Resource Type: windows_firewall_global

Overview

Manage windows global firewall settings

Properties

authzcomputergrp

Configures the computers that are authorized to establish tunnel mode connections
authzcomputergrptransport

Authz computer transport
authzusergrp

Configures the users that are authorized to establish tunnel mode connections
authzusergrptransport

Authz user group transport
boottimerulecategory

Boot time rule category
consecrulecategory

“con sec rule category
defaultexemptions

Configures the default IPsec exemptions. Default is to exempt IPv6 neighbordiscovery protocol and DHCP from IPsec
Supported values:
- none
- neighbordiscovery
- icmp
- dhcp
- notconfigured
firewallrulecategory

Firewall rule category
forcedh

configures the option to use DH to secure key exchange
Supported values:
- yes
- no
ipsecthroughnat

Configures when security associations can be established with a computer behind a network address translator
Supported values:
- never
- serverbehindnat
- serverandclientbehindnat
- notconfigured
keylifetime

Sets main mode key lifetime in minutes and sessions
saidletimemin

Configures the security association idle time in minutes
secmethods

configures the main mode list of proposals
statefulftp

Stateful FTP
Supported values:
- enable
- disable
- notconfigured
statefulpptp

Stateful PPTP
Supported values:
- enable
- disable
- notconfigured
stealthrulecategory

Stealth rule category
strongcrlcheck

Configures how CRL checking is enforced

Parameters

name (namevar)

Not used (reference only)
provider

The specific backend to use for this ‘windows_firewall_global` resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.