Set-VpnAuthProtocol
Sets the authentication method for incoming site-to-site (S2S) VPN interfaces on a Routing and Remote Access (RRAS) server.
Set-VpnAuthProtocol
[-UserAuthProtocolAccepted <String[]>]
[-TunnelAuthProtocolsAdvertised <String>]
[-RootCertificateNameToAccept <X509Certificate2>]
[-CertificateAdvertised <X509Certificate2>]
[-SharedSecret <String>]
[-PassThru]
[-CertificateEKUsToAccept <String[]>]
[-CimSession <CimSession[]>]
[-ThrottleLimit <Int32>]
[-AsJob]
[-WhatIf]
[-Confirm]
[<CommonParameters>]The Set-VpnAuthProtocol cmdlet configures how the incoming site-to-site (S2S) VPN Interfaces on a Routing and Remote Access (RRAS) server are authenticated, such as when the server is a responder for incoming connections whose authentication method is EAP or computer certificates (machine certificates).
PS C:\> Set-VpnAuthProtocol -UserAuthProtocolAccepted Certificate -PassThru
WARNING: Configuration parameters will be modified after the Remote Access service is restarted.
UserAuthProtocolAccepted : {Certificate}
TunnelAuthProtocolsAdvertised : Certificates
RootCertificateNameToAccept :
CertificateAdvertised :This example changes the authentication method used by the server for incoming connections to Certificate and advertises certificates as authentication mechanism to the peer computers.
PS C:\>$cert1 = ( Get-ChildItem -Path cert:LocalMachine\root | Where-Object -FilterScript { $_.Subject -Like "*CN=Contoso Root Certification Authority,*" } )
PS C:\>Set-VpnAuthProtocol -RootCertificateNameToAccept $cert1 -PassThruThis example sets the root certificate against which all of the incoming connections computer certificates are matched.
ps_cimcommon_asjob
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies the certificate to be sent to a peer computer. Applicable only if the TunnelAuthProtocolsAdvertised parameter is set to Certificate.
| Type: | X509Certificate2 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies an array of Certificate Extended Key Usage (EKU) extensions to allow. This parameter is only valid if the UserAuthProtocolAccepted parameter contains certificates.
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Runs the cmdlet in a remote session or on a remote computer. Enter a computer name or a session object, such as the output of a New-CimSessionhttp://go.microsoft.com/fwlink/p/?LinkId=227967 or Get-CimSessionhttp://go.microsoft.com/fwlink/p/?LinkId=227966 cmdlet. The default is the current session on the local computer.
| Type: | CimSession[] |
| Aliases: | Session |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies the root certificates that are allowed. Applicable only if the UserAuthProtocolAccepted parameter contains certificates.
| Type: | X509Certificate2 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies the text of the shared secret for the connection. Applicable only if the TunnelAuthProtocolsAdvertised parameter is set to PSK.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies the maximum number of concurrent operations that can be established to run the cmdlet.
If this parameter is omitted or a value of 0 is entered, then Windows PowerShell® calculates an optimum throttle limit for the cmdlet based on the number of CIM cmdlets that are running on the computer.
The throttle limit applies only to the current cmdlet, not to the session or to the computer.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies the remote authentication method used by the RRAS server. If this parameter value is set to pre-shared key (PSK), then the SharedSecret parameter is mandatory. If this parameter value is set to Certificate, then the CertificateAdvertised parameter is mandatory. Only one of the values can be specified.
| Type: | String |
| Accepted values: | Certificates, PreSharedKey |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Specifies the local authentication protocols that are allowed.
| Type: | String[] |
| Accepted values: | EAP, Certificate, MsChapv2, Chap, PAP, PreSharedKey |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
None
The Microsoft.Management.Infrastructure.CimInstance object is a wrapper class that displays Windows Management Instrumentation (WMI) objects.
The path after the pound sign (#) provides the namespace and class name for the underlying WMI object.