Windows 10 DLL File Information

Windows 10 DLL File Information - nshipsec.dll

The following DLL report was generated by automatic DLL script that scanned and loaded all DLL files in the system32 directory of Windows 10, extracted the information from them, and then saved it into HTML reports. If you want to view a report of another DLL, go to the main page of this Web site.

General Information

File Description:	Net Shell IP Security helper DLL
File Version:	10.0.10130.0 (fbl_impressive.150522-2224)
Company:	Microsoft Corporation
Product Name:	Microsoft® Windows® Operating System
DLL popularity	Very Low - There is no any other DLL in system32 directory that is statically linked to this file.
File Size:	373 KB
Total Number of Exported Functions:	1
Total Number of Exported Functions With Names:	1

Section Headers

Name	Virtual Address	Raw Data Size	% of File	Characteristics	Section Contains...
.text	0x00001000	355,328 Bytes	93.0%	Read, Execute	Code
.data	0x00058000	1,536 Bytes	0.4%	Write, Read	Initialized Data
.idata	0x0005b000	6,656 Bytes	1.7%	Read	Initialized Data
.didat	0x0005d000	512 Bytes	0.1%	Write, Read	Initialized Data
.rsrc	0x0005e000	1,536 Bytes	0.4%	Read	Initialized Data
.reloc	0x0005f000	15,360 Bytes	4.0%	Read, Discardable	Initialized Data

Static Linking

This means that when nshipsec.dll is loaded, the above files are automatically loaded too. If one of these files is corrupted or missing, nshipsec.dll won't be loaded.

General Resources Information

Resource Type	Number of Items	Total Size	% of File
Icons	0	0 Bytes	0.0%
Animated Icons	0	0 Bytes	0.0%
Cursors	0	0 Bytes	0.0%
Animated Cursors	0	0 Bytes	0.0%
Bitmaps	0	0 Bytes	0.0%
AVI Files	0	0 Bytes	0.0%
Dialog-Boxes	0	0 Bytes	0.0%
HTML Related Files	0	0 Bytes	0.0%
Menus	0	0 Bytes	0.0%
Strings	960	178,828 Bytes	46.8%
Type Libraries	0	0 Bytes	0.0%
Manifest	0	0 Bytes	0.0%
All Others	2	1,148 Bytes	0.3%
Total	962	179,976 Bytes	47.1%

Icons in this file

No icons found in this file

Cursors in this file

No cursors found in this file

Dialog-boxes list (up to 1000 dialogs)

No dialog resources in this file.

String resources in this dll (up to 1000 strings)

