Remarks: - Sets a new parameter value on an identified rule. The command fails if the rule does not exist. To create a rule, ...

Remarks:

      - Sets a new parameter value on an identified rule. The command fails
        if the rule does not exist. To create a rule, use the add command.
      - Values after the new keyword are updated in the rule.  If there are
        no values, or keyword new is missing, no changes are made.
      - A group of rules can only be enabled or disabled.
      - If multiple rules match the criteria, all matching rules will be
        updated.
      - Rule name should be unique and cannot be "all".
      - Auth1 and auth2 can be comma-separated lists of options.
      - Computerpsk and computerntlm methods cannot be specified together
        for auth1.
      - Computercert cannot be specified with user credentials for auth2.
      - Certsigning options ecdsap256 and ecdsap384 are only supported on 
        Windows Vista SP1 and later.
      - Qmsecmethods can be a list of proposals separated by a ",".
      - For qmsecmethods, integrity=md5|sha1|sha256|aesgmac128|aesgmac192|
        aesgmac256|aesgcm128|aesgcm192|aesgcm256  and
        encryption=3des|des|aes128|aes192|aes256|aesgcm128|aesgcm192|aesgcm256.
      - If aesgcm128, aesgcm192, or aesgcm256 is specified, it must be used for
        both ESP integrity and encryption.
      - Aesgmac128, aesgmac192, aesgmac256, aesgcm128, aesgcm192, aesgcm256,
        sha256 are only supported on Windows Vista SP1 and later. 
      - If qmsemethods are set to default, qmpfs will be set to default
        as well.
      - Qmpfs=mainmode uses the main mode key exchange setting for PFS.
      - The use of DES, MD5 and DHGroup1 is not recommended. These
        cryptographic algorithms are provided for backward compatibility
        only.
      - The " characters within CA name must be replaced with \'
      - For auth1ca and auth2ca, the CA name must be prefixed by 'CN='.
      - catype can be used to specify the Certification authority type -
        catype=root/intermediate
      - authnoencap is supported on Windows 7 and later.
      - authnoencap means that the computers will only use authentication,
        and will not use any per packet encapsulation or encryption
        algorithms to protect subsequent network packets exchanged as part
        of this connection.
      - QMPFS and authnoencap cannot be used together on the same rule.
      - AuthNoEncap must be accompanied by at least one AH or ESP integrity
        suite.
      - When mode=tunnel action must be requireinrequireout, requireinclearout
        or noauthentication.
      - requireinclearout is not valid when mode=Transport.
      - applyauthz can only be specified for tunnel mode rules.
      - exemptipsecprotectedconnections can only be specified
        for tunnel mode rules. By setting this flag to "Yes", 
        ESP traffic will be exempted from the tunnel. 
        AH only traffic will NOT be exempted from the tunnel. 
      - Port1, Port2 and Protocol can only be specified when mode=transport.
      - Valuemin(when specified) for a qmsecmethod should be between 5-2880
        minutes. Valuekb(when specified) for a qmsecmethod should be
        between 20480-2147483647 kilobytes.
      - Certhash specifies the thumbprint, or hash of the certificate.
      - Followrenewal specifies whether to automatically follow renewal
        links in certificates. Only applicable for certificate section
        (requires certhash).
      - Certeku specifies the comma separated list of EKU OIDs to match
        in the certificate.
      - Certname specifies the string to match for certificate name
        (requires certnametype).
      - Certnametype specifies the certificate field for the certname
        to be matched against (requires certname).