Set-Vpn
Syntax
Set-VpnServerConfiguration
[-TunnelType <TunnelType>]
[-SstpPorts <UInt32>]
[-GrePorts <UInt32>]
[-IdleDisconnectSeconds <UInt32>]
[-SALifeTimeSeconds <UInt32>]
[-MMSALifeTimeSeconds <UInt32>]
[-SADataSizeForRenegotiationKilobytes <UInt32>]
[-Ikev2Ports <UInt32>]
[-L2tpPorts <UInt32>]
[-PassThru]
[-EncryptionType <String>]
[-CimSession <CimSession[]>]
[-ThrottleLimit <Int32>]
[-AsJob]
[-WhatIf]
[-Confirm]
[<CommonParameters>]Set-VpnServerConfiguration
[-TunnelType <TunnelType>]
[-PassThru]
[-RevertToDefault]
[-CimSession <CimSession[]>]
[-ThrottleLimit <Int32>]
[-AsJob]
[-WhatIf]
[-Confirm]
[<CommonParameters>]Set-VpnServerConfiguration
[-TunnelType <TunnelType>]
[-SstpPorts <UInt32>]
[-GrePorts <UInt32>]
[-IdleDisconnectSeconds <UInt32>]
[-SALifeTimeSeconds <UInt32>]
[-MMSALifeTimeSeconds <UInt32>]
[-SADataSizeForRenegotiationKilobytes <UInt32>]
[-Ikev2Ports <UInt32>]
[-L2tpPorts <UInt32>]
[-PassThru]
[-CustomPolicy]
[-EncryptionMethod <EncryptionMethod>]
[-IntegrityCheckMethod <IntegrityCheckMethod>]
[-CipherTransformConstants <CipherTransformConstants>]
[-PfsGroup <PfsGroup>]
[-AuthenticationTransformConstants <AuthenticationTransformConstants>]
[-DHGroup <DHGroup>]
[-CimSession <CimSession[]>]
[-ThrottleLimit <Int32>]
[-AsJob]
[-WhatIf]
[-Confirm]
[<CommonParameters>]Description
The Set-VpnServerConfiguration cmdlet updates IPSEC properties on RRAS server for incoming S2S VPN Interfaces. By Specifying CustomPolicy, IPsec parameters can be customized.
Examples
Example 1: Modify the idle disconnect seconds of a VPN server
PS C:\>Set-VpnServerIPsecConfiguration -IdleDisconnectSeconds 1000 -PassThru
WARNING: Configuration parameters will be modified after the Remote Access service is restarted.
EncryptionType : OptionalEncryption
Ikev2Ports : 5
IdleDisconnect(s) : 1000
L2tpPorts : 5
SADataSizeForRenegotiation(KB) : 102400
SALifeTime(s) : 28800This command modifies the idle disconnect seconds of the VPN server.
Example 2: Plumb custom IPsec policy for incoming VPN connections
PS C:\>Set-VpnServerIPsecConfiguration -CustomPolicy -EncryptionMethod "AES128" -DhGroup "Group2" -PfsGroup "PFS2" -CipherTransformConstants "AES128" -IntegrityCheckMethod "SHA256" -AuthenticationTransformConstants "SHA256128" -PassThru
WARNING: Configuration parameters will be modified after the Remote Access service is restarted.
AuthenticationTransformConstants : SHA256128
CipherTransformConstants : AES128
CustomPolicy : True
DHGroup : Group2
EncryptionMethod : AES128
Ikev2Ports : 5
IdleDisconnect(s) : 1000
IntegrityCheckMethod : SHA256
L2tpPorts : 5
PFSgroup : PFS2
SADataSizeForRenegotiation(KB) : 102400
SALifeTime(s) : 28800This command plumbs custom IPsec policy for incoming VPN connections and site to site VPN connections whose authentication method is not pre shared key.
Required Parameters
Indicates the custom IKE IPSEC policy.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Indicates that the IPsec parameters revert to a default value
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Optional Parameters
Runs the cmdlet as a background job. Use this parameter to run commands that take a long time to complete.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies the authentication transform plumbed in Ipsec policy.
| Type: | AuthenticationTransformConstants |
| Aliases: | FirstTransformType |
| Parameter Sets: | MD596, SHA196, SHA256128, GCMAES128, GCMAES192, GCMAES256, None |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Runs the cmdlet in a remote session or on a remote computer. Enter a computer name or a session object, such as the output of a New-CimSession or Get-CimSession cmdlet. The default is the current session on the local computer.
| Type: | CimSession[] |
| Aliases: | Session |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies the cipher plumbed in IPsec policy.
| Type: | CipherTransformConstants |
| Aliases: | FirstCipherAlgorithm, OtherCipherAlgorithm |
| Parameter Sets: | DES, DES3, AES128, AES192, AES256, GCMAES128, GCMAES192, GCMAES256, None |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies the DH Group Plumbed in Ipsec policy.
| Type: | DHGroup |
| Parameter Sets: | None, Group1, Group2, Group14, ECP256, ECP384, Group24 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Specifies the encryption method plumbed in IKE policy.
| Type: | EncryptionMethod |
| Aliases: | Encryption |
| Parameter Sets: | DES, DES3, AES128, AES192, AES256 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Specifies the type of Encryption.
| Type: | String |
| Parameter Sets: | NoEncryption, RequireEncryption, OptionalEncryption, MaximumEncryption |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Specifies the number of Generic Routing Encapsulation (GRE) ports.
| Type: | UInt32 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Specifies the time, in seconds, after which an idle connection is terminated. Unless the idle time-out is disabled, the entire connection is terminated if the connection is idle for the specified interval.
| Type: | UInt32 |
| Aliases: | IdleDurationSeconds |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Specifies the number of IKEv2 ports that are created.
| Type: | UInt32 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Specifies the integrity method plumbed in IPsec policy.
| Type: | IntegrityCheckMethod |
| Aliases: | FirstIntegrityAlgorithm, OtherHashAlgorithm |
| Parameter Sets: | MD5, SHA1, SHA256, SHA384 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Specifies the number of L2TP ports that are created.
| Type: | UInt32 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Specifies the lifetime of a Main Mode security association (SA) in seconds, after which the SA is no longer valid.
| Type: | UInt32 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies the PFS Group plumbed in Ipsec policy.
| Type: | PfsGroup |
| Aliases: | PfsGroupId |
| Parameter Sets: | None, PFS1, PFS2, PFS2048, ECP256, ECP384, PFSMM, PFS24 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Specifies the number of kilobytes that are allowed to transfer using a security association (SA), after which the SA will be renegotiated.
| Type: | UInt32 |
| Aliases: | LifeTimeKiloBytes |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Specifies the lifetime of a SA in seconds, after which the SA is no longer valid.
| Type: | UInt32 |
| Aliases: | LifeTimeSeconds, QMSALifeTimeSeconds |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Specifies the number of SSTP ports.
| Type: | UInt32 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Specifies the maximum number of concurrent connections that can be established to run this command. If you omit this parameter or enter a value of 0, the default value, 32, is used.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies the Tunnel Type to which Custom Policy is to be applied
| Type: | TunnelType |
| Parameter Sets: | IKEV2, L2TP |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Outputs
Microsoft.Management.Infrastructure.CimInstance#VpnServerIPsecConfiguration