Share via

AddByCustomPolicy method of the PS_VpnS2SInterface class

Creates an S2S Interface with the specified parameters.

Syntax

uint32 AddByCustomPolicy(
  [in]  string             Name,
  [in]  string             Protocol,
  [in]  string             Destination[],
  [in]  boolean            AdminStatus,
  [in]  boolean            PromoteAlternate,
  [in]  string             AuthenticationMethod,
  [in]  string             PostConnectionIPv4Subnet[],
  [in]  string             PostConnectionIPv6Subnet[],
  [in]  boolean            InitiateConfigPayload,
  [in]  string             RadiusAttributeClass,
  [in]  uint32             EnableQoS,
  [in]  uint64             TxBandwidthKbps,
  [in]  uint64             RxBandwidthKbps,
  [in]  string             IPv4TriggerFilter[],
  [in]  string             IPv6TriggerFilter[],
  [in]  boolean            Persistent,
  [in]  uint32             IPv4TriggerFilterAction,
  [in]  uint32             IPv6TriggerFilterAction,
  [in]  uint32             SADataSizeForRenegotiationKilobytes,
  [in]  string             IPv4Subnet[],
  [in]  string             IPv6Subnet[],
  [in]  string             ResponderAuthenticationMethod,
  [in]  boolean            PassThru,
  [in]  string             RoutingDomain,
  [in]  uint8              Certificate[],
  [in]  string             SharedSecret,
  [in]  uint32             NetworkOutageTimeSeconds,
  [in]  uint32             NumberOfTries,
  [in]  uint32             RetryIntervalSeconds,
  [in]  uint32             SALifeTimeSeconds,
  [in]  uint32             MMSALifeTimeSeconds,
  [in]  string             EapMethod,
  [in]  boolean            InternalIPv4,
  [in]  boolean            InternalIPv6,
  [in]  uint32             IdleDisconnectSeconds,
  [in]  string             UserName,
  [in]  string             Password,
  [in]  boolean            CustomPolicy,
  [in]  uint32             EncryptionMethod,
  [in]  uint32             IntegrityCheckMethod,
  [in]  uint32             CipherTransformConstants,
  [in]  uint32             AuthenticationTransformConstants,
  [in]  uint32             PfsGroup,
  [in]  uint32             DHGroup,
  [in]  string             SourceIPAddress,
  [in]  VpnTrafficSelector LocalVpnTrafficSelector[],
  [in]  VpnTrafficSelector RemoteVpnTrafficSelector[],
  [out] VpnS2SInterface    cmdletOutput
);

Parameters

Name [in]

Specifies the name of the connection.

Protocol [in]

Specifies the underlying protocol.

Destination [in]

Specifies the destination end-point of the S2S connection.

AdminStatus [in]

Specifies the admin status of the cmdlet.

PromoteAlternate [in]

Specifies whether an alternate IP address that connects successfully becomes the primary IP address, and whether the current primary IP address is moved to the alternate list.

AuthenticationMethod [in]

Specifies the authentication method to be used by the S2S connection.

PostConnectionIPv4Subnet [in]

The IPv4 subnet to route. The routes specified by the subnet do not trigger the S2S connection.

Windows Server 2012: This parameter was renamed from IPv4DontTriggerSubnet in Windows Server 2012 R2.

PostConnectionIPv6Subnet [in]

The IPv6 subnet to route. The routes specified by the subnet do not trigger the S2S connection.

Windows Server 2012: This parameter was renamed from IPv6DontTriggerSubnet in Windows Server 2012 R2.

InitiateConfigPayload [in]

A value that indicates whether negotiate the configuration with peers. True to negotiate the configuration with peers; otherwise false.

Windows Server 2012: This parameter is unavailable before Windows Server 2012 R2.

RadiusAttributeClass [in]

The Class attribute of the RADIUS server.

Windows Server 2012: This parameter is unavailable before Windows Server 2012 R2.

EnableQoS [in]

Indicates whether QoS is enabled on the network interface. 0 to enable QoS; otherwise 1.

Windows Server 2012: This parameter was renamed from QoS in Windows Server 2012 R2.

TxBandwidthKbps [in]

The bandwidth limit for incoming traffic from the VPN interface, in kbps.

Windows Server 2012: This parameter is unavailable before Windows Server 2012 R2.

RxBandwidthKbps [in]

The bandwidth limit for outgoing traffic to the VPN interface, in kbps.

Windows Server 2012: This parameter is unavailable before Windows Server 2012 R2.

IPv4TriggerFilter [in]

An array that contains the demand dial filters for the IPv4 Transport.

Windows Server 2012: This parameter is unavailable before Windows Server 2012 R2.

