Tag Value name | id -Name or ID of the rule. policy -Name of the policy, the rule belongs to. newname -New name of the rule. description -Brief information about the rule. filterlist -Name of the filter list to be used. filteraction -Name of the filter action to be used. tunnel -Tunnel ip address or dns name. conntype -Connection type can be 'lan', 'dialup' or 'all'. activate -Activates the rule in the policy if 'yes' is specified. kerberos -Provides Kerberos authentication if 'yes' is specified. psk -Provides authentication using a specified preshared key. rootca -Provides authentication using a specified root certificate, attempts to map the cert if certmap:Yes is specified, excludes the CA name if excludecaname:Yes is specified.
Remarks: 1. Certificate, mapping, and CA name settings are all to be within quotes; embedded quotes are to be replaced with \'. 2. Certificate mapping is valid only for domain members. 3. Multiple certificates can be provided by using the rootca parameter multiple times. 4. The preference of each authentication method is determined by its order in the command. 5. If no auth methods are stated, dynamic defaults are used. 6. All authentication methods are overwritten with the stated list. 7. Excluding the root certification authority (CA) name prevents the name from being sent as part of the certificate request.
Examples: 1. set rule name=Rule policy=Policy activate=yes rootca="C=US,O=MSFT,CN=\'Microsoft North, South, East, and West Root Authority\' certmap:yes excludecaname:no" 2. set rule id=3 Policy newname=RuleNew tunnel=22.214.171.124
NETSH / IPSEC / STATIC / SET / RULE
netsh ipsec static set rule - Windows Vista - commandModifies a rule. - Windows Vista netsh, ipsec, static, set, rule, cmd, command, Windows, Vista