Sync-NetIPsecRule

This is the built-in help made by Microsoft for the command 'Sync-NetIPsecRule', in PowerShell version 4 - as retrieved from Windows version 'Microsoft Windows 8.1 Enterprise' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.

SYNOPSIS

Gets the list of IP addresses to be added and deleted to an IPsec rule based on the differences detected between the existing rule IP addresses and the specified IP addresses.

SYNTAX

Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -DisplayName <String[]> [-Confirm] [-WhatIf] [<Commo
nParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetFirewallAddressFilter <CimInstance> [-
Confirm] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-IPsecRuleName] <String[]> [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-E
ndpointType <EndpointType>] [-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] [-Confirm] [-WhatIf] [<C
ommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetIPsecPhase2AuthSet <CimInstance> [-Con
firm] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-Servers <String[]>] [-ThrottleLimit <Int32>] -InputObject <CimInstance[]> [-Confirm] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-All] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <Endpoint
Type>] [-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] [-Confirm] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetIPsecQuickModeCryptoSet <CimInstance>
[-Confirm] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetIPsecPhase1AuthSet <CimInstance> [-Con
firm] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetFirewallInterfaceTypeFilter <CimInstan
ce> [-Confirm] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AllowSetKey <Boolean[]>] [-AllowWatchKey <Boolean[]>] [-AsJob] [-CimSession <CimSession[]>] [-Description <String[
]>] [-DisplayGroup <String[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-Enabled <Enabled[]>] [-EncryptedTunnelBypass <Boolean[]>] [-EndpointType <EndpointType
>] [-ForwardPathLifetime <UInt32[]>] [-GPOSession <String>] [-Group <String[]>] [-InboundSecurity <SecurityPolicy[]>] [-KeyModule <KeyModule[]>] [-Machine <String[]>]
[-Mode <IPsecMode[]>] [-OutboundSecurity <SecurityPolicy[]>] [-Phase1AuthSet <String[]>] [-Phase2AuthSet <String[]>] [-PolicyStore <String>] [-PolicyStoreSource <Str
ing[]>] [-PolicyStoreSourceType <PolicyStoreType[]>] [-PrimaryStatus <PrimaryStatus[]>] [-QuickModeCryptoSet <String[]>] [-RemoteTunnelHostname <String[]>] [-RequireA
uthorization <Boolean[]>] [-Servers <String[]>] [-Status <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] [-User <String[]>] [-Confirm] [-WhatIf] [<CommonPara
meters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetFirewallPortFilter <CimInstance> [-Con
firm] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetFirewallProfile <CimInstance> [-Confir
m] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetFirewallInterfaceFilter <CimInstance>
[-Confirm] [-WhatIf] [<CommonParameters>]

Search powershellhelp.space

DESCRIPTION

The Sync-NetIPsecRule cmdlet detects changes in IPsec addresses retrieved from current IPsec addresses and input values, returns the addresses, and then updates the I
Psec rule end points.


The first tunnel policy is defined by IP addresses that are derived from domain names and servers. Running this cmdlet resolves the IP addresses for the DirectAccess
(DA) first tunnel and updates the Group Policy Objects (GPOs) appropriately. The specified DNS server, using the DnsServers parameter, will be used to resolve the dom
ain name and server names.


A list of IP addresses is retrieved based on the derived values from input parameters like the Domains and Servers parameters. This cmdlet will output delta collectio
n objects and the associated actions: to Add or Delete the change in IP addresses, the actual list of changes detected, and a list of fully qualified domain names (FQ
DNs) that did not resolve. When there are multiple rules that match the same name, the cmdlet fails with an error.


This parameter updates on per-rule basis with greater flexibility in rule selection or querying. Rules can be obtained using parameter values including IPsecRuleName
(default), DisplayName, rule properties, or by associated NetFirewall filters or NetIPsec objects. The resultant specified end point of the queried rule is immediatel
y updated.

<

RELATED LINKS

Online Version: http://go.microsoft.com/fwlink/?LinkId=288378
Get-NetFirewallAddressFilter
Get-NetFirewallInterfaceFilter
Get-NetFirewallInterfaceTypeFilter
Get-NetFirewallPortFilter
Get-NetFirewallProfile
Get-NetIPsecPhase1AuthSet
Get-NetIPsecPhase2AuthSet
Get-NetIPsecQuickModeCryptoSet
New-NetIPsecRule
Open-NetGPO
Save-NetGPO
Set-NetIPsecRule
New-GPO

REMARKS

<

Examples