EnableIPFilterSec

Enables IPsec globally across all IP-bound network adapters.

Enables IPsec globally across all IP-bound network adapters.

Example

Do not run below example code just to see what happens next. Many methods seriously affect your system. Always make sure you actually understand what the method and the code do.

# define the arguments you want to submit to the method
# remove values that you do not want to submit
# make sure you replace values with meaningful content before running the code
# see section "Parameters" below for a description of each argument.
$arguments = @{
    IPFilterSecurityEnabled = [Boolean](12345)  # replace 12345 with a meaningful value
}


Invoke-CimMethod -ClassName Win32_NetworkAdapterConfiguration -Namespace Root/CIMV2 -MethodName EnableIPFilterSec -Arguments $arguments |
Add-Member -MemberType ScriptProperty -Name ReturnValueFriendly -Passthru -Value {
  switch ([int]$this.ReturnValue)
  {
        0        {'Successful completion, no reboot required'}
        1        {'Successful completion, reboot required'}
        64       {'Method not supported on this platform'}
        65       {'Unknown failure'}
        66       {'Invalid subnet mask'}
        67       {'An error occurred while processing an Instance that was returned'}
        68       {'Invalid input parameter'}
        69       {'More than 5 gateways specified'}
        70       {'Invalid IP  address'}
        71       {'Invalid gateway IP address'}
        72       {'An error occurred while accessing the Registry for the requested information'}
        73       {'Invalid domain name'}
        74       {'Invalid host name'}
        75       {'No primary/secondary WINS server defined'}
        76       {'Invalid file'}
        77       {'Invalid system path'}
        78       {'File copy failed'}
        79       {'Invalid security parameter'}
        80       {'Unable to configure TCP/IP service'}
        81       {'Unable to configure DHCP service'}
        82       {'Unable to renew DHCP lease'}
        83       {'Unable to release DHCP lease'}
        84       {'IP not enabled on adapter'}
        85       {'IPX not enabled on adapter'}
        86       {'Frame/network number bounds error'}
        87       {'Invalid frame type'}
        88       {'Invalid network number'}
        89       {'Duplicate network number'}
        90       {'Parameter out of bounds'}
        91       {'Access denied'}
        92       {'Out of memory'}
        93       {'Already exists'}
        94       {'Path, file or object not found'}
        95       {'Unable to notify service'}
        96       {'Unable to notify DNS service'}
        97       {'Interface not configurable'}
        98       {'Not all DHCP leases could be released/renewed'}
        100      {'DHCP not enabled on adapter'}
        default  {'Unknown Error '}
    }
}

To run this method on one or more remote systems, use New-CimSession:

$ComputerName = 'server12','server14'  # adjust to your server names
$Credential   = Get-Credential         # submit a user account with proper permissions

# define the arguments you want to submit to the method
# remove values that you do not want to submit
# make sure you replace values with meaningful content before running the code
# see section "Parameters" below for a description of each argument.
$arguments = @{
    IPFilterSecurityEnabled = [Boolean](12345)  # replace 12345 with a meaningful value
}


$session = New-CimSession -ComputerName $ComputerName -Credential $Credential

Invoke-CimMethod -ClassName Win32_NetworkAdapterConfiguration -Namespace Root/CIMV2 -MethodName EnableIPFilterSec -Arguments $arguments -CimSession $session |
Add-Member -MemberType ScriptProperty -Name ReturnValueFriendly -Passthru -Value {
  switch ([int]$this.ReturnValue)
  {
        0        {'Successful completion, no reboot required'}
        1        {'Successful completion, reboot required'}
        64       {'Method not supported on this platform'}
        65       {'Unknown failure'}
        66       {'Invalid subnet mask'}
        67       {'An error occurred while processing an Instance that was returned'}
        68       {'Invalid input parameter'}
        69       {'More than 5 gateways specified'}
        70       {'Invalid IP  address'}
        71       {'Invalid gateway IP address'}
        72       {'An error occurred while accessing the Registry for the requested information'}
        73       {'Invalid domain name'}
        74       {'Invalid host name'}
        75       {'No primary/secondary WINS server defined'}
        76       {'Invalid file'}
        77       {'Invalid system path'}
        78       {'File copy failed'}
        79       {'Invalid security parameter'}
        80       {'Unable to configure TCP/IP service'}
        81       {'Unable to configure DHCP service'}
        82       {'Unable to renew DHCP lease'}
        83       {'Unable to release DHCP lease'}
        84       {'IP not enabled on adapter'}
        85       {'IPX not enabled on adapter'}
        86       {'Frame/network number bounds error'}
        87       {'Invalid frame type'}
        88       {'Invalid network number'}
        89       {'Duplicate network number'}
        90       {'Parameter out of bounds'}
        91       {'Access denied'}
        92       {'Out of memory'}
        93       {'Already exists'}
        94       {'Path, file or object not found'}
        95       {'Unable to notify service'}
        96       {'Unable to notify DNS service'}
        97       {'Interface not configurable'}
        98       {'Not all DHCP leases could be released/renewed'}
        100      {'DHCP not enabled on adapter'}
        default  {'Unknown Error '}
    }
}


