Set-RASGatewayDefaultSettings
Modifies default settings used to configure a RAS Secure Gateway.
Set-RASGatewayDefaultSettings [-AllowAppsInNewTab <bool>] [-AllowCORS <bool>] [-AllowedDomainsForCORS <List`1>] [-AllowEmbed <bool>] [-AllowLaunchMethod <bool>] [-AlternateNLBHost <string>] [-AlternateNLBPort <uint>] [-AutoCertificate <SwitchParameter>] [-AutoPreferredBroker <SwitchParameter>] [-Broadcast <bool>] [-BrowserCacheTimeInMonths <uint>] [-CertificateId <uint>] [-CertificateObj <Certificate>] [-Cipher <string>] [-CipherPreference <bool>] [-CipherStrength {Low | Medium | High | Custom}] [-ClientDetectionTimeout <uint>] [-ClientIPPDetectionServiceURL <string>] [-ClipboardDirection {None | ClientToServer | ServerToClient | Bidirectional}] [-DetectClientMode {Automatic | Manual}] [-DisableWyseCertWarn <bool>] [-DOSPro <bool>] [-EnableAlternateNLBHost <bool>] [-EnableAlternateNLBPort <bool>] [-EnableDeviceManagerPort <bool>] [-EnableGatewayPort <bool>] [-EnableHSTS <bool>] [-EnableRDP <bool>] [-EnableRDPUDP <bool>] [-EnableSSL <bool>] [-EnableUserPortal <bool>] [-EnableWyseSupport <bool>] [-FileTransferMode {Disabled | ClientToServer | ServerToClient | Bidirectional}] [-ForwardGatewayServers <string>] [-ForwardHttpServers <string>] [-GatewayPort <uint>] [-HSTSIncludeSubdomains <bool>] [-HSTSMaxAge <uint>] [-HSTSPreload <bool>] [-LaunchMethod {ParallelsClientAndWebClient | ParallelsClientAndHTML5 | ParallelsClient | WebClient | HTML5}] [-MACAllowExcept <string[]>] [-MACAllowOnly <string[]>] [-MinSSLVersion {TLSv1 | TLSv1_1 | TLSv1_2 | TLSv1_3}] [-Mode {Normal | Forwarding}] [-NormalModeForwarding <bool>] [-OnlyAllowAcmeHttp <bool>] [-PreferredBrokerId <uint>] [-PreferredBrokerObj <Broker>] [-RDPPort <uint>] [-SecurityMode {AllowAllExcept | AllowOnly}] [-SiteId <uint>] [-SSLPort <uint>] [-UseClientIPDetectionService <bool>] [-UsePreWin2000LoginFormat <bool>] [-UserPortalPort <uint>] [-UseSecureWebCookie <bool>] [-WebCookie <string>] [-WebRequestsURL <string>] [<CommonParameters>]
Modifies default settings used to configure a RAS Secure Gateway.
For each setting, the cmdlet has a corresponding input parameter. To modify a setting, specify a matching parameter and its value.
Default settings are defined on a site level and are applied to a Gateway when it is initially added to the site.
To retrieve the current defaults settings, use the Get-RASGatewayDefaultSettings cmdlet.
-SiteId <uint> Site ID for which to modify the default Gateway settings.
-Mode <GatewayMode> Gateway Mode. Accepted values: Normal, Forwarding.
Possible values: Normal, Forwarding
-NormalModeForwarding <bool> Forward requests to HTTP server.
-ForwardGatewayServers <string> One or multiple (separated by comma) Forwarding Gateway Servers.
E.g. localhost:80, web1
-AutoPreferredBroker <SwitchParameter> Set preferred Broker Automatically.
-PreferredBrokerObj <Broker> The preferred Connection Broker.
To obtain an object of type Broker representing the Preferred Connection Broker, use the Get-RASBroker cmdlet.
-PreferredBrokerId <uint> The preferred Connection Broker ID.
-ForwardHttpServers <string> One or multiple (separated by comma) Forwarding HTTP Servers.
E.g. localhost:81, web1
-EnableGatewayPort <bool> Enable or disable a custom RAS Secure Gateway port.
To specify a custom port, set this parameter to True and use the GatewayPort parameter to specify the port number.
-GatewayPort <uint> A custom Gateway port number. For this port to take effect, the EnableGatewayPort parameters must be set to $True.
-OnlyAllowAcmeHttp <bool> Whether to ignore all incoming requests except for Acme ones received on 'GatewayPort'
-EnableRDP <bool> Enable or disable a custom RDP port.
To specify a custom port number, use the RDPPort parameter.
-RDPPort <uint> A custom RDP port number. For this port to take effect, the EnableRDPPort parameter must be set to True.
-Broadcast <bool> Enable or disable the 'Broadcast RAS Secure Gateway Address' option.
-EnableRDPUDP <bool> Enable or disable the 'RDP UDP Data Tunneling' option.
-EnableDeviceManagerPort <bool> Enable or disable the 'Device Manager Port' option.