String ID	String Text
11110	Exports all the policies from the policy store.
11111	Imports the policies from a file to the policy store.
11112	Restores the default example policies.
11150	Usage: exportpolicy [ file = ] <string> Exports all the policies to a file. Parameters: Tag Value name -Name of the file into which the policies are exported. Remarks: .ipsec extension is by default added to the filename. Examples: exportpolicy Policy1
11151	Usage: importpolicy [ file = ] <string> Imports policies from the specified file. Parameters: Tag Value name -Name of the file from which the policies are imported. Remarks: Examples: importpolicy Policy1.ipsec
11152	Usage: restorepolicyexamples [release = ] (win2k \| win2003) Restores the default policies. Parameters: Tag Value release -OS release type, for default policies examples. Remarks: This command is only valid for the local computer policy store. Examples: 1. restorepolicyexamples release=win2003 2. restorepolicyexamples release=win2k
11200	Creates new policies and related information.
11210	Creates a policy with a default response rule.
11211	Creates an empty filter list.
11212	Creates a filter action.
11213	Creates a rule for the specified policy.
11214	Adds a filter to filter list.
11250	Usage: policy [ name = ] <string> [ [ description = ] <string> ] [ [ mmpfs = ] (yes \| no) ] [ [ qmpermm = ] <integer> ] [ [ mmlifetime = ] <integer> ] [ [ activatedefaultrule = ] (yes \| no) ] [ [ pollinginterval = ] <integer> ] [ [ assign = ] (yes \| no) ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] Creates a policy with the specified name. Parameters: Tag Value name -Name of the policy. description -Brief information about the policy. mmpfs -Option to set master perfect forward secrecy. qmpermm -Number of quick mode sessions per main mode session of IKE. mmlifetime -Time in minutes to rekey for main mode of IKE. activatedefaultrule -Activates or deactivates the default response rule. Valid only for versions of Windows prior to Windows Vista. pollinginterval -Polling Interval, time in minutes for policy agent to check for changes in policy store. assign -Assigns the policy as active or inactive. mmsecmethods -List of one or more space separated security methods in the form of ConfAlg-HashAlg-GroupNum, where ConfAlg can be DES or 3DES, HashAlg is MD5 or SHA1. GroupNum can be 1 (Low), 2 (Med), 3 (DH2048). Remarks: 1. If mmpfs is specified, qmpermm is set to 1. 2. If the store is 'domain' then ‘assign’ will have no effect. 3. The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Examples: add policy Policy1 mmpfs= yes assign=yes mmsec="3DES-SHA1-3 DES-MD5-3 3DES-MD5-2"
11251	Usage: filterlist [ name = ] <string> [ [ description = ] <string> ] Creates an empty filter list with the specified name. Parameters: Tag Value name -Name of the filter list. description -Brief information about the filter list. Remarks: Examples: add filterlist Filter1
11252	Usage: filteraction [ name = ] <string> [ [ description = ] <string> ] [ [ qmpfs = ] (yes \| no) ] [ [ inpass = ] (yes \| no) ] [ [ soft = ] (yes \| no) ] [ [ action = ] (permit \| block \| negotiate) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] Creates a filter action. Parameters: Tag Value name -Name of the filter action. description -Brief information about the type of filter action. qmpfs -Option to set quick mode perfect forward secrecy. inpass -Accept unsecured communication, but always respond using IPsec. This takes a value of either ‘yes’ or ‘no’. soft -Allow unsecured communication with non-IPsec-aware computers. This takes a value of either ‘yes’ or ‘no’. action -This takes permit, block or negotiate. qmsecmethods -IPsec offer in one of the following formats: ESP[ConfAlg,AuthAlg]:k/s AH[HashAlg]:k/s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/s where ConfAlg can be DES or 3DES or None. where AuthAlg can be MD5 or SHA1 or None. where HashAlg is MD5 or SHA1. where k is Lifetime in kilobytes. where s is Lifetime in seconds. Remarks: 1. Quick mode security methods are ignored if the action is not ‘negotiate’ 2. The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Examples: add filteraction name=FilterA qmpfs=yes soft=y action=negotiate qmsec="AH[MD5]:204800k/300s ESP[DES,SHA1]:30000k/480s"
11253	Usage: rule [ name = ] <string> [ policy = ] <string> [ filterlist = ] <string> [ filteraction = ] <string> [ [ tunnel = ] (ip \| dns) ] [ [ conntype = ] (lan \| dialup \| all) ] [ [ activate = ] (yes \| no) ] [ [ description = ] <string> ] [ [ kerberos = ] (yes \| no) ] [ [ psk = ] <preshared key> ] [ [ rootca = ] "<certificate> certmap:(yes \| no) excludecaname:(yes \| no)" ] Creates a rule with the specified filter list and filter action. Parameters: Tag Value name -Name of the rule. policy -Name of the policy the rule belongs to. filterlist -Name of the filter list to be used. filteraction -Name of the filter action to be used. tunnel -Tunnel end point IP address. conntype -Connection type can be lan, dialup or ‘all’. activate -Activates the rule in the policy if ‘yes’ is specified. description -Brief information about the rule. kerberos -Provides Kerberos authentication if ‘yes’ is specified. psk -Provides authentication using a specified preshared key. rootca -Provides authentication using a specified root certificate, attempts to map the cert if certmap:Yes is specified, excludes the CA name if excludecaname:Yes is specified. Remarks: 1. Certificate, mapping, and CA name settings are all to be within quotes; embedded quotes are to be replaced with \'. 2. Certificate mapping is valid only for domain members. 3. Multiple certificates can be provided by using the rootca parameter multiple times. 4. The preference of each authentication method is determined by its order in the command. 5. If no auth methods are stated, dynamic defaults are used. 6. Excluding the root certification authority (CA) name prevents the name from being sent as part of the certificate request. Examples: add rule name=Rule policy=Policy filterlist=Filterlist filteraction=FilterAction kerberos=yes psk="my key" rootca="C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority" rootca="C=US,O=MSFT,CN=\’Microsoft North, South, East, and West Root Authority\’ certmap:yes excludecaname:no"
11254	Usage: filter [ filterlist = ] <string> [ srcaddr = ] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) [ dstaddr = ] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) [ [ description = ] <string> ] [ [ protocol = ] (ANY \| ICMP \| TCP \| UDP \| RAW \| <integer>) ] [ [ mirrored = ] (yes \| no) ] [ [ srcmask = ] (mask \| prefix) ] [ [ dstmask = ] (mask \| prefix) ] [ [ srcport = ] <port> ] [ [ dstport = ] <port> ] Adds a filter to the specified filter list. Parameters: Tag Value filterlist -Name of the filter list to which the filter is added. srcaddr -Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. description -Brief information about the filter. protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. mirrored -‘Yes’ creates two filters, one in each direction. srcmask -Source address mask or a prefix of 1 through 32. Not applicable if srcaddr is set to a range dstmask -Destination address mask or a prefix of 1 through 32. Not applicable if dstaddr is set to a range srcport -Source port of the packet. A value of 0 means any port. dstport -Destination port of the packet. A value of 0 means any port. Remarks: 1. If the filter list does not exist it will be created. 2. To specify the current computer address, set srcaddr/dstaddr=me To specify all computer addresses, set srcaddr/dstaddr=any 3. Server type can be WINS, DNS, DHCP or GATEWAY. 4. If source is a server type, then dest is 'me' and vice-versa. 5. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: 1. add filter filterlist=Filter1 192.145.168.0 192.145.168.45 srcmask=24 dstmask=32 2. add filter filterlist=Filter1 srcaddr=DHCP dstaddr=0.0.0.0 protocol=ICMP srcmask=255.255.255.255 dstmask=255.255.255.255 3. add filter filterlist=Filter1 srcaddr=me dstaddr=any 4. add filter filterlist=Filter1 srcaddr= E3D7::51F4:9BC8:00A8:6420 dstaddr= ME 5. add filter filterlist=Filter1 srcaddr= 192.168.2.1-192,168.2.10 dstaddr= ME
11300	Modifies existing policies and related information.
11310	Modifies a policy.
11311	Modifies a filter list.
11312	Modifies a filter action.
11313	Modifies a rule.
11314	Sets the current policy store.
11315	Modifies the default response rule of a policy.
11317	Sets the batch update mode.
11350	Usage: policy [ name = ] <string> \| [ guid = ] <guid> [ [ newname = ] <string> ] [ [ description = ] <string> ] [ [ mmpfs = ] (yes \| no) ] [ [ qmpermm = ] <integer> ] [ [ mmlifetime = ] <integer> ] [ [ activatedefaultrule = ] ( yes \| no) ] [ [ pollinginterval = ] <integer> ] [ [ assign = ] (yes \| no) ] [ [ gponame = ] <string> ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] Modifies a policy. Parameters: Tag Value name \| guid -Name of the policy, or guid. newname -New name. description -Brief information. mmpfs -Sets master perfect forward secrecy. qmpermm -Number of quick modes per main mode. mmlifetime -Time in minutes to rekey. activatedefaultrule -Activates the default response rule. Valid only for versions of Windows prior to Windows Vista. pollinginterval -Time in minutes to check for change in policy store. assign -Assigns the policy. gponame -Local AD group policy object name to which the policy can be assigned. Valid when the store is domain. mmsecmethods -List of one or more space separated security methods in the form of ConfAlg-HashAlg-GroupNum. Remarks: 1. If mmpfs is specified, qmpermm is set to 1. 2. A GPO name can only be specified if the store is set to domain. 3. The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Examples: 1. set policy name=Policy mmpfs=y gpo=DomainPolicy assign=y 2. set policy guid={11E6E97E-0031-49f5-AC7D-5F2FE99BABAF} newname=NewName gpo=DefaultDomainPolicy assign=y
11351	Usage: filterlist [ name = ] <string> \| [ guid = ] <guid> [ [ newname = ] <string> ] [ [ description = ] <string> ] Modifies a filter list name and description. Parameters: Tag Value name \| guid -Name of the filter list or guid. newname -New name of the filter list. description -Brief information about the filter list. Examples: 1. set filterlist Filter1 desc=NewFilter1 2. set filterlist guid={11E6E97E-0031-49f5-AC7D-5F2FE99BABAF} newname=FilterName
11352	Usage: filteraction [ name = ] <string> \| [ guid = ] <guid> [ [ newname = ] <string> ] [ [ description = ] <string> ] [ [ qmpfs = ] (yes \| no) ] [ [ inpass = ] (yes \| no) ] [ [ soft = ] (yes \| no) ] [ [ action = ] (permit \| block \| negotiate) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] Modifies a filter action. Parameters: Tag Value name \| guid -Name or guid of the filter action. newname -New name of the filter action. description -Brief information about the filter action. qmpfs -Option to set quick mode perfect forward secrecy. inpass -Accept unsecured communication, but always respond using IPsec. This takes a value of either ‘yes’ or ‘no’. soft -Allow unsecured communication with non-IPsec-aware computers. This takes a value of either ‘yes’ or ‘no’. action -This takes permit or block or negotiate. qmsecmethods -IPsec offer in one of the following formats: ESP[ConfAlg,AuthAlg]:k/s AH[HashAlg]:k/s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/s where ConfAlg can be DES or 3DES or None. where AuthAlg can be MD5 or SHA1 or None. where HashAlg is MD5 or SHA1. where k is lifetime in kilobytes. where s is lifetime in seconds. Remarks: The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Examples:1. set filteraction name=test qmsec=ESP[3DES,MD5]:100000k/2000s 2. set filteraction guid={11E6E97E-0031-49f5-AC7D-5F2FE99BABAF} inpass=y
