Set-VpnAuthProtocol
Set-VpnAuthProtocol
Sets the authentication method for incoming site-to-site (S2S) VPN interfaces on a Routing and Remote Access (RRAS) server.
Syntax
Parameter Set: Set1
Set-VpnAuthProtocol [-AsJob] [-CertificateAdvertised <X509Certificate2> ] [-CimSession <CimSession[]> ] [-PassThru] [-RootCertificateNameToAccept <X509Certificate2> ] [-SharedSecret <String> ] [-ThrottleLimit <Int32> ] [-TunnelAuthProtocolsAdvertised <String> ] [-UserAuthProtocolAccepted <String[]> ] [-Confirm] [-WhatIf] [ <CommonParameters>]
Detailed Description
The Set-VpnAuthProtocol cmdlet configures how the incoming site-to-site (S2S) VPN Interfaces on a Routing and Remote Access (RRAS) server are authenticated, such as when the server is a responder for incoming connections whose authentication method is EAP or computer certificates (machine certificates).
Parameters
-AsJob
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-CertificateAdvertised<X509Certificate2>
Specifies the certificate to be sent to a peer computer. Applicable only if the TunnelAuthProtocolsAdvertised parameter is set to Certificate.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-CimSession<CimSession[]>
Runs the cmdlet in a remote session or on a remote computer. Enter a computer name or a session object, such as the output of a New-CimSession or Get-CimSession cmdlet. The default is the current session on the local computer.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-PassThru
Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-RootCertificateNameToAccept<X509Certificate2>
Specifies the root certificates that are allowed. Applicable only if the UserAuthProtocolAccepted parameter contains certificates.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-SharedSecret<String>
Specifies the text of the shared secret for the connection. Applicable only if the TunnelAuthProtocolsAdvertised parameter is set to PSK.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-ThrottleLimit<Int32>
Specifies the maximum number of concurrent operations that can be established to run the cmdlet. If this parameter is omitted or a value of 0 is entered, then Windows PowerShell® calculates an optimum throttle limit for the cmdlet based on the number of CIM cmdlets that are running on the computer. The throttle limit applies only to the current cmdlet, not to the session or to the computer.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-TunnelAuthProtocolsAdvertised<String>
Specifies the remote authentication method used by the RRAS server. If this parameter value is set to pre-shared key (PSK), then the SharedSecret parameter is mandatory. If this parameter value is set to Certificate, then the CertificateAdvertised parameter is mandatory. Only one of the values can be specified.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true (ByPropertyName) |
Accept Wildcard Characters? |
false |
-UserAuthProtocolAccepted<String[]>
Specifies the local authentication protocols that are allowed.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true (ByPropertyName) |
Accept Wildcard Characters? |
false |
-Confirm
Prompts you for confirmation before running the cmdlet.
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
<CommonParameters>
This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).
Inputs
The input type is the type of the objects that you can pipe to the cmdlet.
- None
Outputs
The output type is the type of the objects that the cmdlet emits.
Microsoft.Management.Infrastructure.CimInstance#VpnAuthProtocol
The
Microsoft.Management.Infrastructure.CimInstanceobject is a wrapper class that displays Windows Management Instrumentation (WMI) objects. The path after the pound sign (#) provides the namespace and class name for the underlying WMI object.
Examples
EXAMPLE 1
This example changes the authentication method used by the server for incoming connections to Certificate and advertises certificates as authentication mechanism to the peer computers.
PS C:\> Set-VpnAuthProtocol -UserAuthProtocolAccepted Certificate -PassThru
EXAMPLE 2
This example sets the root certificate against which all of the incoming connections computer certificates are matched.
PS C:\> $cert1 = ( Get-ChildItem -Path cert:LocalMachine\root | Where-Object -FilterScript { $_.Subject -Like "*CN=Contoso Root Certification Authority,*" } )
PS C:\> Set-VpnAuthProtocol -RootCertificateNameToAccept $cert1 -PassThru
Related topics
Clear-VpnS2SInterfaceStatistics