Get-NetIPsecQuickModeSA

Get-NetIPsecQuickModeSA

Returns active quick mode security associations (SAs) from the target computer.

Sintaxis

Parameter Set: ByAssociatedNetIPsecMainModeSA
Get-NetIPsecQuickModeSA -AssociatedNetIPsecMainModeSA <CimInstance> [-AsJob] [-CimSession <CimSession[]> ] [-ThrottleLimit <Int32> ] [ <CommonParameters>]

Parameter Set: ByName
Get-NetIPsecQuickModeSA [-Name] <String[]> [-AsJob] [-CimSession <CimSession[]> ] [-ThrottleLimit <Int32> ] [ <CommonParameters>]

Parameter Set: GetAll
Get-NetIPsecQuickModeSA [-All] [-AsJob] [-CimSession <CimSession[]> ] [-ThrottleLimit <Int32> ] [ <CommonParameters>]

Descripción detallada

The Get-NetIPsecQuickModeSA cmdlet gets an active quick mode security association (SA). Two computers can exchange network packets within the context of the quick mode SA once established. This cmdlet is used for policy monitoring.

A quick mode negotiation establishes a secure channel between two computers to protect the user data that is exchanged between them. During a quick mode negotiation, the keying material is refreshed or, if necessary, new keys are generated. A protection suite that protects the IP data traffic is also selected. The exchange of information required to negotiate a quick mode SA is performed within the context of the main mode SA. After the quick mode SA is established, the two computers can exchange network packets within the context of the quick mode SA. There is only one main mode SA between a pair of computers, but there can be many quick mode SAs.

Monitoring quick mode SAs can provide information about which peers are currently connected to this computer, and which protection suite is protecting the data exchanged between them. Separate SAs are created for IPv4 and IPv6 connections.

Parámetros

-All

Indicates that all of the quick mode security associations within the specified policy store are retrieved.

-AsJob

-AssociatedNetIPsecMainModeSA<CimInstance>

Gets the quick mode security associations associated with the specified main mode security association.

-CimSession<CimSession[]>

Ejecuta el cmdlet en una sesión remota o en un equipo remoto. Escriba un nombre de equipo o un objeto de sesión, como la salida de un cmdlet New-CimSession o Get-CimSession. El valor predeterminado es la sesión actual en el equipo local.

-Name<String[]>

Specifies that only matching quick mode cryptographic sets of the indicated name are retrieved. Wildcard characters are accepted.
This parameter acts just like a file name, in that only one rule with a given name may exist in a policy store at a time. During group policy processing and policy merge, rules that have the same name but come from multiple stores being merged, will overwrite one another so that only one exists. This overwriting behavior is desirable if the rules serve the same purpose. For instance, all of the firewall rules have specific names, so if an administrator can copy these rules to a GPO, and the rules will override the local versions on a local computer. Since GPOs can have precedence, if an administrator that gives a rule with a different or more specific rule the same name in a higher-precedence GPO, then it overrides other rules that exist.
The default value is a randomly assigned value.
When the defaults for quick mode encryption are overridden, specify the customized parameters and set this parameter value, making this parameter the new default setting for encryption.

-ThrottleLimit<Int32>

Especifica el número máximo de operaciones simultáneas que se pueden establecer para ejecutar el cmdlet. Si se omite este parámetro o es especifica un valor de 0, Windows PowerShell ® calcula un límite óptimo para el cmdlet en función del número de cmdlets de CIM que se estén ejecutando en el equipo. El límite solo se aplica al cmdlet actual, no a la sesión ni al equipo.

<CommonParameters>

Este cmdlet admite los siguientes parámetros comunes: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer y -OutVariable. Para obtener más información, consulte about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).

Entradas

El tipo de entrada es el tipo de los objetos que se pueden canalizar al cmdlet.

• Microsoft.Management.Infrastructure.CimInstance#root\StandardCimv2\NetIPsecMainModeSA

  El objeto Microsoft.Management.Infrastructure.CimInstance es una clase contenedora que muestra objetos de Instrumental de administración de Windows (WMI). La ruta de acceso después del signo de número (#) proporciona el espacio de nombres y el nombre de clase del objeto WMI subyacente.

Salidas

El tipo de resultado es el tipo de objetos que emite el cmdlet.

• Microsoft.Management.Infrastructure.CimInstance#root\StandardCimv2\NetIPsecQuickModeSA[]

  El objeto Microsoft.Management.Infrastructure.CimInstance es una clase contenedora que muestra objetos de Instrumental de administración de Windows (WMI). La ruta de acceso después del signo de número (#) proporciona el espacio de nombres y el nombre de clase del objeto WMI subyacente.

Ejemplos

EXAMPLE 1

This example gets all of the IPsec quick mode SAs on the local computer.

PS C:\> Get-NetIPsecQuickModeSA

EXAMPLE 2

This example removes all of the active main mode cryptographic sets associated with the specified quick mode SA on a remote computer.

PS C:\> $computer1 = "RemoteMachineName"

PS C:\> Get-NetIPsecMainModeSA –Name "196511" –CimSession $computer1 | Remove-NetIPsecQuickModeSA –CimSession $computer1

Temas relacionados

Remove-NetIPsecMainModeSA