11353	Usage: rule [ name = ] <string> \| [id= ] <integer> [ policy = ] <string> [ [ newname = ] <string> ] [ [ description = ] <string> ] [ [ filterlist = ] <string> ] [ [ filteraction = ] <string> ] [ [ tunnel = ] (ip \| dns) ] [ [ conntype = ] (lan \| dialup \| all) ] [ [ activate = ] (yes \| no) ] [ [ kerberos = ] (yes \| no) ] [ [ psk = ] <preshared key> ] [ [ rootca = ] "<certificate> certmap:(yes \| no) excludecaname:(yes \| no)" ] Modifies a rule in a policy. Parameters: Tag Value name \| id -Name or ID of the rule. policy -Name of the policy, the rule belongs to. newname -New name of the rule. description -Brief information about the rule. filterlist -Name of the filter list to be used. filteraction -Name of the filter action to be used. tunnel -Tunnel ip address or dns name. conntype -Connection type can be ‘lan’, ‘dialup’ or ‘all’. activate -Activates the rule in the policy if ‘yes’ is specified. kerberos -Provides Kerberos authentication if ‘yes’ is specified. psk -Provides authentication using a specified preshared key. rootca -Provides authentication using a specified root certificate, attempts to map the cert if certmap:Yes is specified, excludes the CA name if excludecaname:Yes is specified. Remarks: 1. Certificate, mapping, and CA name settings are all to be within quotes; embedded quotes are to be replaced with \'. 2. Certificate mapping is valid only for domain members. 3. Multiple certificates can be provided by using the rootca parameter multiple times. 4. The preference of each authentication method is determined by its order in the command. 5. If no auth methods are stated, dynamic defaults are used. 6. All authentication methods are overwritten with the stated list. 7. Excluding the root certification authority (CA) name prevents the name from being sent as part of the certificate request. Examples: 1. set rule name=Rule policy=Policy activate=yes rootca="C=US,O=MSFT,CN=\’Microsoft North, South, East, and West Root Authority\’ certmap:yes excludecaname:no" 2. set rule id=3 Policy newname=RuleNew tunnel=192.165.123.156
11354	Usage: store [location = ] (local \| domain) [ [ domain = ] <string> ] Sets the current IPsec policy storage location. Parameters: Tag Value location Location of the IPsec policy store. domain Domain name (only applies to the domain location). Remarks: 1. The local store contains IPsec policies that can be assigned to secure this computer. If a domain policy is available, the domain policy is applied instead of the local policy. 2. The domain store contains IPsec policies that can be assigned to secure groups of computers in a domain. 3. Use the 'set machine' command to configure a remote computer. 4. The default store is Local. Changes to the store setting persist only as long as the current Netsh session. If you need to run multiple commands in the same store from a batch file, use the ‘Netsh Exec’ when executing your batch file. 5. Persistent store and persistent policy is not supported. Examples: 1. set store location= local - uses the local store of the current computer . 2. set store location=domain domain=example.microsoft. com - uses the domain policy store for example.microsoft.com .
11355	Usage: defaultrule [ policy = ] <string> [ [ qmpfs = ] (yes \| no) ] [ [ activate = ] (yes \| no) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] [ [ kerberos = ] (yes \| no) ] [ [ psk = ] <preshared key> ] [ [ rootca = ] "<certificate> certmap:(yes \| no) excludecaname:(yes \| no)" ] Modifies the default response rule of the specified policy. This rule will be ignored on Windows Vista and later versions of Windows Parameters: Tag Value policy -Name of the policy for which the default response rule is to be modified . qmpfs -Option to set quick mode perfect forward secrecy . activate -Activates the rule in the policy if ‘yes’ is specified . qmsecmethods -IPsec offer in one of the following formats: ESP[ConfAlg,AuthAlg]:k/ s AH[HashAlg]:k/ s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/ s where ConfAlg can be DES, or 3DES or None . where AuthAlg can be MD5, or SHA1 or None . where HashAlg is MD5 or SHA1 . where k is lifetime in kilobytes . where s is lifetime in seconds . kerberos -Provides Kerberos authentication if ‘yes’ is specified . psk -Provides authentication using a specified preshared key . rootca -Provides authentication using a specified root certificate, attempts to map the cert if certmap:Yes is specified, excludes the CA name if excludecaname:Yes is specified . Remarks: 1. Certificate, mapping, and CA name settings are all to be within quotes; embedded quotes are to be replaced with \' . 2. Certificate mapping is valid only for domain members . 3. Multiple certificates can be provided by using the rootca parameter multiple times . 4. The preference of each authentication method is determined by its order in the command . 5. If no auth methods are stated, dynamic defaults are used . 6. The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only . Examples: set defaultrule Policy1 activate= y qmsec="AH[MD5]+ESP[3DES,MD5]:100000k/2000s"
11357	Usage: set batch [mode = ] (enable \| disable) Sets the batch update mode. Parameters: mode - The mode for batch updates.
11400	Deletes policies and related information.
11410	Deletes a policy and its rules.
11411	Deletes a filter list.
11412	Deletes a filter action.
11413	Deletes a rule from a policy.
11414	Deletes a filter from a filter list.
11415	Deletes all policies, filter lists, and filter actions.
11450	Usage: policy [ name = ] <string> \| [ all ] Deletes the policy and all its associated rules. Parameters: Tag Value name \| all -Name of the policy or ‘all’. Remarks: If 'all' is specified, all policies are deleted. Examples: 1. delete policy all - deletes all policies. 2. delete policy name=Policy1 - deletes the policy named Policy1.
11451	Usage: filterlist [name = ] <string> \| [ all ] Deletes the filter list and all of its associated filters. Parameters: Tag Value name \| all -Name of the filter list or ‘all’. Remarks: If 'all' is specified, all filter lists are deleted. Examples: delete filterlist all
11452	Usage: filteraction [ name = ] <string> \| [ all ] Deletes a filter action. Parameters: Tag Value name \| all -Name of the filter action or ‘all’. Remarks: If 'all' is specified, all filter actions are deleted. Examples: 1. delete filteraction FilterA 2. delete filteraction all
11453	Usage: rule [ name = ] <string> \| [ id = ] <integer> \| [ all ] [ policy = ] <string> Deletes a rule from a policy. Parameters: Tag Value name \| id \| all -Name of the rule, ID of the rule, or ‘all’ policy -Name of the policy. Remarks: 1. If 'all' is specified, deletes all rules from the policy except the default response rule. 2. The default response rule cannot be deleted. 3. The IDs will change with every delete. Examples: 1. delete rule id=1 Policy1 -deletes the rule with id=1 from Policy1. 2. delete rule all Policy1 -deletes all the rules from Policy1.
11454	Usage: filter [ filterlist = ] <string> [ srcaddr = ] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) [ dstaddr = ] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) [ [ protocol = ] (ANY \| ICMP \| TCP \| UDP \| RAW \| <integer>) ] [ [ srcmask = ] (mask \| prefix) ] [ [ dstmask = ] (mask \| prefix) ] [ [ srcport = ] <port> ] [ [ dstport = ] <port> ] [ [ mirrored = ] (yes \| no) ] Deletes a filter from a filter list Parameters: Tag Value filterlist -Name of the filter list to which the filter was added. srcaddr - Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. srcmask -Source address mask or a prefix of 1 through 32. Not applicable if srcaddr is set to a range dstmask -Destination address mask or a prefix of 1 through 32. Not applicable if dstaddr is set to a range srcport -Source port of the packet. A value of 0 means any port dstport -Destination port of the packet. A value of 0 means any port. mirrored -‘Yes’ creates two filters, one in each direction. Remarks: 1. Deletes the exact match filter from the filter list. 2. To specify the current computer address, set srcaddr/dstaddr=me To specify all computer addresses, set srcaddr/dstaddr=any 3. Server type can be WINS, DNS, DHCP or GATEWAY. 4. If source is a server, then dest is set to 'me' and vice-versa. 5. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: 1. delete filter FilterList1 src=fum.com dst=fum.com 2. delete filter Filter1 srcaddr=me dstaddr=any proto=TCP 3. delete filter Filter1 srcaddr=GATEWAY dstaddr=0.0.0.0 proto=TCP 4. delete filter Filter1 srcaddr=192.168.2.1-192.168.2.10 dstaddr=ME
11455	Usage: all Deletes all policies, filter lists, and filter actions. Parameters: Remarks: Examples: delete all
11500	Displays details of policies and related information.
11510	Displays policy details.
11511	Displays filter list details.
11512	Displays filter action details.
11513	Displays rule details.
11515	Displays details of all policies and related information.
11516	Displays details of a group assigned policy.
11517	Displays the current policy store.
11550	Usage: policy [ name = ] <string> \| [ all ] [ [ level = ] (verbose \| normal) ] [ [ format = ] (list \| table) ] [ [ wide = ] (yes \| no) ] Displays the details of a policy Parameters: Tag Value name \| all -Name of the policy or ‘all’. level -Verbose or normal. format -Output in screen or tab-delimited format. wide -If set to ‘no’, the name and description are truncated to fit the screen width of 80 characters. Remarks: If 'all' is specified, all policy details are displayed. Examples: show policy Policy1 wide=yes format=table
11551	Usage: filterlist [ name = ] <string> \| [ rule = ] <string> \| [ all ] [ [ level = ] (verbose \| normal) ] [ [ format = ] (list \| table) ] [ [ resolvedns = ] (yes \| no) ] [ [ wide = ] (yes \| no) ] Displays the details of a filter list Parameters: Tag Value name \| rule \| all -Name of the filter list, rule name, or ‘all’. level -Verbose or normal. format -Output in screen or tab-delimited format. resolvedns -Value of ‘yes’ will force the verbose output to show the current dns mapping for ip addresses and dns names that are stored in the filter fields. wide -If set to ‘no’, the name and description are truncated to fit the screen width of 80 characters. Remarks: If 'all' is specified, all filter lists are displayed. Examples: show filterlist Filterlist=Filterlist1 resolvedns=yes wide=yes
11552	Usage: filteraction [ name = ] <string> \| [ rule = ] <string> \| [ all ] [ [ level = ] (verbose \| normal) ] [ [ format = ] (list \| table) ] [ [ wide = ] (yes \| no) ] Displays the details of a filter action Parameters: Tag Value name \| rule \| all -Name of the filter action, rule name, or ‘all’. level -Verbose or normal. format -Output in screen or tab-delimited format wide -If set to ‘no’, the name and description are truncated to fit the screen width of 80 characters. Remarks: If 'all' is specified, all filter actions are displayed. Examples: 1. show filteraction FilterAction1 - shows the details of the filter action named FilterAction1 2. show filteraction rule=Rule1 - shows the filter action used by the rule named Rule1 3. show filteraction all - shows all filter actions
11553	Usage: rule [ name = ] <string> \| [ id = ] <integer> ] \| [ all ] \| [default] [ policy = ] <string> [ [ type = ] (tunnel \| tranport) ] [ [ level = ] (verbose \| normal) ] [ [ format = ] (list \| table) ] [ [ wide = ] (yes \| no) ] Displays the details of rules for the policy. Parameters: Tag Value name \| id \| all \| default -Name of the rule, its id, ‘all’, or ‘default’. policy -Name of the policy. type -Rule type is ‘transport’ or ‘tunnel’. level -Verbose or normal. format -Output in screen or tab-delimited format. wide -If set to ‘no’, the name and description are truncated to fit the screen width of 80 characters. Remarks: 1. If ‘all’ is specified, all rules are displayed. 2. If the type parameter is specified, 'all' needs to be specified. Examples: 1. show rule all type=transport policy=Policy1 - shows all the transport rules of the policy named Policy1. 2. show rule id=1 policy=Policy1 - shows the first rule of the policy. 3. show rule default policy=Policy1 - shows the details of the default response rule of Policy1.
11555	Usage: all [ [ format = ] (list \| table) ] [ [ wide = ] (yes \| no) ] Displays all policies, filter lists, and filter actions. Parameters: Tag Value format -Output in screen or tab-delimited format. wide -If set to ‘no’, the name and description are truncated to fit the screen width of 80 characters. Remarks: Examples: show all
11556	Usage: gpoassignedpolicy [name = ] <string> Displays the details of the active policy for the specified GPO. Parameters: Tag Value Name -Local AD Group policy object name. Remarks: 1. if the current store is domain, the name parameter is required, otherwise it is not allowed Examples: 1. show gpoassignedpolicy name=GPO1 - shows the assigned domain policy to GPO1. 2. show gpoassignedpolicy - shows currently assigned policy on this computer.
11557	Usage: store Examples: show store
12200	Adds policy, filter, and actions to SPD.
12210	Adds a quick mode policy to SPD.
12211	Adds a main mode policy to SPD.
12212	Adds a quick mode filter to SPD.
12213	Adds a main mode filter to SPD.
12215	Adds a rule and associated filters to SPD.