-DOSPro <bool> Enable or disable the 'RDP DOS Attack Filter' option.
-EnableSSL <bool> Enable or disable SSL on the port specified in the SSLPort parameter.
-SSLPort <uint> SSL port number. To enable the port, set the EnableSSL port parameter to True.
-MinSSLVersion <AcceptedSSLVersion> Minimum SSL version. Accepted values: TLSv1_3 (TLS v1.3 only, strong), TLSv1_2 (TLS v1.2 - TLS v1.3), TLSv1_1 (TLS v1.1 - TLS v1.3), TLSv1 (TLS v1 - TLS v1.3).
Possible values: TLSv1, TLSv1_1, TLSv1_2, TLSv1_3
-CipherStrength <CipherStrength> Cipher strength. Accepted values: Low, Medium, High, Custom.
Possible values: Low, Medium, High, Custom
-Cipher <string> Cipher string.
-CipherPreference <bool> Enable or disable Use ciphers according to server preference.
-AutoCertificate <SwitchParameter> Set Certificate Automatically.
-CertificateObj <Certificate> The Certificate.
To obtain an object of type Certificate, use the Get-Certificate cmdlet.
-CertificateId <uint> The Certificate ID.
-EnableHSTS <bool> Enable or disable HSTS.
To specify a custom HSTS Age, set this parameter to True and use the HSTSMaxAge parameter to specify the HSTS maximum age.
-HSTSMaxAge <uint> Specifies the HSTS maximum age.
-HSTSIncludeSubdomains <bool> Enable or disable the HSTS sub-domains.
-HSTSPreload <bool> Enable or disable the HSTS preload.
-EnableUserPortal <bool> Enable or disable User Portal connectivity on the Gateway.
-UserPortalPort <uint> A custom User Portal port number.
-LaunchMethod <LaunchMethod> Launch method.
Possible values: ParallelsClientAndWebClient, ParallelsClientAndHTML5, ParallelsClient, WebClient, HTML5
-AllowLaunchMethod <bool> Allow users to select a resource launch method.
-AllowAppsInNewTab <bool> Allow users to start applications in a new browser tab.
-UsePreWin2000LoginFormat <bool> Enable or disable the 'Use Pre Windows 2000 Login Format' option.
-AllowEmbed <bool> Allow embedding of Web Client into other web pages.
-FileTransferMode <FileTransferControlMode> File Transfer option. Possible values are: 0 (Disabled), 1 (client to Server only), 2 {Server To Client only), 3 (Bidirectional).
Possible values: Disabled, ClientToServer, ServerToClient, Bidirectional
-ClipboardDirection <ClipboardDirections> State of clipboard direction.
Possible values: None, ClientToServer, ServerToClient, Bidirectional
-AllowCORS <bool> Allow cross-origin resource sharing.
-AllowedDomainsForCORS <List`1> Allowed domains for cross-origin resource sharing.
-UseClientIPDetectionService <bool> Use Client IP detection service.
-ClientIPPDetectionServiceURL <string> Client IP detection service URL.
-DetectClientMode <DetectClientMode> Detection mode.
Automatically on sign in
Manually on user prompt (Default)
Possible values: Automatic, Manual
-ClientDetectionTimeout <uint> Client detection timeout in seconds.
-BrowserCacheTimeInMonths <uint> How long should the browser preserve the cache (in months).
-EnableAlternateNLBHost <bool> Enable or disable Alternate NLB host name specified in the EnableAlternateNLBHost parameter.
-AlternateNLBHost <string> Alternate NLB host name. To enable the host name, set the EnableAlternateNLBHost port parameter to True.
-EnableAlternateNLBPort <bool> Enable or disable Alternate NLB on the port specified in the AlternateNLBPort parameter.
-AlternateNLBPort <uint> Alternate NLB port number. To enable the port, set the EnableAlternateNLBPort port parameter to True.
-EnableWyseSupport <bool> Enable or disable Wyse ThinOS support.
-DisableWyseCertWarn <bool> Enable or disable the warning if server certificate is not verified.
-SecurityMode <GatewaySecurityMode> Security Mode. Accepted values: AllowAllExcept, AllowOnly.
Possible values: AllowAllExcept, AllowOnly
-MACAllowExcept <string[]> Specifies the Security 'MAC Allow Except' MAC addresses.
-MACAllowOnly <string[]> Specifies the Security 'MAC Allow Only' MAC addresses.
-WebRequestsURL <string> Set a URL for Web requests.
This is the URL that will open when a user enters the IP address
of the RAS Secure Gateway server in a web browser.
For the URL to work, the gateway mode must be set to Normal.
-WebCookie <string> Set the Web Cookie Name used by RAS.
-UseSecureWebCookie <bool> Enable or disable the addition of the secure attribute to the cookie to the Web Cookie.
<CommonParameters>
-none-
-none-
---------- EXAMPLE 1 ----------
Set-RASGatewayDefaultSettings -SiteId 2 -GatewayPort 90
Sets the default value of the GatewayPort property for the specified site.