Contact Info

Crumbtrail » Administration » Powershell » Powershell 3.0 » New-NetIPsecMainModeCryptoProposal

New-NetIPsecMainModeCryptoProposal - Powershell 3.0 CmdLet

ActiveXperts Network Monitor ships with integrated Powershell scripts to monitor complex network. The scripts run out of the box
Download the ActiveXperts Network Monitor FREE version now »


Short description
Creates a main mode cryptographic proposal that specifies a suite of cryptographic protocols to offer in IPsec main mode negotiations with other computers.

New-NetIPsecMainModeCryptoProposal [-Encryption <EncryptionAlgorithm>] [-Hash <HashAlgorithm>] [-KeyExchange <DiffieHel
lmanGroup>] [<CommonParameters>]

The New-NetIPsecMainModeCryptoProposal cmdlet creates a single cryptographic proposal to be used in main mode negotiati

A NetIPsecMainModeCryptoProposal object provides three of the mandatory four parameters for the negotiation of a main m
ode security association (SA): The encryption algorithm is provided in the Encryption parameter, the hashing algorithm 
in the Hash parameter, and the Diffie-Hellman (DH) key exchange group to be used for the base keying material in the Ke
yExchange parameter. The remaining parameter; the authentication method, such as Kerberos v5, certificate, or pre-share
d key authentication, is given through NetIPsecPhase1AuthSet and NetIPsecPhase2AuthSet objects.

Multiple NetIPsecMainModeCryptoProposal fields are grouped into a single NetIPsecMainModeCryptoSet object. The main mod
e exchange will use the first proposal that the responder has in common with the sender. A NetIPsecPhase1AuthSet object
 and a NetIPsecMainModeCryptoSet object get associated to a NetIPsecMainModeRule object to provide all the necessary SA
 parameters for customized main mode negotiations.