12250	Usage: qmpolicy [ name = ] <string> [ [ soft = ] (yes \| no) ] [ [ pfsgroup = ] (GRP1 \| GRP2 \| GRP3 \| GRPMM \| NOPFS) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] Adds a quick mode policy to SPD. Parameters: Tag Value name -Name of the quick mode policy. soft -Allow unsecured communication with non-IPsec-aware computers. This takes a value of either ‘yes’ or ‘no’. pfsgroup -GRP1,GRP2,GRP3,GRPMM,NOPFS(default). qmsecmethods -IPsec offer in one of the following formats: ESP[ConfAlg,AuthAlg]:k/s AH[HashAlg]:k/s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/s where ConfAlg can be DES or 3DES or None. where AuthAlg can be MD5 or SHA1 or None. where HashAlg is MD5 or SHA1. where k is lifetime in kilobytes. where s is lifetime in seconds. Remarks: The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Examples: add qmpolicy name=qmp qmsec="AH[MD5]:10000k/24800s ESP[DES,SHA1]:30000k/300s"
12251	Usage: mmpolicy [ name = ] <string> [ [ qmpermm = ] <integer> ] [ [ mmlifetime = ] <integer> ] [ [ softsaexpirationtime = ] <integer> ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] Adds a main mode policy to SPD. Parameters: Tag Value name -Name of the main mode policy. qmpermm -Number of quick mode sessions per main mode session of IKE. mmlifetime -Time in minutes to rekey for main mode of IKE. softsaexpirationtime -Time in minutes for an unprotected SA to expire. mmsecmethods -List of one or more space separated security methods in the form of ConfAlg-HashAlg-GroupNum. where ConfAlg can be DES or 3DES where HashAlg can be MD5 or SHA1 GroupNum can be 1 (Low) or 2 (Med) or 3 (DH2048). Remarks: The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Examples: add mmp name=mmp qmpermm=10 mmlifetime=300 softsa=20 mmsec="3DES-SHA1-3 DES-SHA1-2 3DES-MD5-3"
12255	Usage: rule [ srcaddr = ] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) [ dstaddr = ] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) [ mmpolicy = ] <string> [ [ qmpolicy = ] <string> ] [ [ protocol = ] (ANY \| ICMP \| TCP \| UDP \| RAW \| <integer>) ] [ [ srcport = ] <port> ] [ [ dstport = ] <port> ] [ [ mirrored = ] (yes \| no) ] [ [ conntype = ] (lan \| dialup \| all) ] [ [ actioninbound = ] (permit \| block \| negotiate) ] [ [ actionoutbound = ] (permit \| block \| negotiate) ] [ [ srcmask = ] (mask \| prefix) ] [ [ dstmask = ] (mask \| prefix) ] [ [ tunneldstaddress = ] (ip \| dns) ] [ [ kerberos = ] (yes \| no) ] [ [ psk = ] <preshared key> ] [ [ rootca = ] "<certificate> certmap:(yes \| no) excludecaname:(yes \| no)" ] Adds a Rule. Parameters: Tag Value srcaddr - Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. mmpolicy -Main mode policy qmpolicy -Quick mode policy protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. If you specify a port, acceptable value is TCP or UDP. srcport -Source port(0 means any port) dstport -Destination port(0 means any port) mirrored -‘Yes' creates two filters, one in each direction. conntype -Connection type actioninbound -Action for inbound packets actionoutbound -Action for outbound packets srcmask -Source address mask or a prefix of 1 through 32. Not applicable if srcaddr is set to a range dstmask -Destination address mask or a prefix of 1 through 32. Not applicable if dstaddr is set to a range tunneldstaddress -Tunnel destination ip address or dns name. kerberos -Provides kerberos authentication if ‘yes’ is specified. psk -Provides authentication using a specified preshared key. rootca -Provides authentication using a specified root certificate, attempts to map the cert if certmap:Yes is specified, excludes the CA name if excludecaname:Yes is specified. Remarks: 1. Port valid for TCP and UDP. 2. Server type can be WINS, DNS, DHCP or GATEWAY 3. Default for actioninbound and actionoutbound is ‘negotiate’. 4. For tunnel rules, mirrored must be set to 'no'. 5. Certificate, mapping, and CA name settings are all to be within quotes; embedded quotes are to be replaced with \'. 6. Certificate mapping is valid only for domain members. 7. Multiple certificates can be provided by using the rootca parameter multiple times. 8. The preference of each authentication method is determined by its order in the command. 9. If no auth methods are stated, dynamic defaults are used. 10. Excluding the root certification authority (CA) name prevents the name from being sent as part of the certificate request. 11. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Example: add rule srcaddr=192.168.145.110 dstaddr=192.168.145.215 mmpolicy=mmp qmpolicy=qmp mirrored=no srcmask=32 dstmask=255.255.255.255 rootca="C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority" rootca="C=US,O=MSFT,CN=\’Microsoft North, South, East, and West Root Authority\’ certmap:yes excludecaname:no"
12300	Modifies policy, filter, and actions in SPD.
12310	Modifies a quick mode policy in SPD.
12311	Modifies a main mode policy in SPD.
12312	Modifies a quick mode filter in SPD.
12313	Modifies a main mode filter in SPD.
12319	Sets the IPsec configuration and boot time behavior.
12320	Modifies a rule and associated filters in SPD.
12350	Usage: qmpolicy [ name = ] <string> [ [ soft = ] (yes \| no) ] [ [ pfsgroup = ] (GRP1 \| GRP2 \| GRP3 \| GRPMM \| NOPFS) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] Modifies a quick mode policy in SPD. Parameters: Tag Value name -Name of the quick mode policy. soft -Allow unsecured communication with non-IPsec-aware computers. This takes a value of either 'yes' or 'no'. pfsgroup -GRP1,GRP2,GRP3,GRPMM,NOPFS(default). qmsecmethods -IPsec offer in one of the following formats: ESP[ConfAlg,AuthAlg]:k/s AH[HashAlg]:k/s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/s where ConfAlg can be DES, or 3DES or None. where AuthAlg can be MD5, or SHA1 or None. where HashAlg is MD5 or SHA1. where k is lifetime in kilobytes. where s is lifetime in seconds. Remarks: The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Example: set qmpolicy name=qmp pfsg=grp3 qmsec="AH[MD5]:100000k/29999s+ESP[DES,SHA1]"
12351	Usage: mmpolicy [ name = ] <string> [ [ qmpermm = ] <integer> ] [ [ mmlifetime = ] <integer> ] [ [ softsaexpirationtime = ] <integer> ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] Modifies a main mode policy with the new parameters in SPD. Parameters: Tag Value name -Name of the main mode policy. qmpermm -Number of quick mode sessions per main mode session of IKE. mmlifetime -Time in minutes to rekey for main mode of IKE. softsaexpirationtime -Time in minutes for an unprotected SA to expire. mmsecmethods -List of one or more space separated security methods in the form of ConfAlg-HashAlg-GroupNum, where ConfAlg can be DES or 3DES, HashAlg is MD5 or SHA1, GroupNum can be 1 (Low) or 2 (Med) or 3 (DH2048). Remarks: The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Example: set mmpolicy name=mmp qmpermm=10 mmlife=10 mmsecmethod=3DES-MD5-3
12359	Usage: config [ property = ] (ipsecdiagnostics \| ipsecexempt \| ipsecloginterval \| ikelogging \| strongcrlcheck \| bootmode \| bootexemptions) ] [ value = ] <integer> \| <bootmode> \| <bootexemptions> ] Configures the parameters for IPsec. Parameters: Tag Value property -Property name. value -Value that corresponds to the property. Remarks: 1. Valid values for the properties are: ipsecdiagnostics - 0, 1, 2, 3, 4, 5, 6, 7 ikelogging - 0, 1 strongcrlcheck - 0, 1, 2 ipsecloginterval - 60 to 86400 sec ipsecexempt - 0, 1, 2, 3 bootmode - stateful, block, permit bootexemptions - none, "exemption#1 exemption#2 ... exemption#n" where the quoted string specifies a list of protocols and ports to always allow during boot mode in the following format: Protocol:SrcPort:DstPort:Direction where protocol is ICMP, TCP, UDP, RAW, or <integer> where direction is inbound or outbound 2. ipsecdiagnostics, ikelogging, ipsecloginterval, bootmode and bootexemptions options are provided for backward compatibility. Not valid for Windows Vista and later operating systems. 3. SrcPort and DstPort are only valid for TCP and UDP, with other protocols the format of the exemption is Protocol:Direction. 4. A port setting of 0 allows for traffic for any port. 5. ikelogging and strongcrlcheck are activated immediately; all other properties take effect on next boot. Examples: 1. set config property=ipsecdiagnostics value=0 2. set config property=bootmode value=stateful 3. set config property=bootexemptions value=none 4. set config property=bootexemptions value="ICMP:inbound TCP:80:80:outbound"
12360	Usage: rule [ srcaddr = ] (ip \| dns \| server) [ dstaddr = ] (ip \| dns \| server) [ protocol = ] (ANY \| ICMP \| TCP \| UDP \| RAW \| <integer>) [ srcport = ] <port> [ dstport = ] <port> [ mirrored = ] (yes \| no) [ conntype = ] (lan \| dialup \| all) [ [ srcmask = ] (mask \| prefix) ] [ [ dstmask = ] (mask \| prefix) ] [ [ tunneldstaddress = ] (ip \| dns) ] [ [ mmpolicy = ] <string> ] [ [ qmpolicy = ] <string> ] [ [ actioninbound = ] (permit \| block \| negotiate) ] [ [ actionoutbound = ] (permit \| block \| negotiate) ] [ [ kerberos = ] (yes \| no) ] [ [ psk = ] <preshared key> ] [ [ rootca = ] "<certificate> certmap:(yes \| no) excludecaname:(yes \| no)" ] Modifies a rule and associated filters in SPD. Parameters: Tag Value srcaddr - Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. srcport -Source port (0 means any port) dstport -Destination port (0 means any port) mirrored -'Yes' creates two filters, one in each direction. conntype -Connection type srcmask -Source address mask or a prefix of 1 through 32. Not applicable if srcaddr is set to a range dstmask -Destination address mask or a prefix of 1 through 32. Not applicable if dstaddr is set to a range tunneldstaddress -Tunnel destination ip address or dns name. mmpolicy -Main mode policy qmpolicy -Quick mode policy actioninbound -Action for inbound packets actionoutbound -Action for outbound packets kerberos -Provides kerberos authentication if ‘yes’ is specified psk -Provides authentication using a specified preshared key rootca -Provides authentication using a specified root certificate, attempts to map the cert if certmap:Yes is specified, excludes the CA name if excludecaname:Yes is specified. Remarks: 1. Mmpolicy, qmpolicy, actioninbound, actionoutbound and authmethods can be set; other fields are identifiers. 2. Server type can be WINS, DNS, DHCP or GATEWAY 3. Certificate, mapping, and CA name settings are all to be within quotes; embedded quotes are to be replaced with \'. 4. Certificate mapping is valid only for domain members. 5. Multiple certificates can be provided by using the rootca parameter multiple times. 6. The preference of each authentication method is determined by its order in the command. 7. If no auth methods are stated, dynamic defaults are used. 8. All authentication methods are overwritten with the stated list. 9. Excluding the root certification authority (CA) name prevents the name from being sent as part of the certificate request. 10. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: 1. set rule srca=WINS dsta=0.0.0.0 srcmask=32 dstmask=32 tunneldst=192.168.145.1 proto=tcp srcport=80 dstport=80 mir=no con=lan qmp=qmp actionin=negotiate actionout=permit 2. set rule srcaddr=192.168.145.110 dstaddr=192.168.145.215 mmpolicy=mmp qmpolicy=qmp mirrored=no srcmask=32 rootca="C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority" rootca="C=US,O=MSFT,CN=\’Microsoft North, South, East, and West Root Authority\’ certmap:yes excludecaname:no"
12400	Deletes policy, filter, and actions from SPD.
12410	Deletes a quick mode policy from SPD.
12411	Deletes a main mode policy from SPD.
12414	Deletes a rule and associated filters from SPD.
12415	Deletes all policies, filters, and actions from SPD.
12450	Usage: qmpolicy [ name = ] <string> \| [ all ] Deletes a quick mode policy from SPD. If 'all' is specified, all quick mode policies are deleted. Parameters: Tag Value name -Name of the quick mode policy. Remarks: To delete a quick mode policy, any associated quick mode filters must first be deleted. Examples: delete qmpolicy name=qmp
12451	Usage: mmpolicy [ name = ] <string> \| [ all ] Deletes a main mode policy from SPD. If 'all' is specified, all main mode policies are deleted. Parameters: Tag Value name -Name of the main mode policy. Remarks: To delete a main mode policy, any associated main mode filters must first be deleted. Examples: delete mmpolicy name=mmp
12454	Usage: rule [ srcaddr = ] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) [ dstaddr = ] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) [ protocol = ] (ANY \| ICMP \| TCP \| UDP \| RAW \| <integer>) [ srcport = ] <port> [ dstport = ] <port> [ mirrored = ] (yes \| no) [ conntype = ] (lan \| dialup \| all) [ [ srcmask = ] (mask \| prefix) ] [ [ dstmask = ] (mask \| prefix) ] [ [ tunneldstaddress = ] (ip \| dns) ] Deletes a rule from SPD. Parameters: Tag Value srcaddr -Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. srcport -Source port. A value of 0 means any port. dstport -Destination port. A value of 0 means any port. mirrored -‘Yes’ creates two filters, one in each direction. conntype -Connection type can be lan, dialup or ‘all’. srcmask -Source address mask or a prefix of 1 through 32. dstmask -Destination address mask or a prefix of 1 through 32. tunneldstaddress -Tunnel destination ip address or dns name. Remarks: 1. To specify the current computer address, set srcaddr/dstaddr=me To specify all computer addresses, set srcaddr/dstaddr=any 2. Server type can be WINS, DNS, DHCP or GATEWAY 3. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: delete rule srca=192.168.145.110 dsta=192.168.145.215 tunneldsta=192.168.145.1 proto=tcp srcport=80 dstport=80 mirror=no conntype=lan
12455	Usage: all Deletes all policies, filters, and authentication methods from SPD. Example: delete all
12500	Displays policy, filter, and actions from SPD.
12510	Displays policies, filters, SAs, and statistics from SPD.
12511	Displays main mode policy details from SPD.
12512	Displays quick mode policy details from SPD.
12513	Displays main mode filter details from SPD.
12514	Displays quick mode filter details from SPD.
12515	Displays IPsec and IKE statistics from SPD.
12516	Displays main mode security associations from SPD.
12517	Displays quick mode security associations from SPD.
12518	Displays IPsec configuration.
12519	Displays rule details from SPD.
12550	Usage: all [ [ resolvedns = ] (yes \| no) ] Displays details of all policies, filters, SAs, and statistics from SPD. Parameters: Tag Value resolvedns -Value of 'yes' displays the resolved dns name. Remarks: Default value of resolvedns is ‘no’. Examples: show all yes - shows all information with dns resolution
12551	Usage: mmpolicy [ name = ] <string> \| [ all ] Displays main mode policy details from SPD. Parameters: Tag Value name -Name of the main mode policy. Remarks: If 'all' is specified, all main mode policies are displayed. Examples: 1. show mmpolicy name=mmp 2. show mmpolicy all
12552	Usage: qmpolicy [ name = ] <string> \| [ all ] Displays quick mode policy details from SPD. Parameters: Tag Value name -Name of the quick mode policy. Remarks: If 'all' is specified, all quick mode policies are displayed. Examples: 1. show qmpolicy name=qmp 2. show qmpolicy all
12553	Usage: mmfilter [ name = ] <string> \| [ all ] [ [ type = ] (generic \| specific) ] [ [ srcaddr = ] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) ] [ [ dstaddr = ] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) ] [ [ srcmask = ] (mask \| prefix) ] [ [ dstmask = ] (mask \| prefix) ] [ [ resolvedns = ] (yes \| no) ] Displays main mode filter details from SPD. Parameters: Tag Value name \| all -Name of the main mode filter or ‘all’. type -Type of filter to display, either specific or generic. srcaddr - Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. srcmask -Source address mask or a prefix of 1 through 32. dstmask -Destination address mask or a prefix of 1 through 32. resolvedns -Value of 'yes' displays the resolved dns name. Remarks: 1. Default for the type parameter is ‘generic’. 2. Server type can be WINS, DNS, DHCP or GATEWAY. 3. If 'all' is specified, all main mode filters are displayed. 4. If source address or destination address is specified, only filters associated with that address are displayed. 5. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: 1. show mmfilter name=mmf 2. show mmfilter all srcaddr=wins dstaddr=192.168.145.112
12554	Usage: qmfilter [ name = ] <string> \| [ all ] [ [ type = ] (generic \| specific) ] [ [ srcaddr = ] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) ] [ [ dstaddr = ] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) ] [ [ srcmask = ] (mask \| prefix) ] [ [ dstmask = ] (mask \| prefix) ] [ [ protocol = ] (ANY \| ICMP \| TCP \| UDP \| RAW \| <integer>) ] [ [ srcport = ] <port> ] [ [ dstport = ] <port> ] [ [ actioninbound = ] (permit \| block \| negotiate) ] [ [ actionoutbound = ] (permit \| block \| negotiate) ] [ [ resolvedns = ] (yes \| no) ] Displays quick mode filter details from SPD. Parameters: Tag Value name -Name of the quick mode filter. type -Type of filter to display, either specific or generic. srcaddr - Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. srcmask -Source address mask or a prefix of 1 through 32. dstmask -Destination address mask or a prefix of 1 through 32. protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. srcport -Source port. A value of 0 means any port. dstport -Destination port. A value of 0 means any port. actioninbound -Action for inbound packets. actionoutbound -Action for outbound packets. resolvedns -Value of 'yes' displays the resolved dns name. Remarks: 1. If the type is not specified then both ‘generic’ and ‘specific’ filters are displayed. 2. Server type can be WINS, DNS, DHCP or GATEWAY. 3. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: 1. show qmfilter name=qmf 2. show qmfilter all srcaddr=192.134.135.133 proto=TCP 3. If 'all' is specified, all quick mode filters are displayed. 4. If source or destination address name is specified, only filters associated with that address are displayed.
12555	Usage: stats [ [type =] (all \| ike \| ipsec) ] Displays details of IPsec and IKE statistics. Parameters: Tag Value type -ipsec, ike, or all (which displays both ipsec and ike) Remarks: Examples: 1. show stats all 2. show stats type=ipsec
12556	Usage: mmsas [ [ all ] ] [ [ srcaddr =] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) ] [ [ dstaddr =] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) ] [ [ format = ] (list \| table) ] [ [ resolvedns = ] (yes \| no) ] Displays the main mode security associations for a specified address. Parameters: Tag Value all -Display all main mode security associations. srcaddr - Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address(ipv4 or ipv6), address range, dns name, or server type. format -Output in screen or tab-delimited format. resolvedns -Value of 'yes' displays the resolved dns name. Remarks: 1. Server type can be WINS, DNS, DHCP or GATEWAY. 2. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6).\ Examples: 1. show mmsas all 2. show mmsas srca=192.168.145.110 dsta=192.168.145 .215
12557	Usage: qmsas [ [ all ] ] [ [ srcaddr =] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) ] [ [ dstaddr =] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) ] [ [ protocol = ] (ANY \| ICMP \| TCP \| UDP \| RAW \| <integer>) ] [ [ format = ] (list \| table) ] [ [ resolvedns = ] (yes \| no) ] Displays the quick mode security associations for a specified address. Parameters: Tag Value all -Displays all quick mode security associations. srcaddr -Source ip address(ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address(ipv4 or ipv6), address range, dns name, or server type. protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. format -Output in screen or tab-delimited format. resolvedns -Value of 'yes' displays the resolved dns name. Remarks: 1. Server type can be WINS, DNS, DHCP or GATEWAY. 2. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6).\n Examples: 1. show qmsas all 2. show qmsas srca=192.168.145.110 dsta=192.168.145.215
12558	Usage: config Displays current settings of IPsec configuration parameters. Remarks: Example: show config
12559	Usage: rule [ [ type = ] (transport \| tunnel) ] [ [ srcaddr = ] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) ] [ [ dstaddr = ] (ipv4 \| ipv6 \| ipv4-ipv4 \| ipv6-ipv6 \| dns \| server) ] [ [ srcmask = ] (mask \| prefix) ] [ [ dstmask = ] (mask \| prefix) ] [ [ protocol = ] (ANY \| ICMP \| TCP \| UDP \| RAW \| <integer>) ] [ [ srcport = ] <port> ] [ [ dstport = ] <port> ] [ [ actioninbound = ] (permit \| block \| negotiate) ] [ [ actionoutbound = ] (permit \| block \| negotiate) ] [ [ resolvedns = ] (yes \| no) ] Displays rule details from SPD. Parameters: Tag Value type -Type of rule to display, either transport or tunnel. srcaddr -Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. srcmask -Source address mask or a prefix of 1 through 32. dstmask -Destination address mask or a prefix of 1 through 32. protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. srcport -Source port. A value of 0 means any port. dstport -Destination port. A value of 0 means any port. actioninbound -Action for inbound packets. actionoutbound -Action for outbound packets. resolvedns -Value of 'yes' displays the resolved dns name. Remarks: 1. Default for the type parameter is ‘transport’. 2. Server type can be WINS, DNS, DHCP or GATEWAY. 3. If source or destination address name is specified, only rules associated with that address are displayed. 4. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: 1. show rule - shows both transport and tunnel rules 2. show rule type=transport srcaddr=192.134.135.133 proto=TCP
13001	No. of policies : %1!d!
13002	Store : Local Store <%1!s!>
13003	Store : Local Store <%1!s!>
13006	Store : Domain Store <%1!s!>
13007	Store : Domain Store <%1!s!>
13008	Store : Local Store
13011	Store : Domain Store
13012	Remote Machine <%1!s!>
13013	Local Machine <%1!s!>
13014	Remote Domain <%1!s!>
13015	Local Domain <%1!s!>
13016	Local Machine
13017	Local Domain
13100	Policy Name : %1!s!
13304	Rule ID : %1!d!, GUID = %2!s!
13305	FilterList Name : %1!s!
13306	FilterList Name : NONE
13602	Policy Name : %1!s!
13603	Description : %1!s!
13604	Description : NONE
13605	Assigned : YES
13606	Assigned : NO
13607	Master PFS : YES
13608	Master PFS : NO
13609	Polling Interval : %1!d! minutes
13610	No. of Rules : %1!d!
13611	Rule Details
13612	------------
13615	Assigned : YES but AD Policy Overrides
13700	Rule Name : %1!s!
13701	Rule Name : NONE
13705	Authentication Methods(%1!d!)
13708	Tunnel Dest IP Address :
13709	Connection Type : ALL
13710	Connection Type : LAN
13711	Connection Type : DIAL UP
13712	Connection Type : NONE
13713	FilterList Details
13714	------------------
13715	No FilterList exists in Default Response Rule
13716	FilterAction Details
13717	---------------------
13734	No of Transport rule(s): %1!d!
13735	No of Tunnel rule(s) : %1!d!
13736	Activated : YES
13737	Activated : NO
13738	Activated : YES Default response rule is not supported on Windows Vista and later versions of Windows. This policy is not in effect.
13800	FilterAction Name : %1!s!
13801	FilterAction Name : NONE
13802	Action : PERMIT
13803	Action : BLOCK
13804	Action : NEGOTIATE SECURITY
13805	AllowUnsecure(Fallback): YES
13806	AllowUnsecure(Fallback): NO
13807	Inbound Passthrough : YES
13808	Inbound Passthrough : NO
13809	No. of Security.Methods: %1!d!
13812	AH ESP LIFE (Sec/kB)
13813	-- --- -------------
13815	QMPFS : YES
13816	QMPFS : NO
14200	KERBEROS
14201	Root CA : %1!s!
14202	Preshared Key : %1!s!
14203	NONE
14300	FilterList Name : %1!s!
14301	FilterList Name : NONE
14302	No. of Filters : %1!d!
14304	Filter(s)
14305	---------
14308	GUID : %1!s!
14309	Last Modified : %1!s!
14500	Source DNS Name : <My IP Address>
14501	Source DNS Name : %1!s!
14502	Source DNS Name : <Any IP Address>
14503	Source DNS Name : <A Specific IP Address>
14504	Source DNS Name : <A Specific IP Subnet>
14505	Source DNS Name : NONE
14506	Destination DNS Name : <My IP Address>
14507	Destination DNS Name : %1!s!
14508	Destination DNS Name : <Any IP Address>
14509	Destination DNS Name : <A Specific IP Address>
14510	Destination DNS Name : <A Specific IP Subnet>
14511	Destination DNS Name : NONE
14512	Mirrored : YES
14513	Mirrored : NO
14514	Source DNS Name : %1!s! resolves to
14515	Destination DNS Name : %1!s! resolves to
14516	Source DNS Name : < DNS SERVER >
14517	Source DNS Name : < WINS SERVER >
14518	Source DNS Name : < DHCP SERVER >
14519	Source DNS Name : < DEFAULT GATEWAY >
14520	Destination DNS Name : < DNS SERVER >
14521	Destination DNS Name : < WINS SERVER >
14522	Destination DNS Name : < DHCP SERVER >
14523	Destination DNS Name : < DEFAULT GATEWAY >
14526	%1!-15s!
14527	%1!s!
14528	%1!s!
14531	...
14600	Source IP Address : <My IP Address>
14601	Source IP Address : <Any IP Address>
14602	Source IP Address :
14603	Source Mask :
14604	Destination IP Address : <My IP Address>
14605	Destination IP Address : <Any IP Address>
14606	Destination IP Address :
14607	Destination Mask :
14608	Source Port : %1!d!
14609	Source Port : ANY
14610	Destination Port : %1!d!
14611	Destination Port : ANY
14615	resolves to %1!s!
14616	<DNS Look up failed>
14617	Source IP Address : < DNS SERVER >
14618	Source IP Address : < WINS SERVER >
14619	Source IP Address : < DHCP SERVER >
14620	Source IP Address : < DEFAULT GATEWAY >
14621	Destination IP Address : < DNS SERVER >
14622	Destination IP Address : < WINS SERVER >
14623	Destination IP Address : < DHCP SERVER >
14624	Destination IP Address : < DEFAULT GATEWAY >
