Usage: set global statefulftp|statefulpptp enable|disable|notconfigured set global ipsec (parameter) (value) set global mainmode (parameter) (value) | notconfigured IPsec Parameters: strongcrlcheck - Configures how CRL checking is enforced. 0: Disable CRL checking (default) 1: Fail if cert is revoked 2: Fail on any error notconfigured: Returns the value to its not configured state. saidletimemin - Configures the security association idle time in minutes. - Usage: 5-60|notconfigured (default=5) defaultexemptions - Configures the default IPsec exemptions. Default is to exempt IPv6 neighbordiscovery protocol and DHCP from IPsec. - Usage: none|neighbordiscovery|icmp|dhcp|notconfigured ipsecthroughnat - Configures when security associations can be established with a computer behind a network address translator. - Usage: never|serverbehindnat| serverandclientbehindnat| notconfigured(default=never) authzcomputergrp - Configures the computers that are authorized to establish tunnel mode connections. - Usage: none||notconfigured authzusergrp - Configures the users that are authorized to establish tunnel mode connections. - Usage: none| |notconfigured Main Mode Parameters: mmkeylifetime - Sets main mode key lifetime in minutes or sessions, or both. - Usage: min, sess minlifetime: <1> min, maxlifetime: <2880> min minsessions: <0> sessions, maxsessions: <2,147,483,647> sessions mmsecmethods - configures the main mode list of proposals - Usage: keyexch:enc-integrity,keyexch:enc-integrity[,...]|default - keyexch=dhgroup1|dhgroup2|dhgroup14| ecdhp256|ecdhp384 - enc=3des|des|aes128|aes192|aes256 - integrity=md5|sha1|sha256|sha384 mmforcedh - configures the option to use DH to secure key exchange. - Usage: yes|no (default=no) Remarks: - Configures global settings, including advanced IPsec options. - The use of DES, MD5 and DHGroup1 is not recommended. These cryptographic algorithms are provided for backward compatibility only. - The mmsecmethods keyword default sets the policy to: dhgroup2-aes128-sha1,dhgroup2-3des-sha1 Examples: Disable CRL checking: netsh advfirewall set global ipsec strongcrlcheck 0 Turn on the Firewall support for stateful FTP: netsh advfirewall set global statefulftp enable Set global main mode proposals to the default value: netsh advfirewall set global mainmode mmsecmethods default Set global main mode proposals to a customer list: netsh advfirewall set global mainmode mmsecmethods dhgroup1:des-md5,dhgroup1:3des-sha1
Usage: set allprofiles (parameter) (value) Parameters: state - Configure the firewall state. Usage: state on|off|notconfigured ...
Usage: set cachesize size=]{DEFAULT| } percent=]{TRUE|FALSE} Parameters: Tag Value size - The size of the cache. Entered ...
Usage: set currentprofile (parameter) (value) Parameters: state - Configure the firewall state. Usage: state on|off|notconfigured ...
Usage: set domainprofile (parameter) (value) Parameters: state - Configure the firewall state. Usage: state on|off|notconfigured ...
Usage: set global statefulftp|statefulpptp enable|disable|notconfigured set global ipsec (parameter) (value) set global mainmode ...
Usage: set key passphrase= Parameters: Tag Value passphrase - A passphrase to use to generate the key. If a passphrase is ...
Usage: set latency latency= Parameters: Tag Value latency - Minimum link latency to the branch office before SMB will use ...
Usage: set localcache directory=]{DEFAULT| } Parameters: Tag Value directory - The fully qualified path to the directory ...
Usage: set options netevents = ON | OFF keywords = NONE | BCAST | MCAST| BCAST+MCAST Parameters: Tag Value netevents - Can ...