add azure-ad-group name

In the R81.10.X releases, this command is available starting from the R81.10.15 version.

Description

The user is configured within a group on Azure AD. You create the same group name on the Quantum Spark Gateway.

When the user connects with Remote Access VPN to the Quantum Spark Gateway, it recognizes that the user belongs to Azure AD and allows routing all traffic through this VPN tunnel.

Use this command to add the required Azure AD group on the Quantum Spark Gateway.

See:

In WebUI, this corresponds to:

Click the VPN view > Remote Access section > Remote Access Users page.
Click Add > Active Directory > Azure AD Group.

Syntax

add azure-ad-group name EXT_ID_<Name of Group in Azure AD> override-global-settings { true | false } route-via-vpn { true | false } comments "<Comment Text>"

Parameters

Parameter

Description

name

Specifies the group name in this format:

EXT_ID_<Name of Group in Azure AD>

Notes:

The group name must always start with this prefix:

EXT_ID_

and continue with the group name as configured in Azure AD.
A string that begins with a letter and contains up to 32 characters without spaces, of this set:
- a-z (lower-case letters)
- 0-9 (digits)
- '.' (period)
- '-' (minus)
- '~' (tilde)
- '_' (underscore)

override-global-settings

Specifies whether for this Azure AD group to override (true) or not (false) the global settings to route all traffic through the VPN tunnel.

route-via-vpn

Specifies whether to route (true) or not (false) all traffic from this Azure AD group through the Remote Access VPN tunnel.

comments

Specifies an optional comment.

A string that contains less than 257 characters, of this set:

a-z (lower-case letters)
A-Z (upper-case letters)
0-9 (digits)
',' (comma)
'.' (period)
'-' (minus)
'(' (opening round bracket)
')' (closing round bracket)
':' (colon)
'@' (at)

Example Command

add azure-ad-group name EXT_ID_group_test override-global-settings true route-via-vpn true comments "My test group"