14625	Source Port Range : %1!d!-%2!d!
14626	Destination Port Range : %1!d!-%2!d!
14700	Protocol : ICMP
14701	Protocol : TCP
14703	Protocol : UDP
14708	Protocol : RAW
14709	Protocol : ANY
14710	Protocol : %1!d!
14802	Main Mode Security Method Order
14803	MainMode LifeTime : %1!d! minutes / %2!d! Quick Mode sessions
14804	Encryption Integrity DH Group
14805	---------- --------- --------
14900	DES
14901	3DES
14902	SHA1
14903	MD5
14904	Low(1)
14905	Medium(2)
14906	2048
15001	Source Machine : Local Computer GPO for <%1!s!>
15002	Source Domain : %1!s!
15003	DC Name : %1!s!
15004	GPO Name : %1!s!
15005	Local IPsec Policy Name : %1!s!
15006	AD IPsec Policy Name : %1!s!
15007	GPO DN : %1!s!
15008	GPO OU Link : %1!s!
15009	AD Policy DN : %1!s!
15010	Local IPsec Policy Assigned: Yes, but AD Policy is Overriding
15011	Local IPsec Policy DN : %1!s!
15016	Local IPsec Policy Name : NONE
15017	AD IPsec Policy Name : NONE
15018	IPsec Policy Name : %1!s!
15019	IPsec Policy DN : %1!s!
15020	IPsec Policy Assigned : YES
15021	Exclude CA name : YES
15022	Exclude CA name : NO
15023	Certmapping enabled : YES
15024	Certmapping enabled : NO
16001	No. of policies %1!d!
16002	No. of policies : %1!d!
16003	Store Local Store <%1!s!>
16004	Store Local Store <%1!s!>
16007	Store Domain Store <%1!s!>
16008	Store Domain Store <%1!s!>
16010	Store Local Store
16011	Store Domain Store
16013	Cert To Account Mapping YES
16014	Cert To Account Mapping NO
16100	Policy Name %1!s!
16101	Rule Name %1!s!
16303	No Policy Name Specified
16304	Rule ID %1!d!, GUID = %2!s!
16306	%1!-23s!
16602	Policy Name %1!s!
16603	Description %1!s!
16604	Description NONE
16605	Assigned YES
16606	Assigned NO
16607	Master PFS YES
16608	Master PFS NO
16609	Polling Interval %1!d! minutes
16610	No. of Rules %1!d!
16611	Rule Details
16612	------------
16613	Assigned YES but AD Policy Overrides
16614	Policy Name Rules LastModified Assign
16615	%1!-32s!
16616	YES but AD Policy Overrides
16617	YES
16618	NO
16619	---------- ----- ------------ ------
16620	Policy Name Rules LastModified
16621	----------- ----- ------------
16700	Rule Name %1!s!
16701	Rule Name NONE
16703	Authentication Methods (%1!d!)
16705	Enabled FilterList FilterAction Authentication
16706	------- ---------- ------------ --------------
16707	Tunnel Dest IP Address NONE
16708	Tunnel Dest IP Address
16709	Connection Type ALL
16710	Connection Type LAN
16711	Connection Type DIAL UP
16712	Connection Type UNKNOWN
16713	FilterList Details
16714	------------------
16716	FilterAction Details
16717	--------------------
16718	Activated YES
16719	Activated NO
16720	Rule Name NONE
16721	YES
16722	NO
16724	NONE
16728	Kerb
16729	Cert
16730	Pre
16734	No of Transport rule(s) %1!d!
16735	No of Tunnel rule(s) %1!d!
16737	Enabled FilterList FilterAction TunnelEndPoint
16738	------- ---------- ------------ --------------
16739	YES Default response rule is not supported on Windows Vista and later versions of Windows. This policy is not in effect.
16740	Activated YES Default response rule is not supported on Windows Vista and later versions of Windows. This policy is not in effect.
16800	FilterAction Name %1!s!
16801	FilterAction Name NONE
16802	Action PERMIT
16803	Action BLOCK
16804	Action NEGOTIATE SECURITY
16805	InBound PassThrough YES
16806	InBound PassThrough NO
16807	AllowUnSecure(Fallback) YES
16808	AllowUnSecure(Fallback) NO
16810	Security Methods
16812	AH ESP Seconds kBytes
16813	-- --- ------- ------
16814	QMPFS YES
16815	QMPFS NO
16816	FilterAction Name Action Last Modified
16817	----------------- ------ -------------
16818	%1!-38s!
16819	NONE
16820	PERMIT
16821	BLOCK
16822	NEGOTIATE
16823	NONE
16824	%1!-23s!
16825	%1!-23s!
17000	[MD5 ]
17001	[SHA1]
17002	[NONE]
17003	[NONE , NONE]
17007	[MD5 ,
17008	[SHA1 ,
17009	[NONE ,
17010	DES ]
17011	3DES]
17012	NONE]
17100	%1!6u! %2!10u!
17200	KERBEROS
17201	ROOT CA %1!s!
17202	PRESHARED Key %1!s!
17203	NONE
17300	FilterList Name %1!s!
17301	FilterList Name NONE
17304	Filter(s)
17306	FilterList Name Filters Last Modified
17307	--------------- ------- -------------
17308	GUID %1!s!
17309	Last Modified %1!s!
17310	No. of Filters %1!d!
17501	%1!-45s!
17505	NONE
17506	%1!s!
17508	%1!5d!
17510	NONE
17512	YES
17513	NO
17514	Mir Source SrcMask Destination DstMask Proto SrcPort DstPort
17515	--- ------------- ------------- ------------- ------------- ------- ------- -------
17600	< My IP Addr >
17601	< Any IP Addr >
17608	%1!3d!
17609	ANY
17610	%1!3d!
17611	ANY
17612	DNS SERVER
17613	WINS SERVER
17614	DHCP SERVER
17615	DEFAULT GATEWAY
17616	%1!3d!-%2!3d!
17617	%1!3d!-%2!3d!
17700	ICMP
17701	TCP
17703	UDP
17708	RAW
17709	ANY
17710	OTHER
17802	Main Mode Security Method Order
17803	MainMode LifeTime %1!d! minutes / %2!d! Quick mode sessions
17804	Encryption Integrity DH Group
17805	---------- --------- --------
17900	DES
17901	3DES
17902	SHA1
17903	MD5
17904	Low(1)
17905	Medium(2)
17906	2048
18000	Stand Alone FilterAction(s)
18001	---------------------------
18004	No. of Standalone FilterActions %1!d!
18100	Stand Alone FilterList(s)
18101	-------------------------
18104	No. of Standalone FilterLists %1!d!
18200	No. of FilterLists %1!d!
18204	No. of FilterLists : %1!d!
18300	No. of FilterActions %1!d!
18304	No. of FilterActions : %1!d!
18500	The policy '%1!s!' is ACTIVE. Still would you like to delete? (Y/N)
18503	Would you like to delete all the Filter List(s) and Filter Action(s) associated with the policy ? (Y/N)
18602	Delete all the Filter Lists from
18603	? (Y/N)
18652	Delete all the Filter Actions from
18653	? (Y/N)
18706	Would you like to delete both the Filter List and Filter Action associated with the rule(s)? (Y/N)
18750	Are you sure to delete all policies from
18751	? (Y/N)
18780	Following policies/rule(s) are using it
18781	---------------------------------------
18782	Rule Name : %1!s!
18783	Rule Name : NONE
18794	Life should be within %1!d! and %2!d! kBytes
18802	New Policy is created and updated successfully
18805	Creating new Policy with name '%1!s!'...
18806	Creating new Policy with name '%1!s!' and setting it to '%2!s!'...
18834	Life should be with in %1!d! and %2!d! kBytes
18840	Destination IP address has been taken as 'me'
18841	Source IP address has been taken as 'me'
18848	New Rule was created and updated successfully
18849	Creating new Rule with name '%1!s!' ...
18855	Creating new Rule with name '%1!s!' and setting it to '%2!s!' ...
18856	Server address types, address types ME or ANY, or address ranges cannot be specified for tunnel endpoint.
18861	Would you like to create a new policy? (Y/N)
18868	Certificate-to-account mapping can only be enabled on Active Directory domain members. The option will be ignored.
18869	Cert To Account Mapping: YES
18870	Cert To Account Mapping: NO
18871	If store is domain and assign is specified, GPO name is required
18872	If GPO name is specified, then you must be operating on a domain policy store.
18893	Would you like to create a new Rule? (Y/N)
19002	IKE MM Policy Name : %1!s!
19004	<My IP Address>
19005	<Any IP Address>
19006	%1!s!
19008	ICMP
19009	TCP
19010	UDP
19011	RAW
19012	ANY
19018	IKE Soft SA Lifetime : %1!u! secs
19019	WINS SERVER
19020	DHCP SERVER
19021	DNS SERVER
19022	DEFAULT GATEWAY
19023	[%1!S!]
19025	The 'Netsh ipsec' context is not compatible with the target machine.
19102	Mainmode Policies not available.
19104	Specified Mainmode Policy not available
19106	Encryption Integrity DH Lifetime (Kb:secs) QM Limit Per MM
19107	---------- --------- ---- ------------------ ---------------
19120	NONE
19121	DES
19122	UNKNOWN
19123	3DES
19125	NONE
19126	MD5
19127	SHA1
19129	%1!-5lu! %2!lu!:%3!lu! %4!-10lu!
19130	%1!-5lu! %2!lu!:%3!lu! 1 (MMPFS)
19153	Quickmode Policies not available.
19155	Specified Quickmode Policy not available
19156	QM Negotiation Policy Name : %1!s!
19158	Security Methods Lifetime (Kb:secs) PFS DH Group
19159	------------------------- --------------------- ------------
19165	AH[MD5]
19166	AH[SHA1]
19167	AH[NONE]
19168	ESP[ DES,
19169	ESP[ ERR,
19170	ESP[3DES,
19171	ESP[NONE,
19172	MD5]
19173	SHA1]
19174	NONE]
19176	Low (1)
19177	<Unassigned>
19178	%1!10lu!:%2!-10lu!
19179	Main Mode Derived
19180	High (2048)
19181	AH[ERR]
19182	ERR]
19183	ERROR
19184	AH[MD5]
19185	AH[SHA1]
19186	AH[NONE]
19187	AH[ERR]
19188	MD5]
19189	SHA1]
19190	NONE]
19191	ERR]
19193	Medium (2)
19198	Filter name : %1!s!
19200	Generic Mainmode Filters not available.
19201	Specific Mainmode Filters not available.
19202	Specified Mainmode Filter not available.
19203	Main Mode Filters:
19204	Generic
19205	-------------------------------------------------------------------------------
19206	Specific
19207	Outbound
19208	Inbound
19209	Weight : %1!d!
19210	%1!d! Generic Filter(s)
19211	%1!d! Specific Outbound Filter(s)
19212	%1!d! Specific Inbound Filter(s)
19219	ALL
19220	LAN
19221	DIALUP
19222	UNKNOWN
19229	Unknown
19236	Connection Type :
19237	Authentication Methods :
19238	Preshared key
19240	Kerberos
19241	Security Methods :
19242	%1!d!
19243	(default)
19244	NONE/
19245	DES/
19246	UNKNOWN/
19247	3DES/
19248	NONE/
19249	MD5/
19250	SHA1/
19251	DH%1!lu!/%2!lu!/QMlimit=%3!lu!
19265	Generic Quickmode Filters not available.
19266	Specific Quickmode Filters not available.
19267	Specified Quickmode Filter not available.
19268	Quick Mode Filters(Transport):
19269	Transport Rules
19270	Tunnel Rules
19271	MM Filter Name : %1!s!
19272	QM Filter Name : %1!s!
19273	Main Mode Policy : %1!s!
19274	%1!d! Transport Filter(s)
19275	%1!d! Tunnel Filter(s)
19276	Quick Mode Filters(Tunnel):
19278	Rules not available.
19280	Inbound Action : Passthru
19281	Inbound Action : Negotiate
19282	Inbound Action : Blocking
19283	Inbound Action : Unknown
19284	Outbound Action : Passthru
19285	Outbound Action : Negotiate
19286	Outbound Action : Blocking
19287	Outbound Action : Unknown
19292	%1!-5lu!
19293	Tunnel Source :
19294	Tunnel Destination :
19295	Src Port: %1!-4lu! Dest Port: %2!-4lu!
19296	Mirrored : yes
19297	Mirrored : no
19298	Quick Mode Policy : %1!s!
19299	Protocol :
19300	IKE Statistics
19301	--------------
19302	IKEStatistics not available.
19303	Main Modes : %1!S!
19304	Quick Modes : %1!S!
19305	Soft SAs : %1!S!
19306	Authentication Failures : %1!S!
19307	Active Acquire : %1!S!
19308	Active Receive : %1!S!
19309	Acquire fail : %1!S!
19310	Receive fail : %1!S!
19311	Send fail : %1!S!
19312	Acquire Heap size : %1!S!
19313	Receive Heap size : %1!S!
19314	Negotiation Failures : %1!S!
19315	Invalid Cookies Rcvd : %1!S!
19316	Total Acquire : %1!S!
19317	TotalGetSpi : %1!S!
19318	TotalKeyAdd : %1!S!
19319	TotalKeyUpdate : %1!S!
19320	GetSpiFail : %1!S!
19321	KeyAddFail : %1!S!
19322	KeyUpdateFail : %1!S!
19323	IsadbListSize : %1!S!
19324	ConnListSize : %1!S!
19325	Invalid Packets Rcvd : %1!S!
19326	IPsec Statistics
19327	----------------
19328	IPsecStatistics not available.
19329	Active Assoc : %1!S!
19330	Offload SAs : %1!S!
19331	Pending Key : %1!S!
19332	Key Adds : %1!S!
19333	Key Deletes : %1!S!
19334	ReKeys : %1!S!
19335	Active Tunnels : %1!S!
19336	Bad SPI Pkts : %1!S!
19337	Pkts not Decrypted : %1!S!
19338	Pkts not Authenticated : %1!S!
19339	Pkts with Replay Detection : %1!S!
19340	Confidential Bytes Sent : %1!S!
19341	Confidential Bytes Received : %1!S!
19342	Authenticated Bytes Sent : %1!S!
19343	Authenticated Bytes Received: %1!S!
19344	Transport Bytes Sent : %1!S!
19345	Transport Bytes Received : %1!S!
19346	Offloaded Bytes Sent : %1!S!
19347	Offloaded Bytes Received : %1!S!
19348	Bytes Sent In Tunnels : %1!S!
19349	Bytes Received In Tunnels : %1!S!
19350	Cookie Pair :
19351	%1!02x!
19352	Sec Methods :
19353	NONE
19355	3DES
19356	UNKNOWN
19358	SHA1
19359	/%1!d!/%2!d!
19360	Auth Mode :
19361	Preshared Key
19362	DSS Signature
19363	RSA Signature
19364	RSA Encryption
19365	Kerberos
19366	Source :
19367	, port %1!d!
19368	ID :
19369	ID : %1!s!
19370	Destination :
19371	Destination SecurityMethods
19372	Date/Time Created
19373	-------------------------------------------------------- ----------------------
19374	[ID:%1!-35s!]
19375	DNS: %1!-51S!
19376	[ID:%1!-35s!]
19377	Issuing CA :%1!s!
19378	Thumbprint :
19379	%1!02x!
19382
19383	Root CA : %1!s!
19387	Root CA : %1!s!
19397	IPsec MainMode Security Associations not available.
19398	IKE Main Mode SAs at %1!s!
19400	Specified MainMode Security Associations not available.
19401	Quick Mode SAs
19402	--------------
19403	IPsec QuickMode Security Associations not available.
19404	Specified QuickMode Security Associations not available.
19410	Transport Filter
19411	Tunnel Filter
19412	Unknown
19413	Policy Name : %1!s!
19414	Source Address :
19415	Destination Address :
19416	Protocol : %1!lu!
19417	Source Port : %1!u!
19418	Destination Port : %1!u!
19419	Direction : Inbound
