Sync-NetIPsecRule

This is the built-in help made by Microsoft for the command 'Sync-NetIPsecRule', in PowerShell version 5 - as retrieved from Windows version 'Microsoft Windows Server 2012 R2 Standard' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.

SYNOPSIS

Gets the list of IP addresses to be added and deleted to an IPsec rule based on the differences detected between the existing rule IP addresses and the specified IP addresses.

SYNTAX

Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -DisplayName <String[]> [-Confirm] [-WhatIf]
[<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetFirewallAddressFilter <CimInstance>
[-Confirm] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-IPsecRuleName] <String[]> [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>]
[-EndpointType <EndpointType>] [-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] [-Confirm] [-WhatIf]
[<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetIPsecPhase2AuthSet <CimInstance> [-Confirm]
[-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-Servers <String[]>] [-ThrottleLimit <Int32>] -InputObject <CimInstance[]> [-Confirm] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-All] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] [-Confirm] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetIPsecQuickModeCryptoSet <CimInstance>
[-Confirm] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetIPsecPhase1AuthSet <CimInstance> [-Confirm]
[-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetFirewallInterfaceTypeFilter <CimInstance>
[-Confirm] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AllowSetKey <Boolean[]>] [-AllowWatchKey <Boolean[]>] [-AsJob] [-CimSession <CimSession[]>] [-Description <String[]>]
[-DisplayGroup <String[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-Enabled <Enabled[]>] [-EncryptedTunnelBypass <Boolean[]>] [-EndpointType <EndpointType>]
[-ForwardPathLifetime <UInt32[]>] [-GPOSession <String>] [-Group <String[]>] [-InboundSecurity <SecurityPolicy[]>] [-KeyModule <KeyModule[]>] [-Machine <String[]>] [-Mode
<IPsecMode[]>] [-OutboundSecurity <SecurityPolicy[]>] [-Phase1AuthSet <String[]>] [-Phase2AuthSet <String[]>] [-PolicyStore <String>] [-PolicyStoreSource <String[]>]
[-PolicyStoreSourceType <PolicyStoreType[]>] [-PrimaryStatus <PrimaryStatus[]>] [-QuickModeCryptoSet <String[]>] [-RemoteTunnelHostname <String[]>] [-RequireAuthorization
<Boolean[]>] [-Servers <String[]>] [-Status <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] [-User <String[]>] [-Confirm] [-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetFirewallPortFilter <CimInstance> [-Confirm]
[-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetFirewallProfile <CimInstance> [-Confirm]
[-WhatIf] [<CommonParameters>]
Sync-NetIPsecRule [-AddressType <AddressVersion>] [-AsJob] [-CimSession <CimSession[]>] [-DnsServers <String[]>] [-Domains <String[]>] [-EndpointType <EndpointType>]
[-GPOSession <String>] [-PolicyStore <String>] [-Servers <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetFirewallInterfaceFilter <CimInstance>
[-Confirm] [-WhatIf] [<CommonParameters>]

Search powershellhelp.space

DESCRIPTION

The Sync-NetIPsecRule cmdlet detects changes in IPsec addresses retrieved from current IPsec addresses and input values, returns the addresses, and then updates the IPsec
rule end points.


The first tunnel policy is defined by IP addresses that are derived from domain names and servers. Running this cmdlet resolves the IP addresses for the DirectAccess (DA)
first tunnel and updates the Group Policy Objects (GPOs) appropriately. The specified DNS server, using the DnsServers parameter, will be used to resolve the domain name and
server names.


A list of IP addresses is retrieved based on the derived values from input parameters like the Domains and Servers parameters. This cmdlet will output delta collection
objects and the associated actions: to Add or Delete the change in IP addresses, the actual list of changes detected, and a list of fully qualified domain names (FQDNs) that
did not resolve. When there are multiple rules that match the same name, the cmdlet fails with an error.


This parameter updates on per-rule basis with greater flexibility in rule selection or querying. Rules can be obtained using parameter values including IPsecRuleName
(default), DisplayName, rule properties, or by associated NetFirewall filters or NetIPsec objects. The resultant specified end point of the queried rule is immediately
updated.

<

RELATED LINKS

Online Version: http://go.microsoft.com/fwlink/?LinkId=288378
Get-NetFirewallAddressFilter
Get-NetFirewallInterfaceFilter
Get-NetFirewallInterfaceTypeFilter
Get-NetFirewallPortFilter
Get-NetFirewallProfile
Get-NetIPsecPhase1AuthSet
Get-NetIPsecPhase2AuthSet
Get-NetIPsecQuickModeCryptoSet
New-NetIPsecRule
Open-NetGPO
Save-NetGPO
Set-NetIPsecRule
New-GPO

REMARKS

<

Examples