public override void Execute() { base.Execute(); var vpnclientIpsecPolicy = new PSIpsecPolicy(); // default SA values vpnclientIpsecPolicy.SALifeTimeSeconds = (!this.MyInvocation.BoundParameters.ContainsKey("SALifeTime")) ? 7200 : this.SALifeTime; vpnclientIpsecPolicy.SADataSizeKilobytes = (!this.MyInvocation.BoundParameters.ContainsKey("SADataSize")) ? 104857600 : this.SADataSize; vpnclientIpsecPolicy.IpsecEncryption = (!this.MyInvocation.BoundParameters.ContainsKey("IpsecEncryption")) ? MNM.IpsecEncryption.GCMAES256 : this.IpsecEncryption; vpnclientIpsecPolicy.IpsecIntegrity = (!this.MyInvocation.BoundParameters.ContainsKey("IpsecIntegrity")) ? MNM.IpsecIntegrity.GCMAES256 : this.IpsecIntegrity; // GCM matching check if ((vpnclientIpsecPolicy.IpsecEncryption.Contains("GCM") || vpnclientIpsecPolicy.IpsecIntegrity.Contains("GCM")) && vpnclientIpsecPolicy.IpsecEncryption != vpnclientIpsecPolicy.IpsecIntegrity) { throw new ArgumentException("Vpnclient IpsecEncryption and IpsecIntegrity must use matching GCM algorithms"); } vpnclientIpsecPolicy.IkeEncryption = (!this.MyInvocation.BoundParameters.ContainsKey("IkeEncryption")) ? MNM.IkeEncryption.AES256 : this.IkeEncryption; vpnclientIpsecPolicy.IkeIntegrity = (!this.MyInvocation.BoundParameters.ContainsKey("IkeIntegrity")) ? MNM.IkeIntegrity.SHA256 : this.IkeIntegrity; vpnclientIpsecPolicy.DhGroup = (!this.MyInvocation.BoundParameters.ContainsKey("DhGroup")) ? MNM.DhGroup.DHGroup24 : this.DhGroup; vpnclientIpsecPolicy.PfsGroup = (!this.MyInvocation.BoundParameters.ContainsKey("PfsGroup")) ? MNM.PfsGroup.PFS24 : this.PfsGroup; WriteObject(vpnclientIpsecPolicy); }
public override void Execute() { base.Execute(); var ipsecPolicy = new PSIpsecPolicy(); // default SA values ipsecPolicy.SALifeTimeSeconds = (!this.MyInvocation.BoundParameters.ContainsKey("SALifeTimeSeconds")) ? 27000 : this.SALifeTimeSeconds; ipsecPolicy.SADataSizeKilobytes = (!this.MyInvocation.BoundParameters.ContainsKey("SADataSizeKilobytes")) ? 102400000 : this.SADataSizeKilobytes; // GCM matching check if ((this.IpsecEncryption.Contains("GCM") || this.IpsecIntegrity.Contains("GCM")) && this.IpsecEncryption != this.IpsecIntegrity) { throw new ArgumentException("IpsecEncryption and IpsecIntegrity must use matching GCM algorithms"); } // SADataSizeKilobytes either 0 or between 1024 and 2147483647 if (ipsecPolicy.SADataSizeKilobytes != 0 && (ipsecPolicy.SADataSizeKilobytes < 1024 || ipsecPolicy.SADataSizeKilobytes > int.MaxValue)) { throw new ArgumentException("SA life time in kilobytes must be 0 or between 1024 and 2147483647 included."); } ipsecPolicy.IpsecEncryption = this.IpsecEncryption; ipsecPolicy.IpsecIntegrity = this.IpsecIntegrity; ipsecPolicy.IkeEncryption = this.IkeEncryption; ipsecPolicy.IkeIntegrity = this.IkeIntegrity; ipsecPolicy.DhGroup = this.DhGroup; ipsecPolicy.PfsGroup = this.PfsGroup; WriteObject(ipsecPolicy); }
public override void Execute() { base.Execute(); var ipsecPolicy = new PSIpsecPolicy(); ipsecPolicy.SALifeTimeSeconds = this.SALifeTimeSeconds; ipsecPolicy.SADataSizeKilobytes = this.SADataSizeKilobytes; ipsecPolicy.IpsecEncryption = this.IpsecEncryption; ipsecPolicy.IpsecIntegrity = this.IpsecIntegrity; ipsecPolicy.IkeEncryption = this.IkeEncryption; ipsecPolicy.IkeIntegrity = this.IkeIntegrity; ipsecPolicy.DhGroup = this.DhGroup; ipsecPolicy.PfsGroup = this.PfsGroup; WriteObject(ipsecPolicy); }
public override void Execute() { base.Execute(); var ipsecPolicy = new PSIpsecPolicy(); // default SA values ipsecPolicy.SALifeTimeSeconds = (!this.MyInvocation.BoundParameters.ContainsKey("SALifeTimeSeconds")) ? 27000 : this.SALifeTimeSeconds; ipsecPolicy.SADataSizeKilobytes = (!this.MyInvocation.BoundParameters.ContainsKey("SADataSizeKilobytes")) ? 102400000 : this.SADataSizeKilobytes; // GCM matching check if ((this.IpsecEncryption.Contains("GCM") || this.IpsecIntegrity.Contains("GCM")) && this.IpsecEncryption != this.IpsecIntegrity) { throw new ArgumentException("IpsecEncryption and IpsecIntegrity must use matching GCM algorithms"); } ipsecPolicy.IpsecEncryption = this.IpsecEncryption; ipsecPolicy.IpsecIntegrity = this.IpsecIntegrity; ipsecPolicy.IkeEncryption = this.IkeEncryption; ipsecPolicy.IkeIntegrity = this.IkeIntegrity; ipsecPolicy.DhGroup = this.DhGroup; ipsecPolicy.PfsGroup = this.PfsGroup; WriteObject(ipsecPolicy); }