19420	Direction : Outbound
19421	Direction : Error
19422	Offer Used
19423	Protocol : ICMP
19424	Protocol : TCP
19425	Protocol : UDP
19426	Protocol : RAW
19427	AH(b/r) ESP Con(b/r) ESP Int PFS DH Group
19428	---------- ------------- ------- ------------
19429	Encapsulation Type : IKE
19430	Encapsulation Type : Other
19431	Source UDP Encap port : %1!u!
19432	Dest UDP Encap port : %1!u!
19433	Peer Private Addr :
19434	Protocol : ANY
19446	IPsec Configuration Parameters
19447	------------------------------
19448	IPsecDiagnostics : %1!d![Not valid for Windows Vista and later operating systems]
19449	IKElogging : %1!d! [Not valid for Windows Vista and later operating systems]
19450	StrongCRLCheck : %1!d!
19451	IPsecloginterval : %1!d![Not valid for Windows Vista and later operating systems]
19452	NLBSFlags : %1!d![Not valid for Windows Vista and later operating systems]
19453	Flags : %1!d![Not valid for Windows Vista and later operating systems]
19454	IPsecexempt : %1!d!
19455	2048DHGroupId : %1!d![Not valid for Windows Vista and later operating systems]
19456	IPsec Diagnostic Level is out of range. Range is 0 - 7.
19457	IKE Logging is out of range. Range is 0 - 1.
19458	Strong CRL Check Level is out of range. Range is 0 - 2.
19459	IPsec Log Interval is out of range. Range is 60 - 86400.
19460	IPsec Exemption Level is out of range. Range is 0 - 3.
19461	(Some of the IPsec Configuration parameters are not set).
19462	Boot Mode :
19463	Stateful
19464	Block
19465	Permit
19466	UDP
19467	TCP
19468	ICMP
19469	RAW
19470	ANY
19471	%1!3d!
19472	%1!5d!
19473	Inbound
19474	Outbound
19476	No bootmode exemptions
19477	Boot Mode Exemptions :
19478	Protocol Src Port Dst Port Direction
19479	--------- --------- --------- ---------
19480	A maximum of 1024 exemptions are allowed.
19800	MD5(%1!02lu!/%2!-02lu!) None None
19801	SHA1(%1!02lu!/%2!-02lu!) None None
19802	None None None
19803	None DES (%1!02lu!/%2!-02lu!)
19804	None Unknown
19805	None 3DES(%1!02lu!/%2!-02lu!)
19806	None None
19807	MD5
19808	SHA1
19809	None
19810	None
19811	certmap
19812	excludecaname
22001	ERR Win32[%1!05d!] : %2!s!
22002	ERR IPsec[%1!05d!] :
22003	:
22004	ERR Win32[%1!05d!] : Invalid Win32 Err Code
22010	One or more essential parameters not specified
22011	Arguments are not matching. Check help for the correct syntax
22012	No Policies in Policy Store
22013	Unable to open Policy Store
22014	No Filter Actions in Policy Store
22015	No Filter Lists in Policy Store
22016	Policy with name %1!s! not exists in Policy Store
22017	Internal Error, Invalid Switch Case.
22018	Invalid Parameter for the Argument '%1!s!'
22019	IP Address specified is invalid
22020	DNS lookup failed for the given dns name '%1!s!'
22021	'%1!s!' not a valid tag for this context
22022	'%1!s!' tag already present
22023	GPOname cannot be specified without argument 'assign = y/n'
22024	Tag 'Name' or 'GUID' needed for the given command
22025	'%1!s!' tag is needed
22026	'%1!s!' is not a valid argument for the tag '%2!s!'
22027	Prefix should be between 1 and 32 only
22028	'%1!s!' is not a valid Mask/Prefix
22029	The argument supplied is null
22030	The 'Seconds' LifeTime specified is out of limit. It should be in between '%1!d!' and '%2!d!' only
22031	The 'Kbytes' specified is out of limit. It should be in between '%1!d!' and '%2!d!' only
22032	The Rekey Unit (k/s) is invalid
22033	Invalid HASH algorithm specified
22034	Incomplete ESP specified
22035	Duplicate Algo's specified for '%1!s!'
22036	None and None not allowed
22037	Invalid IPsec protocol specified. It should be ESP or AH only
22038	Max Number of OFFERS[%1!d!] is crossed
22039	Invalid QM_OFFERS. Encryption+Encryption or Authentication+Authentication are not allowed
22040	Invalid Lifetime or Data specification for QMOffers.
22041	Invalid PFS Group specified for MMOFFER
22042	P1 Group missing
22043	Invalid MMOFFER is specified
22044	File name should contain .ipsec extension only
22045	'%1!s!' and ALL not allowed
22046	Preshared key not specified
22047	Invalid Authmethod is specified
22048	Invalid Certificate specified
22049	Multiple '%1!s!' parameters are specified. Only one is allowed.
22050	The Port specified is invalid.
22051	No of arguments are more,truncated
22052	Invalid QMOFFER specified
22053	Invalid Tunnel IP specified
22054	Protocol can't be specified without source and destination addresses
22055	Subnet mask specified is invalid
22056	Non-tagged arg can only be machine or domain
22057	ERR WIN32[00014] : There is not enough memory to complete this operation.
22058	The Port specified is invalid. It should be in less than '%1!d!' only
22100	Missing Policy Name
22101	Polling Interval should be within %1!d! and %2!d! minutes
22102	Quickmode limit should be within %1!d! and %2!d! sessions
22103	Lifetime should be within %1!d! and %2!d! minutes
22111	Policy with name '%1!s!' already exists
22112	Error while adding Default Response Rule
22113	Error while creating Policy with name '%1!s!'
22114	Error while creating policy with name '%1!s!' due to failure in loading default auth methods
22121	Missing FilterList Name
22122	FilterList with name '%1!s!' already exists
22123	Error while creating FilterList with name '%1!s!'
22124	Invalid GUID specified
22131	Error while creating the specified Filter
22141	FilterAction with name '%1!s!' already exists
22142	Error while creating FilterAction with name '%1!s!'
22143	Inpass, Qmpfs, Soft and Qmsec options are not valid for the Permit or Block type FilterAction. 'action = negotiate' needs to be specified
22144	Atleast One Quick mode Security method needs to be specified
22151	Missing Rule Name
22152	Missing FilterAction Name
22153	Policy with name '%1!s!' does not exist
22154	Rule with name '%1!s!' already exists in policy '%2!s!'
22155	FilterAction with name '%1!s!' does not exist
22156	No Filters in FilterList with name '%1!s!'
22157	Error while creating Rule with name '%1!s!'
22158	Missing Rule Name or Rule ID
22159	Policy with GUID %1!s! does not exist
22160	FilterAction with GUID %1!s! does not exist
22161	Error while creating Rule with name '%1!s!' due to failure in loading default auth methods
22165	Certificate decoding operation failed
22166	Policy with name '%1!s!' does not exist in current machine's domain
22167	Invalid Tunnel IP Address Specified
22168	FilterList with name '%1!s!' does not exist
22169	Servers cannot be specified for both source and destination sides
22170	FilterList with GUID %1!s! does not exist
22171	No Directory Service available
22172	GPO with name '%1!s!' does not exist in current machine's domain
22173	Error while assigning the Policy to the GPO with name '%1!s!' or specified GPO does not exist
22174	Error while updating the Policy with name '%1!s!'
22175	Error while updating the Policy with GUID %1!s!
22176	Error while unassigning the Policy from the GPO with name '%1!s!' or specified GPO does not exist
22181	Error while updating FilterList with name '%1!s!'
22182	Error while updating FilterList with GUID %1!s!
22191	Error while updating FilterAction with name '%1!s!'
22192	Error while updating FilterAction with GUID %1!s!
22201	Rule with name '%1!s!' does not exist in Policy '%2!s!'
22202	Error while updating rule with name '%1!s!'
22203	Default rule cannot be updated with this command. Use the 'set defaultrule' command
22204	Rule with ID %1!d! does not exist in Policy '%2!s!'
22205	Invalid Rule ID Specified
22211	Error while updating Default Rule of Policy with name '%1!s!'
22221	No file name specified
22222	Invalid File / Path name
22223	Error while importing policies
22231	Error while exporting policies
22235	Error while restoring default policies
22236	This command is only available for the local store
22237	Invalid Domain Name. Domain with name '%1!s!' does not exist
22238	Your machine is not a member of domain
22241	Error while deleting Policy with name '%1!s!'
22242	No Policy with name '%1!s!'
22251	FilterList with name '%1!s!' cannot be deleted
22252	Error while deleting FilterList with name '%1!s!'
22255	No FilterList with name '%1!s!'
22256	Filter with the specified spec does not exist in FilterList with name '%1!s!'
22261	Error while updating FilterList with name '%1!s!' after deletion of the specified filter
22265	FilterAction with name '%1!s!' cannot be deleted
22266	Error while deleting FilterAction with name '%1!s!'
22267	No FilterAction with name '%1!s!'
22271	Error while deleting Rule with name '%1!s!'
22272	Error while deleting Rule with ID %1!d!
22273	Default Response Rule cannot be deleted
22274	No Rule with name '%1!s!'
22275	No Rule with ID %1!d!
22276	No Policy name specified
22280	No policy with name '%1!s!'
22281	Error while extracting NegPol info of Policy with name '%1!s!'
22282	Error while extracting Filter info of Policy with name '%1!s!'
22283	Error while extracting ISAKMP info of Policy with name '%1!s!'
22285	No Rule with name '%1!s!'
22286	No Rule with ID %1!d!
22290	No currently assigned Policy
22295	No FilterList exists in Policy Store
22296	No FilterAction exists in Policy Store
22297	Either invalid GPO name or no currently assigned policy
22298	A name must be specified when using the domain store
22299	Invalid Source IP Address specified
22300	Invalid Source IP/Mask specified
22301	Address Conflict. Source and Destination cannot have same IP/DNS
22302	Invalid server specified
22303	Server needs to be specified
22304	Invalid destination IP Address specified
22305	Invalid destination mask specified
22306	Invalid Newname. Policy with name '%1!s!' already exists
22307	Invalid Newname. Rule with name '%1!s!' already exists
22308	Invalid Newname. Filterlist with name '%1!s!' already exists
22309	Invalid Newname. Filteraction with name '%1!s!' already exists
22310	If a type is specified, 'all' needs to be specified
22311	Internal error occurred during this operation
22312	No Tunnel type rules exist in policy '%1!s!'
22313	Updating default Filteraction is not allowed through this command. Use 'Set DefaultRule' command.
22314	Policy with name '%1!s!' has READONLY attribute. Updation denied
22315	Specified Rule has READONLY attribute. Updation denied
22316	Filteraction with name '%1!s!' has READONLY attribute. Updation denied
22317	FilterList with name '%1!s!' has READONLY attribute. Updation denied
22318	Policy with name '%1!s!' has READONLY attribute. Deletion denied
22319	Rule with name '%1!s!' has READONLY attribute. Deletion denied
22320	Filteraction with name '%1!s!' has READONLY attribute. Deletion denied
22321	FilterList with name '%1!s!' has READONLY attribute. Deletion denied
22322	No name can be specified when using the local store
22323	Default response rule is not supported on Windows Vista and later versions of Windows.
23001	QMPolicy is needed when ActionInbound or ActionOutbound specified as NEGOTIATE.
23002	Port number valid for TCP or UDP protocols, continuing without PortNumber.
23003	Specified QMPolicy does not exist.
23004	Specified MainMode Policy does not exist.
23005	QMPolicy is needed when ActionInbound or ActionOutbound specified as NEGOTIATE.
23006	Cannot have IPsec policy when neither ActionInbound or ActionOutbound are specified as NEGOTIATE.
23007	Mirror = Yes is not valid for Tunnel Rule.
23011	Specified MainMode Filter does not exist.
23012	Specified Transport Filter does not exist.
23013	Specified Tunnel Filter does not exist.
23014	MainMode Policies are not available.
23015	QuickMode Policies are not available.
23021	MainMode Policy with the given name already exists.
23031	QuickMode Policy with the given name already exists.
23041	Specified MainMode Policy does not exist.
23051	Specified QMPolicy does not exist.
23061	MainMode Filters do not exist.
23062	Specified MainMode Filter does not exist and Policy is not found.
23063	Specified MainMode Policy either does not exist or not associated with specified MainMode Filter.
23064	Specified MainMode Filter does not exist.
23071	QuickMode Filters do not exist.
23072	Specified QuickMode Filter does not exist and Policy is not found.
23073	Specified QuickMode Policy either does not exist or is not associated with QuickMode Filter.
23074	Specified QuickMode Filter does not exist.
23075	Authentication method(s) being used.
23076	%1!d! MMFilter object(s) could not be deleted.
23077	%1!d! Transport Filter object(s) could not be deleted.
23078	%1!d! Tunnel Filter object(s) could not be deleted.
23081	The IPsec Policy Agent service is not active.
23082	Policy Agent service successfully started.
23090	Wrong token from Parser, Should be either IPSEC, IKE or ALL.
23091	Invalid AddressType received from Parser.
23092	Source and Destination both cannot be Servers.
23093	Tunnel Source and Tunnel Destination both cannot be Servers.

