Add-SCVPNConnection
Adds a VPN connection to a virtual machine network.
Syntax
Add-SCVPNConnection
[-VMMServer <ServerConnection>]
[-VMNetworkGateway] <VMNetworkGateway>
[-Name <String>]
[-Description <String>]
[-TargetIPv4VPNAddress <String>]
[-TargetIPv6VPNAddress <String>]
[-EncryptionMethod <VPNEncryptionMethod>]
[-IntegrityCheckMethod <VPNIntegrityCheckMethod>]
[-CipherTransformConstants <VPNCipherTransformConstants>]
[-AuthenticationTransformConstants <VPNAuthenticationTransformConstants>]
[-PFSGroup <VPNPFSGroup>]
[-DHGroup <VPNDHGroup>]
-Protocol <VPNProtocol>
[-AuthenticationMethod <VPNAuthenticationMethod>]
[-Secret <RunAsAccount>]
[-Certificate <ClientCertificate>]
[-IPSecMainSALifeTimeSeconds <UInt32>]
[-IPSecMainSALifeTimeKiloBytes <UInt32>]
[-IPSecQuickSALifeTimeSeconds <UInt32>]
[-IPSecQuickSALifeTimeKiloBytes <UInt32>]
[-IPSecIdleDisconnectSeconds <UInt32>]
[-LocalTrafficSelectors <TrafficSelector[]>]
[-RemoteTrafficSelectors <TrafficSelector[]>]
[-MaximumBandwidthInboundKbps <UInt64>]
[-MaximumBandwidthOutboundKbps <UInt64>]
[-RunAsynchronously]
[-PROTipID <Guid>]
[-JobVariable <String>]
[-OnBehalfOfUser <String>]
[-OnBehalfOfUserRole <UserRole>]
[<CommonParameters>]Add-SCVPNConnection
[-VMMServer <ServerConnection>]
[-VMNetworkGateway] <VMNetworkGateway>
[-Name <String>]
[-Description <String>]
[-TargetIPv4VPNAddress <String>]
[-TargetIPv6VPNAddress <String>]
-Protocol <VPNProtocol>
[-MaximumBandwidthInboundKbps <UInt64>]
[-MaximumBandwidthOutboundKbps <UInt64>]
[-GRETunnel]
[-GREKey <UInt32>]
[-GREIPv4Address <String>]
[-GREIPv6Address <String>]
[-RunAsynchronously]
[-PROTipID <Guid>]
[-JobVariable <String>]
[-OnBehalfOfUser <String>]
[-OnBehalfOfUserRole <UserRole>]
[<CommonParameters>]Add-SCVPNConnection
[-VMMServer <ServerConnection>]
[-VMNetworkGateway] <VMNetworkGateway>
-NextHopNetwork <VMNetwork>
[-Name <String>]
[-Description <String>]
-Protocol <VPNProtocol>
[-MaximumBandwidthInboundKbps <UInt64>]
[-MaximumBandwidthOutboundKbps <UInt64>]
-IPAddresses <String[]>
-PeerIPAddresses <String[]>
[-RunAsynchronously]
[-PROTipID <Guid>]
[-JobVariable <String>]
[-OnBehalfOfUser <String>]
[-OnBehalfOfUserRole <UserRole>]
[<CommonParameters>]Description
The Add-SCVPNConnection cmdlet adds a virtual private network (VPN) connection to a virtual machine network to establish a site-to-site tunnel from a Virtual Machine Manager (VMM) managed network gateway to another endpoint.
Examples
Example 1: Adds a VPN connection
PS C:\> $VmNetworkGateway = Get-SCVMNetworkGateway -Name "VMGateway01"
PS C:\> $RunAsAccount = Get-SCRunAsAccount -ID "972567d5-96ad-472e-9790-831bae5fd69c"
PS C:\> $VpnConnection = Add-SCVPNConnection -AuthenticationMethod "PSKOnly" -AuthenticationTransformConstants "SHA196" -CipherTransformConstants "AES256" -DHGroup "Group2" -EncryptionMethod "AES256" -IntegrityCheckMethod "SHA1" -PFSGroup "PFS2048" -Protocol "IKEv2" -Name "IPSec" -TargetIPv4VPNAddress "100.100.100.100" -Secret $RunAsAccount -VMNetworkGateway $VmNetworkGatewayThe first command gets a network gateway named VMGateway01, and then stores it in the $VmNetworkGateway variable.
The second command gets a Run As account, and then stores it in the $RunAsAccount variable.
This account is used to add the VPN connection.
The final command adds a VPN connection to the virtual machine network gateway in $VmNetworkGateway, and then stores it in the $VpnConnection variable.
Parameters
-AuthenticationMethod
Specifies a virtual private network (VPN) authentication method.
Valid values are: PSKOnly, MachineCertificates.
Type: VPNAuthenticationMethod Accepted values: PSKOnly, MachineCertificates Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
Specifies a virtual private network (VPN) transform constant.
Valid values are:
SHA256128
MD596
SHA196
GCMAES128
GCMAES192
GCMAES256
Type: VPNAuthenticationTransformConstants Accepted values: SHA256128, MD596, SHA196, GCMAES128, GCMAES192, GCMAES256, SHA256, None Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-Certificate
Specifies a security certificate object.
