PowerShell Logo Small

Enable-NetIPsecRule



This is the built-in help made by Microsoft for the command 'Enable-NetIPsecRule', in PowerShell version 4 - as retrieved from Windows version 'Microsoft Windows 8.1 Enterprise' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.

SYNOPSIS

Enables a previously disabled IPsec rule.

SYNTAX


Enable-NetIPsecRule [-All] [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStor
e] [-Confirm] [-WhatIf] [<CommonParameters>]
Enable-NetIPsecRule [-AllowSetKey <Boolean[]>] [-AllowWatchKey <Boolean[]>] [-AsJob] [-CimSession <CimSession[]>] [-Description <String[]>] [-DisplayGroup <String[]>]
[-Enabled <Enabled[]>] [-EncryptedTunnelBypass <Boolean[]>] [-ForwardPathLifetime <UInt32[]>] [-GPOSession <String>] [-Group <String[]>] [-InboundSecurity <SecurityP
olicy[]>] [-KeyModule <KeyModule[]>] [-Machine <String[]>] [-Mode <IPsecMode[]>] [-OutboundSecurity <SecurityPolicy[]>] [-PassThru] [-Phase1AuthSet <String[]>] [-Phas
e2AuthSet <String[]>] [-PolicyStore <String>] [-PolicyStoreSource <String[]>] [-PolicyStoreSourceType <PolicyStoreType[]>] [-PrimaryStatus <PrimaryStatus[]>] [-QuickM
odeCryptoSet <String[]>] [-RemoteTunnelHostname <String[]>] [-RequireAuthorization <Boolean[]>] [-Status <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] [-Us
er <String[]>] [-Confirm] [-WhatIf] [<CommonParameters>]
Enable-NetIPsecRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -Ass
ociatedNetFirewallAddressFilter <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Enable-NetIPsecRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -Ass
ociatedNetFirewallInterfaceTypeFilter <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Enable-NetIPsecRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -Ass
ociatedNetIPsecQuickModeCryptoSet <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Enable-NetIPsecRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -Ass
ociatedNetIPsecPhase1AuthSet <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Enable-NetIPsecRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -Ass
ociatedNetIPsecPhase2AuthSet <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Enable-NetIPsecRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -Ass
ociatedNetFirewallProfile <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Enable-NetIPsecRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -Ass
ociatedNetFirewallPortFilter <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Enable-NetIPsecRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -Dis
playName <String[]> [-Confirm] [-WhatIf] [<CommonParameters>]
Enable-NetIPsecRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -Ass
ociatedNetFirewallInterfaceFilter <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Enable-NetIPsecRule [-AsJob] [-CimSession <CimSession[]>] [-PassThru] [-ThrottleLimit <Int32>] -InputObject <CimInstance[]> [-Confirm] [-WhatIf] [<CommonParameters>]
Enable-NetIPsecRule [-IPsecRuleName] <String[]> [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int3
2>] [-TracePolicyStore] [-Confirm] [-WhatIf] [<CommonParameters>]



Search powershellhelp.space

DESCRIPTION


The Enable-NetIPsecRule cmdlet enables a previously disabled IPsec rule to be active within the computer or a group policy organizational unit.


This cmdelt gets one or more IPsec rules to be enabled with the IPsecRuleName parameter (default), the DisplayName parameter, rule properties, or by associated filter
s or objects. The Enabled parameter value for the resulting queried rules is set to True.


Enabling firewall and IPsec rules can be useful for debugging IPsec policy mismatch issues, but is easier when the rules are in the local, or persistent, store. Enabl
ing rules in a Group Policy Object (GPO) container will not take effect until the next time the client applies the GPO. To troubleshoot GPO-based IPsec policy, consid
er copying all the rules, and authorization and cryptographic sets from the GPO to a computer that does not have the GPO policy applied using the corresponding Copy-N
etIPsecRule cmdlets. This is the way to locally modify the policy, in order to troubleshoot any IPsec failures.



<

RELATED LINKS

Online Version: http://go.microsoft.com/fwlink/?LinkId=229105
Copy-NetIPsecRule
Disable-NetIPsecRule
Get-NetFirewallAddressFilter
Get-NetFirewallInterfaceFilter
Get-NetFirewallInterfaceTypeFilter
Get-NetFirewallPortFilter
Get-NetFirewallProfile
Get-NetIPsecPhase1AuthSet
Get-NetIPsecPhase2AuthSet
Get-NetIPsecQuickModeCryptoSet
Get-NetIPsecRule
New-NetIPsecRule
Open-NetGPO
Remove-NetIPsecRule
Save-NetGPO
Set-NetIPsecRule
New-GPO

REMARKS

<

Examples


EXAMPLE 1

PS C:\>Enable-NetIPsecRule -DisplayName "Require Outbound Authentication" -PolicyStore domain.contoso.com\gpo_name



This example enables an IPsec rule in a GPO by specifying the localized name.




EXAMPLE 2

PS C:\>Enable-NetIPsecRule –Group "Ipsec-DirectAccess-Traffic" –Mode Transport -PolicyStore ActiveStore



This example enables all transport mode DA rules on the local computer.




EXAMPLE 3

PS C:\>$Phase1AuthSet = Get-NetIPsecPhase1AuthSet –DisplayName "Computer Kerb, CA Auth"



PS C:\>Enable-NetIPsecRule –InputObject $Phase1AuthSet



This example enables the IPsec rules associated with the specified phase 1 authentication set.