COM Classes/Interfaces

There is no type library in this file with COM classes/interfaces information

Exported Functions List

The following functions are exported by this dll:

InitHelperDll

Imported Functions List

The following functions are imported by this dll:

msvcrt.dll:

_CIpow	_XcptFilter	__dllonexit	_amsg_exit
_callnewh	_except_handler4_common	_initterm	_lock
_onexit	_unlock	_vsnprintf	_vsnwprintf
_wcsicmp	_wcsnicmp	_wremove	calloc
free	isdigit	iswdigit	malloc
memcpy	memmove	memset	swscanf
swscanf_s	time	wcschr	wcsncmp
wcsrchr	wcsspn	wcsstr	wcstok
wcstoul	wprintf

ntdll.dll:

EtwGetTraceEnableFlags	EtwGetTraceEnableLevel	EtwGetTraceLoggerHandle	EtwRegisterTraceGuidsW
EtwTraceMessage	EtwUnregisterTraceGuids	RtlCompareMemory	RtlIpv4AddressToStringExW
RtlIpv4StringToAddressW	RtlIpv6AddressToStringExW	RtlIpv6StringToAddressW	RtlNtStatusToDosError

api-ms-win-core-datetime-l1-1-1.dll:

KernelBase!GetDateFormatW KernelBase!GetTimeFormatW
api-ms-win-core-errorhandling-l1-1-1.dll:

KernelBase!GetLastError KernelBase!SetUnhandledExceptionFilter KernelBase!UnhandledExceptionFilter
api-ms-win-core-file-l1-2-1.dll:

KernelBase!FileTimeToLocalFileTime
api-ms-win-core-libraryloader-l1-2-0.dll:

KernelBase!LoadStringW
api-ms-win-core-registry-l1-1-0.dll:

KernelBase!RegCloseKey KernelBase!RegCreateKeyExW KernelBase!RegOpenKeyExW KernelBase!RegQueryValueExW
KernelBase!RegRestoreKeyW KernelBase!RegSetValueExW
api-ms-win-core-processthreads-l1-1-2.dll:

KernelBase!OpenProcessToken KernelBase!OpenThreadToken kernel32!GetCurrentProcess kernel32!GetCurrentProcessId
kernel32!GetCurrentThreadId kernel32!TerminateProcess
api-ms-win-core-profile-l1-1-0.dll:

ntdll!RtlQueryPerformanceCounter
api-ms-win-core-string-l1-1-0.dll:

KernelBase!WideCharToMultiByte
api-ms-win-core-sysinfo-l1-2-1.dll:

KernelBase!GetSystemTimeAsFileTime KernelBase!GetTickCount
api-ms-win-service-management-l1-1-0.dll:

sechost!CloseServiceHandle sechost!OpenSCManagerW sechost!OpenServiceW
api-ms-win-service-winsvc-l1-2-0.dll:

sechost!QueryServiceStatus
NETSH.EXE:

MatchEnumTag MatchTagsInCmdLine MatchToken PreprocessCommand
PrintMessageFromModule RegisterContext RegisterHelper
WS2_32.dll:

FreeAddrInfoW getaddrinfo gethostbyaddr htonl
htonl inet_addr inet_ntoa
RPCRT4.dll:

UuidCompare UuidCreate UuidCreateNil UuidFromStringW
UuidIsNil
ole32.dll:

CoInitialize combase!CoCreateInstance combase!CoTaskMemAlloc combase!CoTaskMemFree
combase!StringFromGUID2
CRYPT32.dll:

CertCloseStore CertEnumCertificatesInStore CertFindChainInStore
CertFreeCertificateContext CertGetCertificateContextProperty CertGetEnhancedKeyUsage
CertNameToStrW CertOpenStore CertStrToNameW
USERENV.dll:

FreeGPOListW GetAppliedGPOListW
ACTIVEDS.dll:

ADsGetObject adsldpc!AllocADsMem adsldpc!AllocADsStr adsldpc!FreeADsMem
adsldpc!FreeADsStr
OLEAUT32.dll:

SysAllocString SysFreeString VariantClear

POLSTORE.DLL:

IPSecAssignPolicy	IPSecClosePolicyStore	IPSecCopyFilterData	IPSecCopyNFAData
IPSecCopyNegPolData	IPSecCopyPolicyData	IPSecCreateFilterData	IPSecCreateISAKMPData
IPSecCreateNFAData	IPSecCreateNegPolData	IPSecCreatePolicyData	IPSecDeleteFilterData
IPSecDeleteISAKMPData	IPSecDeleteNFAData	IPSecDeleteNegPolData	IPSecDeletePolicyData
IPSecEnumFilterData	IPSecEnumNFAData	IPSecEnumNegPolData	IPSecEnumPolicyData
IPSecExportPolicies	IPSecFreeFilterData	IPSecFreeFilterSpec	IPSecFreeMulFilterData
IPSecFreeMulNegPolData	IPSecFreeMulPolicyData	IPSecFreeNegPolData	IPSecFreePolicyData
IPSecGetAssignedPolicyData	IPSecGetFilterData	IPSecGetISAKMPData	IPSecGetNegPolData
IPSecImportPolicies	IPSecIsDomainPolicyAssigned	IPSecOpenPolicyStore	IPSecSetFilterData
IPSecSetISAKMPData	IPSecSetNFAData	IPSecSetNegPolData	IPSecSetPolicyData
IPSecUnassignPolicy	RegCreateNFAData	RegCreatePolicyData

WINIPSEC.DLL:

AddMMAuthMethods	AddMMFilterEx	AddMMPolicy	AddQMPolicy
AddTransportFilterEx	AddTunnelFilter	CloseMMFilterHandle	CloseTransportFilterHandle
CloseTunnelFilterHandle	DeleteMMAuthMethods	DeleteMMFilter	DeleteMMPolicy
DeleteMMSAs	DeleteQMPolicy	DeleteTransportFilter	DeleteTunnelFilter
EnumMMAuthMethods	EnumMMFiltersEx	EnumMMPolicies	EnumMMSAs
EnumQMPolicies	EnumQMSAs	EnumTransportFiltersEx	EnumTunnelFilters
GetConfigurationVariables	GetMMAuthMethods	GetMMPolicy	GetMMPolicyByID
GetQMPolicy	GetQMPolicyByID	OpenMMFilterHandleEx	OpenTransportFilterHandleEx
OpenTunnelFilterHandle	QueryIPSecStatistics	SPDApiBufferFree	SetConfigurationVariables
SetMMFilterEx	SetMMPolicy	SetQMPolicy	SetTransportFilterEx
SetTunnelFilter

DNSAPI.dll:

DnsValidateName_W
WLDAP32.dll:

ldap_explode_dnW ldap_value_freeW
FirewallAPI.dll:

FwEmptyWFAddresses

KERNEL32.dll:

CloseHandle	DelayLoadFailureHook	FileTimeToSystemTime
FormatMessageW	GetComputerNameW	GetCurrentThread
GetProcessHeap	HeapFree	LocalAlloc
LocalFree	RegDeleteKeyExW	RegEnumKeyExW
Sleep	ntdll!LdrResolveDelayLoadedAPI	ntdll!RtlAllocateHeap

api-ms-win-security-base-l1-2-0.dll:

KernelBase!AdjustTokenPrivileges

KernelBase!RegCloseKey	KernelBase!RegCreateKeyExW	KernelBase!RegOpenKeyExW	KernelBase!RegQueryValueExW
KernelBase!RegRestoreKeyW	KernelBase!RegSetValueExW

KernelBase!OpenProcessToken	KernelBase!OpenThreadToken	kernel32!GetCurrentProcess	kernel32!GetCurrentProcessId
kernel32!GetCurrentThreadId	kernel32!TerminateProcess

MatchEnumTag	MatchTagsInCmdLine	MatchToken	PreprocessCommand
PrintMessageFromModule	RegisterContext	RegisterHelper

FreeAddrInfoW	getaddrinfo	gethostbyaddr	htonl
htonl	inet_addr	inet_ntoa

CoInitialize	combase!CoCreateInstance	combase!CoTaskMemAlloc	combase!CoTaskMemFree
combase!StringFromGUID2

CertCloseStore	CertEnumCertificatesInStore	CertFindChainInStore
CertFreeCertificateContext	CertGetCertificateContextProperty	CertGetEnhancedKeyUsage
CertNameToStrW	CertOpenStore	CertStrToNameW

ADsGetObject	adsldpc!AllocADsMem	adsldpc!AllocADsStr	adsldpc!FreeADsMem
adsldpc!FreeADsStr

UuidCompare	UuidCreate	UuidCreateNil	UuidFromStringW
UuidIsNil