PowerShell Logo Small

Get-NetIPsecMainModeCryptoSet



This is the built-in help made by Microsoft for the command 'Get-NetIPsecMainModeCryptoSet', in PowerShell version 3 - as retrieved from Windows version 'Microsoft Windows Server 2012 Standard' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.

SYNOPSIS

Gets main mode cryptographic sets from the target computer.

SYNTAX


Get-NetIPsecMainModeCryptoSet [-All [<SwitchParameter>]] [-AsJob [<SwitchParameter>]] [-CimSession <CimSession[]>] [-GPOSession <String>]
[-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore [<SwitchParameter>]] [<CommonParameters>]
Get-NetIPsecMainModeCryptoSet [-AsJob [<SwitchParameter>]] [-CimSession <CimSession[]>] [-Description <String[]>] [-DisplayGroup <String[]>]
[-ForceDiffieHellman <Boolean[]>] [-GPOSession <String>] [-Group <String[]>] [-MaxMinutes <UInt32[]>] [-MaxSessions <UInt32[]>] [-PolicyStore
<String>] [-PolicyStoreSource <String[]>] [-PolicyStoreSourceType <PolicyStoreType[]>] [-PrimaryStatus <PrimaryStatus[]>] [-Status <String[]>]
[-ThrottleLimit <Int32>] [-TracePolicyStore [<SwitchParameter>]] [<CommonParameters>]
Get-NetIPsecMainModeCryptoSet [-AsJob [<SwitchParameter>]] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PolicyStore <String>]
[-ThrottleLimit <Int32>] [-TracePolicyStore [<SwitchParameter>]] -AssociatedNetIPsecMainModeRule <CimInstance> [<CommonParameters>]
Get-NetIPsecMainModeCryptoSet [-AsJob [<SwitchParameter>]] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PolicyStore <String>]
[-ThrottleLimit <Int32>] [-TracePolicyStore [<SwitchParameter>]] -DisplayName <String[]> [<CommonParameters>]
Get-NetIPsecMainModeCryptoSet [-Name] <String[]> [-AsJob [<SwitchParameter>]] [-CimSession <CimSession[]>] [-GPOSession <String>]
[-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore [<SwitchParameter>]] [<CommonParameters>]



Search powershellhelp.space

DESCRIPTION


The Get-NetIPsecMainModeCryptoSet cmdlet returns the instances of cryptographic sets that match the search parameters from the user. See the
New-NetIPsecMainModeCryptoSet cmdlet for more information.


This cmdlet returns main mode cryptographic sets by specifying the Name parameter (default), the DisplayName parameter, rule properties, or by
associated filters or objects. The queried rules can be placed into variables and piped into other cmdlets for further modifications or
monitoring.



<

RELATED LINKS

Get-NetIPsecMainModeRule
New-NetIPsecMainModeCryptoSet
New-NetIPsecMainModeRule
Open-NetGPO
Save-NetGPO
Set-NetIPsecMainModeCryptoSet
New-NetIPsecMainModeCryptoProposal
New-GPO

REMARKS

<

Examples


EXAMPLE 1

PS C:\> Get-NetIPsecMainModeCryptoSet –PolicyStore ActiveStore



This example gets all of the main mode cryptographic sets in the currently active policy, which is the sum of all policy stores that apply to
the computer. Running this cmdlet without specifying the policy store retrieves the persistent store.




EXAMPLE 2

PS C:\> Get-NetIPsecMainModeCryptoSet -ForceDiffieHellman $false



This example gets all of the main mode cryptographic sets that do not use the Diffie-Hellman exchange to protect the main mode key exchange.




EXAMPLE 3

PS C:\> $proposal1 = New-NetIPsecMainModeCryptoProposal -KeyExchange DH1


PS C:\> $proposal2 = New-NetIPsecMainModeCryptoProposal -KeyExchange DH14


PS C:\> $cryptoset1 = (New-NetIPsecMainModeCryptoSet -DisplayName MainModeCryptoSet -Proposal $proposal1.Name, $proposal2.Name)


PS C:\> $mainModeRule = New-NetIPsecMainModeRule -DisplayName MainModeRule -MainModeCryptoSet $cryptoset1


PS C:\> $mainModeCryptoSet = ($MainModeRule | Get-NetIPsecQuickModeCryptoSet)


PS C:\> $mainModeCryptoSet.Proposal[1] = DH19


PS C:\> $mainModeCryptoSet | Set-NetIPsecMainModeCryptoSet

The following cmdlets shows an alternative method to the previous cmdlets. Note: The main mode rule setup is the same.
PS C:\> $mainModeRule = New-NetIPsecMainModeRule -DisplayName MainModeRule -MainModeCryptoSet (New-NetIPsecMainModeCryptoSet -DisplayName
MainModeCryptoSet -Proposal (New-NetIPsecMainModeCryptoProposal -KeyExchange DH1),(New-NetIPsecMainModeCryptoProposal -KeyExchange DH14)).Name


PS C:\> $mainModeCryptoSet = ($mainModeRule | Get-NetIPsecQuickModeCryptoSet)


PS C:\> $mainModeCryptoSet | Set-NetIPsecMainModeCryptoSet –Proposal (New-NetIPsecMainModeCryptoProposal -KeyExchange DH1),
(New-NetIPsecMainModeCryptoProposal -KeyExchange DH19)



This example shows how to replace a key exchange option of a main mode cryptographic proposal to an existing main mode cryptographic set,
given the associated main mode rule. The key exchange will be changed for the second specified cryptographic proposal.