In Mobile Device Manager (MDM) Shell, several cmdlets are available that let you configure MDM Gateway Server.
By using the Set-MDMGlobalGatewayConfigcmdlet, you can configure global settings shared by every MDM Gateway Server. This includes the following:
- Time-out value for dead peer detection
- Period before MDM Gateway Server starts an Internet Key
Exchange (IKE) SA or IPsec SA rekey
- The Diffie-Hellman Groups used for key exchange
- The IPsec cryptographic algorithms used
In addition, you can use the Set-MDMGatewayServercmdlet to configure settings for a specific MDM Gateway Server. This includes the following:
- Internal and external addresses
- Virtual private network (VPN) address pool
- Primary and backup Domain Name System (DNS) and Windows
Internet Name Server (WINS) IP addresses
- Default gateway server for tunneled traffic from managed
You can also start or stop the VPN service on a specific MDM Gateway Server by using the Start-MDMVPNServiceand Stop-MDMVPNServicecmdlets.