IPv6TriggerFilter [in]

Sets and array that contains the demand dial filters for the IPv6 Transport.

Windows Server 2012: This parameter is unavailable before Windows Server 2012 R2.

Persistent [in]

A value that indicates whether the connection is persistent or triggered by network traffic. True if the connection is persistent; otherwise false.

Windows Server 2012: This parameter is unavailable before Windows Server 2012 R2.

IPv4TriggerFilterAction [in]

Sets the value that indicates whether the IPv4 trigger filters initiates the S2S connection. This parameter can be set to one of the following values.

Windows Server 2012: This parameter is unavailable before Windows Server 2012 R2.

0

Allow

1

Block

IPv6TriggerFilterAction [in]

Sets the value that indicates whether the IPv6 trigger filters initiates the S2S connection. This parameter can be set to one of the following values.

Windows Server 2012: This parameter is unavailable before Windows Server 2012 R2.

0

Allow

1

Block

SADataSizeForRenegotiationKilobytes [in]

The number of kilobytes that are allowed to transfer using a SA. After the transfer, the SA will be renegotiated.

IPv4Subnet [in]

Specifies the IPv4 subnet that is routed on this connection with metric.

IPv6Subnet [in]

Specifies the IPv6 subnet that is routed on this connection with metric.

ResponderAuthenticationMethod [in]

Specifies the responder authentication method to be used by the S2S connection.

PassThru [in]

Indicates whether the cmdletOutput parameter returns an object. True to return an object other false.

RoutingDomain [in]

Specifies the RoutingDomainName in which interface is to be added.

Windows Server 2012: This parameter is unavailable before Windows Server 2012 R2.

Certificate [in]

Certificate to be used in default store. Applicable only if the AuthenticationMethod property is set to "MachineCert".

SharedSecret [in]

Text of the Shared Secret to be used in dialing the connection. Applicable only if the AuthenticationMethod property is set to "PSK".

NetworkOutageTimeSeconds [in]

Maximum network outage time after which the connection is disconnected.

NumberOfTries [in]

The number of times the connection is retried. Specify 0 for an unlimited number of retries.

RetryIntervalSeconds [in]

Number of seconds between retries.

SALifeTimeSeconds [in]

The lifetime of a security association (SA) in seconds, after which the SA is no longer valid.

MMSALifeTimeSeconds [in]

Lifetime of main mode security association (SA) in seconds, after which the MM SA is no longer valid.

Windows Server 2012 R2 and Windows Server 2012: This parameter is supported starting with Windows Server 2016.

EapMethod [in]

Specifies the EAP method if the AuthenticationMethod property is EAP.

InternalIPv4 [in]

Specifies negotiation of IPv4 address.

InternalIPv6 [in]

Specifies negotiation of IPv6 address.

IdleDisconnectSeconds [in]

A value that specifies the time, in seconds, after which an idle connection is terminated. Unless the idle time-out is disabled, the entire connection is terminated if the connection is idle for the specified interval.

UserName [in]

Username to be used for dialing this connection. Applicable only if the AuthenticationMethod property is set to "EAP".

Password [in]

Password of the username to be used for dialing the connection. Applicable only if the AuthenticationMethod property is set to "EAP".

CustomPolicy [in]

Specifies custom IKE IPsec policies, must be a separate parameter set.

EncryptionMethod [in]

Encryption method plumbed in IKE policy.

IntegrityCheckMethod [in]

Integrity method plumbed in IPsec policy.

CipherTransformConstants [in]

Cipher plumbed in IPsec policy.

AuthenticationTransformConstants [in]

Auth transform plumbed in IPsec policy.

PfsGroup [in]

PFS Group plumbed in IPsec policy.

DHGroup [in]

DH Group plumbed in IPsec policy.

SourceIPAddress [in]

The source IP address.

Windows Server 2012: This parameter is not available before Windows Server 2012 R2.

LocalVpnTrafficSelector [in]

An embedded instance of a local VpnTrafficSelector to be negotiated.

Windows Server 2012 R2 and Windows Server 2012: This method is not available before Windows Server 2016.

RemoteVpnTrafficSelector [in]

An embedded instance of a remote VpnTrafficSelector to be negotiated.

Windows Server 2012 R2 and Windows Server 2012: This method is not available before Windows Server 2016.

cmdletOutput [out]

Contains an embedded instance of a VpnS2SInterface class containing the cmdlet output.

Requirements
Minimum supported client
 None supported
Minimum supported server
 Windows Server 2012
Namespace
 Root\Microsoft\Windows\RemoteAccess
MOF
RAMgmtPSProvider.mof
DLL
RAMgmtPSProvider.dll

See also

PS_VpnS2SInterface