Usage: add rule name= mmsecmethods=dhgroup1|dhgroup2|dhgroup14|ecdhp256| ecdhp384:3des|des|aes128|aes192|aes256-md5|sha1|sha256 ...

Windows 7

Usage: add rule name=
      mmsecmethods=dhgroup1|dhgroup2|dhgroup14|ecdhp256|
      ecdhp384:3des|des|aes128|aes192|aes256-md5|sha1|sha256
      |sha384[,...]|default
      [mmforcedh=yes|no (default=no)]
      [mmkeylifetime=min,sess]
      [description=]
      [enable=yes|no (default=yes)]
      [profile=any|current|public|private|domain[,...]]
      [endpoint1=any|||
      ||]
      [endpoint2=any|localsubnet|dns|dhcp|wins|defaultgateway|
      ||||]
      [auth1=computerkerb|computercert|computercertecdsap256|
      computercertecdsap384|computerpsk|computerntlm|anonymous[,...]]
      [auth1psk=]
      [auth1ca=" [certmapping:yes|no] [excludecaname:yes|no] 
      [catype:root|intermediate (default=root)] | ..."]
      [auth1healthcert=yes|no (default=no)]
      [auth1ecdsap256ca=" [certmapping:yes|no]
      [excludecaname:yes|no] 
      [catype:root|intermediate (default=root)] | ..."]
      [auth1ecdsap256healthcert=yes|no (default=no)]
      [auth1ecdsap384ca=" [certmapping:yes|no]
      [excludecaname:yes|no] 
      [catype:root|intermediate (default=root)] | ..."]
      [auth1ecdsap384healthcert=yes|no (default=no)]
      [type=dynamic|static (default=static)]

Remarks:

      - Add a new mainmode rule to the firewall policy.
      - Rule name should be unique and cannot be "all".
      - Computerpsk and computerntlm methods cannot be
        specified together for auth1.
      - The use of DES, MD5 and DHGroup1 is not recommended.
        These cryptographic algorithms are provided for backward
        compatibility   only.
      - The minimum main mode keylifetime is mmkeylifetime=1min.
        The maximum main mode mmkeylifetime= 2880min.
        The minimum number of sessions= 0 sessions.
        The maximum = 2,147,483,647 sessions.
      - The mmsecmethods keyword default sets the policy to:
        dhgroup2-aes128-sha1,dhgroup2-3des-sha1

Examples:

      -Add a main mode rule
       Netsh advfirewall mainmode add rule name="test"
       description="Mainmode for RATH"
       Mmsecmethods=dhgroup2:3des-sha256,ecdhp384:3des-sha384
       auth1=computercert,computercertecdsap256
       auth1ca="C=US, O=MSFT, CN=\'Microsoft North,
       South, East, and West Root Authority\'"
       auth1healthcert=no
       auth1ecdsap256ca="C=US, O=MSFT, CN=\'Microsoft North,
       South, East, and West Root Authority\'"
       auth1ecdsap256healthcert=yes
       mmkeylifetime=2min profile=domain

Usage: %ws modifiers switch accountname Where "accountname" can be the name or domain ame of the target computer or user ... Usage: ADD PLEX LUN= NOERR ADD TPGROUP TPORTAL= NOERR Adds an existing LUN as a plex to the currently selected LUN or adds ... Usage: add rule name= dir=in|out action=allow|block|bypass program= service= |any description= enable=yes|no (default=yes) ... Usage: add rule name= endpoint1=any|localsubnet|dns|dhcp|wins|defaultgateway| | | | | endpoint2=any|localsubnet|dns|dhcp|wins|defaultgateway| ... Usage: add rule name= mmsecmethods=dhgroup1|dhgroup2|dhgroup14|ecdhp256| ecdhp384:3des|des|aes128|aes192|aes256-md5|sha1|sha256 ... Usage: all format = (list | table) wide = (yes | no) Displays all policies, filter lists, and filter actions. Parameters: ... Usage: all resolvedns = (yes | no) Displays details of all policies, filters, SAs, and statistics from SPD. Parameters: Tag ... Usage: ASSOCIATE CONTROLLERS ADD , ,. ASSOCIATE PORTS ADD - , - ,. ASSOCIATE TARGETS ADD , ,. Adds or replaces the list of ... Usage: AuditPol /backup /file: This command backs up system audit policy settings and per-user audit policy settings for ...