-ResourceGroup $rgname
      }
 }

src/Network/Network.Test/ScenarioTests/VirtualNetworkGatewayTests.cs

@@ -131,5 +131,13 @@ public void TestVirtualNetworKGatewayPacketCapture()
         {
             TestRunner.RunTestScript("Test-VirtualNetworKGatewayPacketCapture");
         }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        [Trait(Category.Owner, NrpTeamAlias.brooklynft_subset2)]
+        public void TestDisconnectVirtualNetworkGatewayVpnConnection()
+        {
+            TestRunner.RunTestScript("Test-DisconnectVNGVpnConnection");
+        }
     }
 }

src/Network/Network.Test/ScenarioTests/VirtualNetworkGatewayTests.ps1

@@ -1065,4 +1065,61 @@ function Test-VirtualNetworKGatewayPacketCapture
         # Cleanup
         Clean-ResourceGroup $rgname
      }
-}
+}
+
+<# 
+.SYNOPSIS
+Disconnect Virtual network gateway Vpn Client Connection
+#>
+function Test-DisconnectVNGVpnConnection
+{
+	param 
+    ( 
+        $basedir = ".\" 
+    )
+
+	# Setup
+    $rgname = Get-ResourceGroupName
+    $rname = Get-ResourceName
+    $domainNameLabel = Get-ResourceName
+    $vnetName = Get-ResourceName
+    $publicIpName = Get-ResourceName
+    $vnetGatewayConfigName = Get-ResourceName
+    $rglocation = "East US"
+    $location = $rglocation
+
+	try 
+	{
+		# Create the resource group
+		New-AzResourceGroup -Name $rgname -Location $rglocation -Tags @{ testtag = "testval" }
+	
+		# create the client root cert
+		$clientRootCertName = "BrkLiteTestMSFTRootCA.cer"
+		#[SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine")]
+		$samplePublicCertData = "MIIDUzCCAj+gAwIBAgIQRggGmrpGj4pCblTanQRNUjAJBgUrDgMCHQUAMDQxEjAQBgNVBAoTCU1pY3Jvc29mdDEeMBwGA1UEAxMVQnJrIExpdGUgVGVzdCBSb290IENBMB4XDTEzMDExOTAwMjQxOFoXDTIxMDExOTAwMjQxN1owNDESMBAGA1UEChMJTWljcm9zb2Z0MR4wHAYDVQQDExVCcmsgTGl0ZSBUZXN0IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7SmE+iPULK0Rs7mQBO/6a6B6/G9BaMxHgDGzAmSG0Qsyt5e08aqgFnPdkMl3zRJw3lPKGha/JCvHRNrO8UpeAfc4IXWaqxx2iBipHjwmHPHh7+VB8lU0EJcUe7WBAI2n/sgfCwc+xKtuyRVlOhT6qw/nAi8e5don/iHPU6q7GCcnqoqtceQ/pJ8m66cvAnxwJlBFOTninhb2VjtvOfMQ07zPP+ZuYDPxvX5v3nd6yDa98yW4dZPuiGO2s6zJAfOPT2BrtyvLekItnSgAw3U5C0bOb+8XVKaDZQXbGEtOw6NZvD4L2yLd47nGkN2QXloiPLGyetrj3Z2pZYcrZBo8hAgMBAAGjaTBnMGUGA1UdAQReMFyAEOncRAPNcvJDoe4WP/gH2U+hNjA0MRIwEAYDVQQKEwlNaWNyb3NvZnQxHjAcBgNVBAMTFUJyayBMaXRlIFRlc3QgUm9vdCBDQYIQRggGmrpGj4pCblTanQRNUjAJBgUrDgMCHQUAA4IBAQCGyHhMdygS0g2tEUtRT4KFM+qqUY5HBpbIXNAav1a1dmXpHQCziuuxxzu3iq4XwnWUF1OabdDE2cpxNDOWxSsIxfEBf9ifaoz/O1ToJ0K757q2Rm2NWqQ7bNN8ArhvkNWa95S9gk9ZHZLUcjqanf0F8taJCYgzcbUSp+VBe9DcN89sJpYvfiBiAsMVqGPc/fHJgTScK+8QYrTRMubtFmXHbzBSO/KTAP5rBTxse88EGjK5F8wcedvge2Ksk6XjL3sZ19+Oj8KTQ72wihN900p1WQldHrrnbixSpmHBXbHr9U0NQigrJp5NphfuU5j81C8ixvfUdwyLmTv7rNA7GTAD";
+		$rootCert = New-AzVpnClientRootCertificate -Name $clientRootCertName -PublicCertData $samplePublicCertData
+
+		# Create the Virtual Network
+		$subnet = New-AzVirtualNetworkSubnetConfig -Name "GatewaySubnet" -AddressPrefix 10.0.0.0/24
+		$vnet = New-AzVirtualNetwork -Name $vnetName -ResourceGroupName $rgname -Location $location -AddressPrefix 10.0.0.0/16 -Subnet $subnet
+		$vnet = Get-AzVirtualNetwork -Name $vnetName -ResourceGroupName $rgname
+		$subnet = Get-AzVirtualNetworkSubnetConfig -Name "GatewaySubnet" -VirtualNetwork $vnet
+
+		# Create the IP config
+		$publicip = New-AzPublicIpAddress -ResourceGroupName $rgname -name $publicIpName -location $location -AllocationMethod Dynamic -DomainNameLabel $domainNameLabel
+		$vnetIpConfig = New-AzVirtualNetworkGatewayIpConfig -Name $vnetGatewayConfigName -PublicIpAddress $publicip -Subnet $subnet
+      
+		# Create & Get P2S virtualnetworkgateway
+		New-AzVirtualNetworkGateway -ResourceGroupName $rgname -name $rname -location $location -IpConfigurations $vnetIpConfig -GatewayType Vpn -VpnType RouteBased -EnableBgp $false -GatewaySku VpnGw1 -VpnClientAddressPool 201.169.0.0/16 -VpnClientRootCertificates $rootCert
+		$actual = Get-AzVirtualNetworkGateway -ResourceGroupName $rgname -name $rname
+		Assert-AreEqual "Succeeded" $actual.ProvisioningState
+		
+        $expected = Disconnect-AzVirtualNetworkGatewayVpnConnection -ResourceGroupName $rgname -ResourceName $rname -VpnConnectionId @("IKEv2_1e1cfe59-5c7c-4315-a876-b11fbfdfeed4")
+        Assert-AreEqual $expected.Name $actual.Name
+	}
+	finally
+    {
+		# Cleanup
+        Clean-ResourceGroup $rgname
+    }
+}