Remove-CimSession -CimSession $session

Learn more about Invoke-CimMethod and invoking WMI methods.

Syntax

uint32 EnableIPFilterSec(
  [in] boolean IPFilterSecurityEnabled
);

Parameters

Name Type Description
IPFilterSecurityEnabled Boolean The IPFilterSecurityEnabled parameter specifies whether IP security is enabled globally across all IP-bound network adapters. If the input parameter IPFilterSecurityEnabled is TRUE, security is enabled. If the input parameter IPFilterSecurityEnabled is FALSE, all port and protocol traffic are allowed to flow unfiltered.

Return Value

Returns a value of type UInt32. Return values:

$returnValues = @{
    0    = 'Successful completion, no reboot required'
    1    = 'Successful completion, reboot required'
    64   = 'Method not supported on this platform'
    65   = 'Unknown failure'
    66   = 'Invalid subnet mask'
    67   = 'An error occurred while processing an Instance that was returned'
    68   = 'Invalid input parameter'
    69   = 'More than 5 gateways specified'
    70   = 'Invalid IP  address'
    71   = 'Invalid gateway IP address'
    72   = 'An error occurred while accessing the Registry for the requested information'
    73   = 'Invalid domain name'
    74   = 'Invalid host name'
    75   = 'No primary/secondary WINS server defined'
    76   = 'Invalid file'
    77   = 'Invalid system path'
    78   = 'File copy failed'
    79   = 'Invalid security parameter'
    80   = 'Unable to configure TCP/IP service'
    81   = 'Unable to configure DHCP service'
    82   = 'Unable to renew DHCP lease'
    83   = 'Unable to release DHCP lease'
    84   = 'IP not enabled on adapter'
    85   = 'IPX not enabled on adapter'
    86   = 'Frame/network number bounds error'
    87   = 'Invalid frame type'
    88   = 'Invalid network number'
    89   = 'Duplicate network number'
    90   = 'Parameter out of bounds'
    91   = 'Access denied'
    92   = 'Out of memory'
    93   = 'Already exists'
    94   = 'Path, file or object not found'
    95   = 'Unable to notify service'
    96   = 'Unable to notify DNS service'
    97   = 'Interface not configurable'
    98   = 'Not all DHCP leases could be released/renewed'
    100  = 'DHCP not enabled on adapter'
}

Requirements

To use Win32_NetworkAdapterConfiguration, the following requirements apply:

PowerShell

Get-CimInstance was introduced with PowerShell Version 3.0, which in turn was introduced on clients with Windows 8 and on servers with Windows Server 2012.

If necessary, update Windows PowerShell to Windows PowerShell 5.1, or install PowerShell 7 side-by-side.

Operating System

Win32_NetworkAdapterConfiguration was introduced on clients with Windows Vista and on servers with Windows Server 2008.

Namespace

Win32_NetworkAdapterConfiguration lives in the Namespace Root/CIMV2. This is the default namespace. There is no need to use the -Namespace parameter in Get-CimInstance.

Implementation

Win32_NetworkAdapterConfiguration is implemented in CIMWin32.dll and defined in CIMWin32.mof. Both files are located in the folder C:\Windows\system32\wbem:

explorer $env:windir\system32\wbem
notepad $env:windir\system32\wbem\CIMWin32.mof