Export (0) Print
Expand All
Collapse the table of content
Expand the table of content
Expand Minimize

Set-VpnServerConfiguration

Windows Server Technical Preview and Windows 10

Set-VpnServerConfiguration

Updates S2S server parameters.

Syntax

Parameter Set: CustomPolicy
Set-VpnServerConfiguration -CustomPolicy [-AuthenticationTransformConstants <AuthenticationTransformConstants> {MD596 | SHA196 | SHA256128 | GCMAES128 | GCMAES192 | GCMAES256 | None} ] [-CimSession <CimSession[]> ] [-CipherTransformConstants <CipherTransformConstants> {DES | DES3 | AES128 | AES192 | AES256 | GCMAES128 | GCMAES192 | GCMAES256 | None} ] [-DHGroup <DHGroup> {None | Group1 | Group2 | Group14 | ECP256 | ECP384 | Group24} ] [-EncryptionMethod <EncryptionMethod> {DES | DES3 | AES128 | AES192 | AES256} ] [-GrePorts <UInt32> ] [-IdleDisconnectSeconds <UInt32> ] [-Ikev2Ports <UInt32> ] [-InformationAction <ActionPreference> {SilentlyContinue | Stop | Continue | Inquire | Ignore | Suspend} ] [-InformationVariable <String> ] [-IntegrityCheckMethod <IntegrityCheckMethod> {MD5 | SHA1 | SHA256 | SHA384} ] [-L2tpPorts <UInt32> ] [-MMSALifeTimeSeconds <UInt32> ] [-PassThru] [-PfsGroup <PfsGroup> {None | PFS1 | PFS2 | PFS2048 | ECP256 | ECP384 | PFSMM | PFS24} ] [-SADataSizeForRenegotiationKilobytes <UInt32> ] [-SALifeTimeSeconds <UInt32> ] [-SstpPorts <UInt32> ] [-ThrottleLimit <Int32> ] [-TunnelType <TunnelType> {IKEV2 | L2TP} ] [-Confirm] [-WhatIf] [ <CommonParameters>] [ <WorkflowParameters>]

Parameter Set: EncryptionType
Set-VpnServerConfiguration [-CimSession <CimSession[]> ] [-EncryptionType <String> {NoEncryption | RequireEncryption | OptionalEncryption | MaximumEncryption} ] [-GrePorts <UInt32> ] [-IdleDisconnectSeconds <UInt32> ] [-Ikev2Ports <UInt32> ] [-InformationAction <ActionPreference> {SilentlyContinue | Stop | Continue | Inquire | Ignore | Suspend} ] [-InformationVariable <String> ] [-L2tpPorts <UInt32> ] [-MMSALifeTimeSeconds <UInt32> ] [-PassThru] [-SADataSizeForRenegotiationKilobytes <UInt32> ] [-SALifeTimeSeconds <UInt32> ] [-SstpPorts <UInt32> ] [-ThrottleLimit <Int32> ] [-TunnelType <TunnelType> {IKEV2 | L2TP} ] [-Confirm] [-WhatIf] [ <CommonParameters>] [ <WorkflowParameters>]

Parameter Set: RevertToDefault
Set-VpnServerConfiguration -RevertToDefault [-CimSession <CimSession[]> ] [-InformationAction <ActionPreference> {SilentlyContinue | Stop | Continue | Inquire | Ignore | Suspend} ] [-InformationVariable <String> ] [-PassThru] [-ThrottleLimit <Int32> ] [-TunnelType <TunnelType> {IKEV2 | L2TP} ] [-Confirm] [-WhatIf] [ <CommonParameters>] [ <WorkflowParameters>]




Detailed Description

The Set-VpnServerConfiguration cmdlet updates IPSEC properties on RRAS server for incoming S2S VPN Interfaces. By Specifying CustomPolicy, IPsec parameters can be customized.

Parameters

-AuthenticationTransformConstants<AuthenticationTransformConstants>

Specifies the authentication transform plumbed in Ipsec policy.


Aliases

FirstTransformType

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-CimSession<CimSession[]>

Runs the cmdlet in a remote session or on a remote computer. Enter a computer name or a session object, such as the output of a New-CimSession or Get-CimSession cmdlet. The default is the current session on the local computer.


Aliases

Session

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-CipherTransformConstants<CipherTransformConstants>

Specifies the cipher plumbed in IPsec policy.


Aliases

FirstCipherAlgorithm,OtherCipherAlgorithm

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-CustomPolicy

Indicates the custom IKE IPSEC policy.


Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-DHGroup<DHGroup>

Specifies the DH Group Plumbed in Ipsec policy.


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-EncryptionMethod<EncryptionMethod>

Specifies the encryption method plumbed in IKE policy.


Aliases

Encryption

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-EncryptionType<String>

Specifies the type of Encryption.


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-GrePorts<UInt32>

Specifies the number of Generic Routing Encapsulation (GRE) ports.


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-IdleDisconnectSeconds<UInt32>

Specifies the time, in seconds, after which an idle connection is terminated. Unless the idle time-out is disabled, the entire connection is terminated if the connection is idle for the specified interval.


Aliases

IdleDurationSeconds

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-Ikev2Ports<UInt32>

Specifies the number of IKEv2 ports that are created.


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-InformationAction<ActionPreference>

Specifies how this cmdlet responds to an information event. The acceptable values for this parameter are:

-- SilentlyContinue
-- Stop
-- Continue
-- Inquire
-- Ignore
-- Suspend


Aliases

infa

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-InformationVariable<String>

Specifies a variable in which to store an information event message.


Aliases

iv

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-IntegrityCheckMethod<IntegrityCheckMethod>

Specifies the integrity method plumbed in IPsec policy.


Aliases

FirstIntegrityAlgorithm,OtherHashAlgorithm

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-L2tpPorts<UInt32>

Specifies the number of L2TP ports that are created.


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-MMSALifeTimeSeconds<UInt32>

Specifies the lifetime of a Main Mode security association (SA) in seconds, after which the SA is no longer valid.


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-PassThru

Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-PfsGroup<PfsGroup>

Specifies the PFS Group plumbed in Ipsec policy.


Aliases

PfsGroupId

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-RevertToDefault

Indicates that the IPsec parameters revert to a default value


Aliases

none

Required?

true

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-SADataSizeForRenegotiationKilobytes<UInt32>

Specifies the number of kilobytes that are allowed to transfer using a security association (SA), after which the SA will be renegotiated.


Aliases

LifeTimeKiloBytes

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-SALifeTimeSeconds<UInt32>

Specifies the lifetime of a SA in seconds, after which the SA is no longer valid.


Aliases

LifeTimeSeconds,QMSALifeTimeSeconds

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-SstpPorts<UInt32>

Specifies the number of SSTP ports.


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-ThrottleLimit<Int32>

Specifies the maximum number of concurrent connections that can be established to run this command. If you omit this parameter or enter a value of 0, the default value, 32, is used.


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-TunnelType<TunnelType>

Specifies the Tunnel Type to which Custom Policy is to be applied


Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

true(ByPropertyName)

Accept Wildcard Characters?

false

-Confirm

Prompts you for confirmation before running the cmdlet.


Required?

false

Position?

named

Default Value

false

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.


Required?

false

Position?

named

Default Value

false

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

<CommonParameters>

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see    about_CommonParameters.

<WorkflowParameters>

This cmdlet supports the following workflow common parameters: -PSParameterCollection, -PSComputerName, -PSCredential, -PSConnectionRetryCount, -PSConnectionRetryIntervalSec, -PSRunningTimeoutSec, -PSElapsedTimeoutSec, -PSPersist, -PSAuthentication, -PSAuthenticationLevel, -PSApplicationName, -PSPort, -PSUseSSL, -PSConfigurationName, -PSConnectionURI, -PSAllowRedirection, -PSSessionOption, -PSCertificateThumbprint, -PSPrivateMetadata, -AsJob, -JobName, and –InputObject. For more information, see    about_WorkflowCommonParameters.

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

Outputs

The output type is the type of the objects that the cmdlet emits.

  • Microsoft.Management.Infrastructure.CimInstance#VpnServerIPsecConfiguration

Examples

Example 1: Modify the idle disconnect seconds of a VPN server

This command modifies the idle disconnect seconds of the VPN server.


PS C:\> Set-VpnServerIPsecConfiguration -IdleDisconnectSeconds 1000 -PassThru

Example 2: Plumb custom IPsec policy for incoming VPN connections

This command plumbs custom IPsec policy for incoming VPN connections and site to site VPN connections whose authentication method is not pre shared key.


PS C:\> Set-VpnServerIPsecConfiguration -CustomPolicy -EncryptionMethod "AES128" -DhGroup "Group2" -PfsGroup "PFS2" -CipherTransformConstants "AES128"  -IntegrityCheckMethod "SHA256" -AuthenticationTransformConstants "SHA256128" -PassThru

Related topics

Community Additions

ADD
Show:
© 2016 Microsoft