Type: ClientCertificate Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
Specifies a virtual private network cipher transform constants.
Valid values are:
DES
DES3
AES128
AES192
AES256
GCMAES128
GCMAES192
GCMAES256
Type: VPNCipherTransformConstants Accepted values: DES, DES3, AES128, AES192, AES256, GCMAES128, GCMAES192, GCMAES256, None Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-Description
Specifies a description for the VPN connection.
Type: String Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-DHGroup
Specifies a virtual private network (VPN) Diffie-Hellman (DH) group.
Valid values are:
None
Group1
Group2
Group14
ECP256
ECP384
Group24
Type: VPNDHGroup Accepted values: None, Group1, Group2, Group14, ECP256, ECP384, Group24 Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-EncryptionMethod
Specifies a virtual private network (VPN) encryption method.
Valid values are:
DES
DES3
AES128
AES192
AES256
Type: VPNEncryptionMethod Accepted values: DES, DES3, AES128, AES192, AES256, CBCDES, CBCDES3, AES128CBC, AES192CBC, AES256CBC, GCMAES128, GCMAES192, GCMAES256 Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-GREIPv4Address
Specifies a Generic Route Encapsulation (GRE) IPv4 address.
Type: String Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-GREIPv6Address
Specifies a GRE IPv6 address.
Type: String Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-GREKey
Specifies a GRE key.
Type: UInt32 Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-GRETunnel
Indicates that this cmdlet uses a GRE tunnel.
Type: SwitchParameter Position: Named Default value: None Required: True Accept pipeline input: False Accept wildcard characters: False
-IntegrityCheckMethod
Specifies a virtual private network (VPN) integrity check method.
Valid values are:
Type: VPNIntegrityCheckMethod Accepted values: MD5, SHA1, SHA256, SHA384, SHA196 Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-IPAddresses
Type: String [ ] Position: Named Default value: None Required: True Accept pipeline input: False Accept wildcard characters: False
-IPSecIdleDisconnectSeconds
Type: UInt32 Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-IPSecMainSALifeTimeKiloBytes
Type: UInt32 Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-IPSecMainSALifeTimeSeconds
Type: UInt32 Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-IPSecQuickSALifeTimeKiloBytes
Type: UInt32 Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-IPSecQuickSALifeTimeSeconds
Type: UInt32 Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-JobVariable
Specifies that job progress is tracked and stored in the variable named by this parameter.
Type: String Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-LocalTrafficSelectors
Type: TrafficSelector [ ] Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-MaximumBandwidthInboundKbps
Specifies, in kbps, the maximum inbound bandwidth.
Type: UInt64 Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-MaximumBandwidthOutboundKbps
Specifies, in kbps, the maximum outbound bandwidth.
Type: UInt64 Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-Name
Specifies the name of a VMM object.
Type: String Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-NextHopNetwork
Specifies a VMNetwork object.
Type: VMNetwork Position: Named Default value: None Required: True Accept pipeline input: False Accept wildcard characters: False
-OnBehalfOfUser
Specifies a user name.
This cmdlet operates on behalf of the user that this parameter specifies.
Type: String Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-OnBehalfOfUserRole
Specifies a user role.
To obtain a user role, use the Get-SCUserRole cmdlet.
This cmdlet operates on behalf of the user role that this parameter specifies.
Type: UserRole Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-PeerIPAddresses
Type: String [ ] Position: Named Default value: None Required: True Accept pipeline input: False Accept wildcard characters: False
-PFSGroup
Specifies a virtual private network (VPN) Perfect Forward Secrecy (PFS) group.
Valid values are:
None
PFS1
PFS2
PFS2048
ECP256
ECP384
PFSMM
PFS24
Type: VPNPFSGroup Accepted values: None, PFS1, PFS2, PFS2048, ECP256, ECP384, PFSMM, PFS24, PFS14 Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-PROTipID
Specifies the ID of the Performance and Resource Optimization tip (PRO tip) that triggered this action.
This parameter lets you audit PRO tips.
Type: Guid Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-Protocol
Specifies a VPN protocol.
The acceptable values for this parameter are:
Type: VPNProtocol Accepted values: IKEv2, L2TP, PPTP, GRE, L3, IPSec Position: Named Default value: None Required: True Accept pipeline input: False Accept wildcard characters: False
-RemoteTrafficSelectors
Type: TrafficSelector [ ] Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-RunAsynchronously
Indicates that the job runs asynchronously so that control returns to the command shell immediately.
Type: SwitchParameter Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-Secret
Specifies a Run As account.
To obtain a Run As account, use the Get-SCRunAsAccount cmdlet.
Type: RunAsAccount Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-TargetIPv4VPNAddress
Specifies a target VPN address in IPv4 format.
Type: String Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-TargetIPv6VPNAddress
Specifies a target VPN address in IPv6 format.
Type: String Position: Named Default value: None Required: False Accept pipeline input: False Accept wildcard characters: False
-VMMServer
Specifies a VMM server object.
Type: ServerConnection Position: Named Default value: None Required: False Accept pipeline input: True Accept wildcard characters: False
-VMNetworkGateway
Specifies a virtual machine network gateway object.
To obtain a VMNetworkGateway object, use the Get-SCVMNetworkGateway cmdlet.
Type: VMNetworkGateway Position: 0 Default value: None Required: True Accept pipeline input: False Accept wildcard characters: False