New-NetIPsecMainModeCryptoProposal

This is the built-in help made by Microsoft for the command 'New-NetIPsecMainModeCryptoProposal', in PowerShell version 3 - as retrieved from Windows version 'Microsoft Windows Server 2012 Standard' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.

SYNOPSIS

Creates a main mode cryptographic proposal that specifies a suite of cryptographic protocols to offer in IPsec main mode negotiations with other computers.

SYNTAX

New-NetIPsecMainModeCryptoProposal [-Encryption <EncryptionAlgorithm>] [-Hash <HashAlgorithm>] [-KeyExchange <DiffieHellmanGroup>]
[<CommonParameters>]

Search powershellhelp.space

DESCRIPTION

The New-NetIPsecMainModeCryptoProposal cmdlet creates a single cryptographic proposal to be used in main mode negotiations.


A NetIPsecMainModeCryptoProposal object provides three of the mandatory four parameters for the negotiation of a main mode security
association (SA): The encryption algorithm is provided in the Encryption parameter, the hashing algorithm in the Hash parameter, and the
Diffie-Hellman (DH) key exchange group to be used for the base keying material in the KeyExchange parameter. The remaining parameter; the
authentication method, such as Kerberos v5, certificate, or pre-shared key authentication, is given through NetIPsecPhase1AuthSet and
NetIPsecPhase2AuthSet objects.


Multiple NetIPsecMainModeCryptoProposal fields are grouped into a single NetIPsecMainModeCryptoSet object. The main mode exchange will use the
first proposal that the responder has in common with the sender. A NetIPsecPhase1AuthSet object and a NetIPsecMainModeCryptoSet object get
associated to a NetIPsecMainModeRule object to provide all the necessary SA parameters for customized main mode negotiations.

<

RELATED LINKS

New-NetIPsecMainModeRule
New-NetIPsecMainModeCryptoSet

REMARKS

<

Examples