New-NetIPsecMainModeCryptoProposal - Powershell 4.0 CmdLet

ActiveXperts Network Monitor ships with integrated Powershell scripts to monitor complex network. The scripts run out of the box
Download the ActiveXperts Network Monitor FREE version now »

New-NetIPsecMainModeCryptoProposal

Short description
Creates a main mode cryptographic proposal that specifies a suite of cryptographic protocols to offer in IPsec main mode negotiations with other computers.

Syntax


Description
The New-NetIPsecMainModeCryptoProposal cmdlet creates a single cryptographic proposal to be used in main mode 
negotiations.


A NetIPsecMainModeCryptoProposal object provides three of the mandatory four parameters for the negotiation of a main 
mode security association (SA): The encryption algorithm is provided in the Encryption parameter, the hashing 
algorithm in the Hash parameter, and the Diffie-Hellman (DH) key exchange group to be used for the base keying 
material in the KeyExchange parameter. The remaining parameter; the authentication method, such as Kerberos v5, 
certificate, or pre-shared key authentication, is given through NetIPsecPhase1AuthSet and NetIPsecPhase2AuthSet 
objects.


Multiple NetIPsecMainModeCryptoProposal fields are grouped into a single NetIPsecMainModeCryptoSet object. The main 
mode exchange will use the first proposal that the responder has in common with the sender. A NetIPsecPhase1AuthSet 
object and a NetIPsecMainModeCryptoSet object get associated to a NetIPsecMainModeRule object to provide all the 
necessary SA parameters for customized main mode negotiations.