%1!s!
[ name = ] name
[ [ state = ] ENABLE|DISABLE
[ processingorder = ] processingorder
[ policysource = ] policysource
[ conditionid = ] conditionid
[ conditiondata = ] conditiondata
[ profileid = ] profileid
[ profiledata = ] profiledata ]
Adds network policy configuration.
name - the name (required).
state - the state (optional).
ENABLE - enabled (default).
DISABLE - disabled.
processingorder - the processing order (optional).
policysource - the policy source (optional).
0 - Unspecified(default).
1 - Terminal Server Gateway.
2 - Remote Access Server(VPN-Dial up).
3 - DHCP Server.
5 - Health Registration Authority.
6 - HCAP.
conditionid - the condition id (at least one condition).
conditiondata - the condition data (at least one condition).
profileid - the profile id (optional).
profiledata - the profile data (optional).
Usage of IP Filters:
profileid = advprofiletype = "" advprofiledata = ""
Each profileid can be followed by multiple pairs of advprofiletype and
advprofiledata.
The following are supported:
Name ID
-----------------------------------------------------------
MS-Quarantine-IPFilter 0x1045
MS-Filter 0x102f
MS-IPv6-Filter 0x1fd0
For , the following are supported:
Name profileType
-----------------------------------------------------------
IPv4 Input filters IPFILTER_IPV4INFILTER
IPv4 Output filters IPFILTER_IPV4OUTFILTER
IPv6 Input filters IPFILTER_IPV6INFILTER
IPv6 Output filters IPFILTER_IPV6OUTFILTER
For advprofiledata, the format of is:
,,,,, Required. Specifies whether IP traffic is permitted or denied:
PERMIT - Specifies that all IP traffic is permitted except for the packets
that you designate with the ,,,
and parameters in this command.
DENY - Specifies that all IP traffic is denied except for the packets
that you designate with the ,,,
and parameters in this command.
Required. Specifies either an IPv4 or an IPv6 address
Required. Specifies the IPv4 subnet mask or the IPv6 prefix length:
"x.x.x.x" - Specifies an IPv4 subnet mask.
- Specifies an IPv6 prefix length.
Optional. Specifies the protocol number as an integer, such as 6
for TCP or 17 for UDP.
and Optional. Specifies the source port
and destination port as integers. If specified, you must designate
both a source port and a destination port. If you do not specify a
source port and destination port, all IP traffic to the specified
IP address will be permitted or denied based on the value of .
Example:
%1!s! name = ""Connections to other access servers"" state = "enable"
processingorder = "2" policysource = "0" conditionid = "0x1006"
conditiondata = "0 00:00-24:00; 1 00:00-24:00" profileid = "0x102f"
advprofiletype = "IPFILTER_IPV4INFILTER"
advprofiledata = "PERMIT,234.234.234.0,255.255.255.0,17,0,0"