Microsoft Windows [Version 6.0.6001] (C) Copyright 2006 Microsoft Corp. c:\windows>netsh ipsec static set filteraction ?
Usage:
filteraction [ name = ]|[ guid = ][[ newname = ]][[ description = ]][[ qmpfs = ] (yes | no) ][[ inpass = ] (yes | no) ][[ soft = ] (yes | no) ][[ action = ] (permit | block | negotiate) ][[ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ]
Modifies a filter action.
Parameters:
Tag Value
name | guid -Name or guid of the filter action.
newname -New name of the filter action.
description -Brief information about the filter action.
qmpfs -Option to set quick mode perfect forward secrecy.
inpass -Accept unsecured communication, but always respond
using IPsec. This takes a value of either 'yes' or 'no'.
soft -Allow unsecured communication with non-IPsec-aware computers.
This takes a value of either 'yes' or 'no'.
action -This takes permit or block or negotiate.
qmsecmethods -IPsec offer in one of the following formats:
ESP[ConfAlg,AuthAlg]:k/s
AH[HashAlg]:k/s
AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/s
where ConfAlg can be DES or 3DES or None.
where AuthAlg can be MD5 or SHA1 or None.
where HashAlg is MD5 or SHA1.
where k is lifetime in kilobytes.
where s is lifetime in seconds.
Remarks: The use of DES and MD5 is not recommended. These cryptographic
algorithms are provided for backward compatibility only.
Examples:1. set filteraction name=test qmsec=ESP[3DES,MD5]:100000k/2000s
2. set filteraction guid={11E6E97E-0031-49f5-AC7D-5F2FE99BABAF}
inpass=y