Microsoft Windows [Version 6.0.6001] (C) Copyright 2006 Microsoft Corp. c:\windows>netsh ipsec static set policy ?
Usage:
policy [ name = ]|[ guid = ][[ newname = ]][[ description = ]][[ mmpfs = ] (yes | no) ][[ qmpermm = ]][[ mmlifetime = ]][[ activatedefaultrule = ] ( yes | no) ][[ pollinginterval = ]][[ assign = ] (yes | no) ][[ gponame = ]][[ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ]
Modifies a policy.
Parameters:
Tag Value
name | guid -Name of the policy, or guid.
newname -New name.
description -Brief information.
mmpfs -Sets master perfect forward secrecy.
qmpermm -Number of quick modes per main mode.
mmlifetime -Time in minutes to rekey.
activatedefaultrule -Activates the default response rule. Valid only for versions of Windows prior to Windows Vista.
pollinginterval -Time in minutes to check for change in policy store.
assign -Assigns the policy.
gponame -Local AD group policy object name to which the policy
can be assigned. Valid when the store is domain.
mmsecmethods -List of one or more space separated security
methods in the form of ConfAlg-HashAlg-GroupNum.
Remarks: 1. If mmpfs is specified, qmpermm is set to 1.
2. A GPO name can only be specified if the store is set to domain.
3. The use of DES and MD5 is not recommended. These cryptographic
algorithms are provided for backward compatibility only.
Examples: 1. set policy name=Policy mmpfs=y gpo=DomainPolicy assign=y
2. set policy guid={11E6E97E-0031-49f5-AC7D-5F2FE99BABAF}
newname=NewName gpo=DefaultDomainPolicy assign=y