PowerShell Logo Small

Copy-NetIPsecMainModeRule



This is the built-in help made by Microsoft for the command 'Copy-NetIPsecMainModeRule', in PowerShell version 5 - as retrieved from Windows version 'Microsoft Windows Server 2012 R2 Standard' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.

SYNOPSIS

Copies an entire main mode rule, and associated filters, to the same or to a different policy store.

SYNTAX


Copy-NetIPsecMainModeRule [-All] [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>]
[-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] [-Confirm] [-WhatIf] [<CommonParameters>]
Copy-NetIPsecMainModeRule [-AsJob] [-CimSession <CimSession[]>] [-Description <String[]>] [-DisplayGroup <String[]>] [-Enabled <Enabled[]>] [-GPOSession <String>] [-Group
<String[]>] [-MainModeCryptoSet <String[]>] [-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>] [-PassThru] [-Phase1AuthSet <String[]>] [-PolicyStore
<String>] [-PolicyStoreSource <String[]>] [-PolicyStoreSourceType <PolicyStoreType[]>] [-PrimaryStatus <PrimaryStatus[]>] [-Status <String[]>] [-ThrottleLimit <Int32>]
[-TracePolicyStore] [-Confirm] [-WhatIf] [<CommonParameters>]
Copy-NetIPsecMainModeRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>] [-PassThru]
[-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetFirewallAddressFilter <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Copy-NetIPsecMainModeRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>] [-PassThru]
[-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -DisplayName <String[]> [-Confirm] [-WhatIf] [<CommonParameters>]
Copy-NetIPsecMainModeRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>] [-PassThru]
[-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetFirewallProfile <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Copy-NetIPsecMainModeRule [-Name] <String[]> [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore
<String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] [-Confirm] [-WhatIf] [<CommonParameters>]
Copy-NetIPsecMainModeRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>] [-PassThru]
[-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetIPsecPhase1AuthSet <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Copy-NetIPsecMainModeRule [-AsJob] [-CimSession <CimSession[]>] [-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>] [-PassThru] [-ThrottleLimit <Int32>]
-InputObject <CimInstance[]> [-Confirm] [-WhatIf] [<CommonParameters>]
Copy-NetIPsecMainModeRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>] [-PassThru]
[-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetIPsecMainModeCryptoSet <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]



Search powershellhelp.space

DESCRIPTION


The Copy-NetIPsecMainModeRule cmdlet copies a main mode rule and associated filters to a policy store, making a complete clone. When a new policy store is not specified, it
is copied to the same policy store with a new name specified by the user.


This cmdlet gets one or more main mode rules to be duplicated with the Name parameter (default), the DisplayName parameter, rule properties, or by the associated filters or
objects. The resulting queried rule is copied to a new policy store using the NewPolicyStore parameter, a new GPO session using the NewGPOSession parameter, or to the same
policy store using the NewName parameter by. Note: Only one main mode rule can be copied at a time when copying to the same policy store. This is because only a single main
mode rule can use the unique identifier, or name, specified by the NewName parameter.


When copying a rule to a new policy store, the unique name of the set is preserved. This means that if the same set is attempted to be copied twice, then an error is
displayed for the second attempt indicating that the object already exists. To overwrite the target set, run the Remove-NetIPsecMainModeRule cmdlet first. If it is possible
that the object may already exist, then specify the ErrorAction parameter to silently ignore these errors, instead of running the Remove-NetIPsecMainModeRule cmdlet.


When copying rules between different policy stores, the authentication and cryptographic sets referenced in each rule must be copied separately. See the
Copy-NetIPsecPhase1AuthSet and Copy-NetIPsecMainModeCryptoSet cmdlets for more information. When copying a main mode rule that has associated authentication or cryptographic
sets from GPO-A to GPO-B, the newly created authentication and cryptographic set fields of the rule will maintain the Name parameter values of the source. This is desirable
because after the NetIPsecPhase1AuthSet and NetIPsecMainModeCryptoSet are copied separately, they will be associated with the newly copied rule.



<

RELATED LINKS

Online Version: http://go.microsoft.com/fwlink/?LinkId=216651
Copy-NetIPsecMainModeCryptoSet
Copy-NetIPsecPhase1AuthSet
Get-NetFirewallAddressFilter
Get-NetFirewallProfile
Get-NetIPsecMainModeCryptoSet
Get-NetIPsecMainModeRule
Get-NetIPsecPhase1AuthSet
New-NetIPsecMainModeRule
Open-NetGPO
Remove-NetIPsecMainModeRule
Save-NetGPO
Set-NetIPsecMainModeRule
New-NetIPsecAuthProposal
New-GPO

REMARKS

<

Examples


EXAMPLE 1

PS C:\>Copy-NetIPsecMainModeRule –DisplayName "Main Mode Rule" -NewName "Alternate Main Mode Rule"



This example copies a main mode rule, found by the localized name, to the current policy store under a new unique identifier. The localized DisplayName parameter value
remains the same.




EXAMPLE 2

PS C:\>$mMrule = Get-NetIPsecMainModeRule –DisplayName "Main Mode Rule: P1Auth + Crypto" –PolicyStore domain.contoso.com\GPO_name



PS C:\>Copy-NetIPsecPhase1AuthSet –InputObject $mMrule -NewPolicyStore domain.contoso.com\new_GPO



PS C:\>Copy-NetIPsecMainModeCryptoSet –InputObject $mMrule -NewPolicyStore domain.contoso.com\new_GPO



PS C:\>Set-NetIPsecMainModeRule –InputObject $mMrule –Phase1AuthSet $CopiedCryptoSet.Name


The following cmdlets accomplish the same task but take advantage of caching the GPO to apply the changes locally.
PS C:\>$mMrule = Get-NetIPsecMainModeRule –DisplayName "Main Mode Rule: P1Auth + Crypto" –PolicyStore domain.contoso.com\GPO_name



PS C:\>$newGPO = Open-NetGPO –PolicyStore domain.contoso.com\new_GPO



PS C:\>Copy-NetIPsecPhase1AuthSet –InputObject $mMrule –GPOSession $newGPO



PS C:\>Copy-NetIPsecMainModeCryptoSet –InputObject $mMrule –GPOSession $newGPO



PS C:\>Copy-NetIPsecMainModeRule –InputObject $mMrule –GPOSession $newGPO



PS C:\>Save-NetGPO –GPOSession $newGPO



This example copies an entire IPsec main mode rule and the associated authentication and cryptographic sets to a new policy store. There is no need to link the newly copied
sets to the newly copied rule since the set fields of the rule maintain the Name parameter value of the source.