The Add-VMNetworkAdapterAcl cmdlet creates an ACL to apply to the traffic through a virtual machine network adapter.
When a virtual network adapter is created there is no ACL on it.
Given a list of IP-based ACL entries to be applied to traffic in the same direction, the longest match rule decides which one of the entries is most appropriate to apply to a specific packet.
This example gets virtual machine Redmond and adds an ACL to deny it to send any traffic to a device with MAC address 03-0f-01-0e-aa-b2 or to receive any traffic from that device.
This example gets virtual network adapters from virtual machine Redmond and adds an ACL to meter outgoing traffic sent to IP subnet 192.168.0.0/16.
Parameters
-Action
Specifies the action for the ACL.
Allowed values are Allow, Deny, and Meter.
A metering ACL must be IP-based, i.e.
either -RemoteIPAddress or -LocalIPAddress must be specified.
Parameter properties
Type:
VMNetworkAdapterAclAction
Default value:
None
Accepted values:
Allow, Deny, Meter
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
True
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-CimSession
Runs the cmdlet in a remote session or on a remote computer.
Enter a computer name or a session object, such as the output of a New-CimSession or Get-CimSession cmdlet.
The default is the current session on the local computer.
Parameter properties
Type:
CimSession[]
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
VMName
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
ManagementOS
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-ComputerName
Specifies one or more Hyper-V hosts on which the ACL is to be created.
NetBIOS names, IP addresses, and fully qualified ___domain names are allowable.
The default is the local computer.
Use localhost or a dot (.) to specify the local computer explicitly.
Parameter properties
Type:
String[]
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
VMName
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
ManagementOS
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
Type:
SwitchParameter
Default value:
False
Supports wildcards:
False
DontShow:
False
Aliases:
cf
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Credential
Specifies one or more user accounts that have permission to perform this action.
The default is the current user.
Parameter properties
Type:
PSCredential[]
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
VMName
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
ManagementOS
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Direction
Specifies the direction of the network traffic to which the ACL is to apply.
Allowed values are Inbound, Outbound, or Both.
. If Both is specified, the new ACL entry is added to both the inbound direction and the outbound direction.
In the output of Get-VMNetworkAdapterAcl, the ACL entry appears in both the inbound ACL list and the outbound ACL list.
Parameter properties
Type:
VMNetworkAdapterAclDirection
Default value:
None
Accepted values:
Inbound, Outbound, Both
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
True
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-LocalIPAddress
Specifies the local IP address to which the ACL is to apply.
For an inbound packet, this is the destination IP address in the packet header; for an outbound packet, this is the source IP address in the packet header.
It can be either IPv4 or IPv6 address.
It can be either a host address or a subnet address, e.g.
1.2.3.4, 2001::2008, 192.168.1.0/24, or f001:f002:f003:f004::1/64.
The IP address can also be a wildcard, 0.0.0.0/0 for all IPv4 addresses, ::/0 for all IPv6 addresses, or ANY for all IPv4 and IPv6 addresses.
Parameter properties
Type:
String[]
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-LocalMacAddress
Specifies the local MAC address to which the ACL is to apply.
For an inbound packet, this is the destination MAC address in the packet header; for an outbound packet, this is the source MAC address in the packet header.
It can be a host MAC address, e.g.
00-ab-00-11-22-33, or a wildcard, ANY, for all MAC addresses.
Parameter properties
Type:
String[]
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-ManagementOS
Specifies that the ACL is to be applied in the management (i.e.
the parent, or host) operating system.
Parameter properties
Type:
SwitchParameter
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
ManagementOS
Position:
Named
Mandatory:
True
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Passthru
Specifies that an object is to be passed through to the pipeline representing the ACL to be added.
Parameter properties
Type:
SwitchParameter
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-RemoteIPAddress
Specifies the remote IP address to which this ACL is to apply.
For an inbound packet, this is the source IP address in the packet header; for an outbound packet, this is the destination IP address in the packet header.
It can be either IPv4 or IPv6 address.
It can be either a host address or a subnet address, e.g.
1.2.3.4, 2001::2008, 192.168.1.0/24, or f001:f002:f003:f004::1/64.the IP address can also be a wildcard, 0.0.0.0/0 for all IPv4 addresses, ::/0 for all IPv6 addresses, or ANY for all IPv4 and IPv6 addresses.
Parameter properties
Type:
String[]
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-RemoteMacAddress
Specifies the remote MAC address to which this ACL is to apply.
For an inbound packet, this is the source MAC address in the packet header; for an outbound packet, this is the destination MAC address in the packet header.
It can be a host MAC address, e.g.
00-ab-00-11-22-33, or a wildcard, ANY, for all MAC addresses.
Parameter properties
Type:
String[]
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-VM
Specifies the virtual machine on which the ACL is to apply.
Parameter properties
Type:
VirtualMachine[]
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
VMObject
Position:
0
Mandatory:
True
Value from pipeline:
True
Value from pipeline by property name:
False
Value from remaining arguments:
False
-VMName
Specifies the name of the virtual machine on which the ACL is to apply.
Parameter properties
Type:
String[]
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
VMName
Position:
0
Mandatory:
True
Value from pipeline:
True
Value from pipeline by property name:
False
Value from remaining arguments:
False
-VMNetworkAdapter
Specifies the virtual machine network adapter to which the ACL is to apply.
Parameter properties
Type:
VMNetworkAdapterBase[]
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
ResourceObject
Position:
0
Mandatory:
True
Value from pipeline:
True
Value from pipeline by property name:
False
Value from remaining arguments:
False
-VMNetworkAdapterName
Specifies the name of the virtual machine network adapter to which the ACL is to apply.
Parameter properties
Type:
String
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
VMName
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
ManagementOS
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
VMObject
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
Parameter properties
Type:
SwitchParameter
Default value:
False
Supports wildcards:
False
DontShow:
False
Aliases:
wi
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters.