Usage: defaultrule policy = qmpfs = (yes | no) activate = (yes | no) qmsecmethods = (neg#1 neg#2 . neg#n) kerberos = (yes ...

Windows Server 2003

Usage:   defaultrule [ policy = ]                [ [ qmpfs = ] (yes | no) ]               [ [ activate = ] (yes | no) ]               [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ]               [ [ kerberos = ] (yes | no) ]               [ [ psk = ]  ]               [ [ rootca = ] " certmap:(yes | no) excludecaname:(yes | no)" ]    Modifies the default response rule of the specified policy.  Parameters:    Tag           Value   policy       -Name of the policy for which the default response rule is                 to be modified.   qmpfs        -Option to set quick mode perfect forward secrecy.   activate     -Activates the rule in the policy if ‘yes' is specified.   qmsecmethods -IPSec offer in one of the following formats:                 ESP[ConfAlg,AuthAlg]:k/s                 AH[HashAlg]:k/s                 AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/s                 where ConfAlg can be DES, or 3DES or None.                 where AuthAlg can be MD5, or SHA1 or None.                 where HashAlg is MD5 or SHA1.                 where k is lifetime in kilobytes.                 where s is lifetime in seconds.   kerberos     -Provides Kerberos authentication if ‘yes' is specified.   psk          -Provides authentication using a specified preshared key.   rootca       -Provides authentication using a specified root certificate,                 attempts to map the cert if certmap:Yes is specified,                 excludes the CA name if excludecaname:Yes is specified.  Remarks:  1. Certificate, mapping, and CA name settings are all to be within              quotes; embedded quotes are to be replaced with \'.           2. Certificate mapping is valid only for domain members.           3. Multiple certificates can be provided by using the rootca              parameter multiple times.           4. The preference of each authentication method is determined by              its order in the command.           5. If no auth methods are stated, dynamic defaults are used.  Examples: set defaultrule Policy1 activate=y           qmsec="AH[MD5]+ESP[3DES,MD5]:100000k/2000s"

Usage: all format = (list | table) wide = (yes | no) Displays all policies, filter lists, and filter actions. Parameters: ... Usage: all resolvedns = (yes | no) Displays details of all policies, filters, SAs, and statistics from SPD. Parameters: Tag ... Usage: atmadm options where options are one or more of: -c List all connections -a List all registered addresses -s Display ... Usage: config property = (ipsecdiagnostics | ipsecexempt | ipsecloginterval | ikelogging | strongcrlcheck | bootmode | bootexemptions) ... Usage: defaultrule policy = qmpfs = (yes | no) activate = (yes | no) qmsecmethods = (neg#1 neg#2 . neg#n) kerberos = (yes ... Usage: evntcmd options filename options options: -?,-h usage help; -s sysname target 'sysname' for configuration; -v number ... Usage: exportpolicy file = Exports all the policies to a file. Parameters: Tag Value name -Name of the file into which the ... Usage: filter filterlist = srcaddr = (ip | dns | server) dstaddr = (ip | dns | server) description = protocol = (ANY | ICMP ... Usage: filter filterlist = srcaddr = (ip | dns | server) dstaddr = (ip | dns | server) protocol = (ANY | ICMP | TCP | UDP ...