MZ@ !L!This program cannot be run in DOS mode. $Rؕ3}3}3}H̴3}H̱3}Rich3}PEL!   @.rsrc@@(@ 8Ph(@Xp0H` x-.3@ S8YPZh[_`x~ ( @ X p        0 H ` x        8 P 'h ( - 4 : F G M N( S@ YX _p ` f l r x y  0 H ` x       8Ph(@Xp0H`x`ab c8fPghhijklmno(p@qXrpst0H`x(8HXhx(8HXhx(8HXhx(8HXhx(8HXhx(8HXhx(8HXhx(8HXhx(8HXhx--l,.t02l3/bXPcxc66L@D~|F#lHJ#%&D55Z@7 4LkvlmTnntdqNrsnuvxyytzX}t>\؇d$h@Xj2ēPV>dL8Hأb<ZDܤ*2ة`Ljl(x\TܯT0ܰH$HlhԱN$ZX &ص2 FT@ Xx46T88Rzx$Ptn h8tfHXllph8~^lH6(p(ppB d t P l0"T MUIa1-BWK|#Gf!= MUIzh-CNNfNX[P-N[Q@b gV{eu0 NeN[eQV{eu0RfNX[P0 ؏S؞:yOV{eu0 (ul: exportpolicy [ file = ] <string> \@b gV{eu[Q0ReN0 Spe: h

Nc[eN-N[eQV{eu0 Spe: h

[ [ description = ] <string> ] [ [ mmpfs = ] (yes | no) ] [ [ qmpermm = ] <integer> ] [ [ mmlifetime = ] <integer> ] [ [ activatedefaultrule = ] (yes | no) ] [ [ pollinginterval = ] <integer> ] [ [ assign = ] (yes | no) ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] (uc[ TyR^N*NV{eu0 Spe: h

[ [ description = ] <string> ] (uc[ TyR^N*Nzzv[{ hVRh0 Spe: h

[ [ description = ] <string> ] [ [ qmpfs = ] (yes | no) ] [ [ inpass = ] (yes | no) ] [ [ soft = ] (yes | no) ] [ [ action = ] (permit | block | negotiate) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] R^N*N[{ hVd\O0 Spe: h

[ policy = ] <string> [ filterlist = ] <string> [ filteraction = ] <string> [ [ tunnel = ] (ip | dns) ] [ [ conntype = ] (lan | dialup | all) ] [ [ activate = ] (yes | no) ] [ [ description = ] <string> ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] <preshared key> ] [ [ rootca = ] "<certificate> certmap:(yes | no) excludecaname:(yes | no)" ] (uc[v[{ hVRhT[{ hVd\OR^N*NĉR0 Spe: h

[ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ [ description = ] <string> ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | <integer>) ] [ [ mirrored = ] (yes | no) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ srcport = ] <port> ] [ [ dstport = ] <port> ] \[{ hVmR0Rc[v[{ hVRh0 Spe: h

| [ guid = ] <guid> [ [ newname = ] <string> ] [ [ description = ] <string> ] [ [ mmpfs = ] (yes | no) ] [ [ qmpermm = ] <integer> ] [ [ mmlifetime = ] <integer> ] [ [ activatedefaultrule = ] ( yes | no) ] [ [ pollinginterval = ] <integer> ] [ [ assign = ] (yes | no) ] [ [ gponame = ] <string> ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] f9eV{eu0 Spe: h

| [ guid = ] <guid> [ [ newname = ] <string> ] [ [ description = ] <string> ] f9e[{ hVRh TyTc0 Spe: h

| [ guid = ] <guid> [ [ newname = ] <string> ] [ [ description = ] <string> ] [ [ qmpfs = ] (yes | no) ] [ [ inpass = ] (yes | no) ] [ [ soft = ] (yes | no) ] [ [ action = ] (permit | block | negotiate) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] f9e[{ hVd\O0 Spe: h

| [id= ] <integer> [ policy = ] <string> [ [ newname = ] <string> ] [ [ description = ] <string> ] [ [ filterlist = ] <string> ] [ [ filteraction = ] <string> ] [ [ tunnel = ] (ip | dns) ] [ [ conntype = ] (lan | dialup | all) ] [ [ activate = ] (yes | no) ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] <preshared key> ] [ [ rootca = ] "<certificate> certmap:(yes | no) excludecaname:(yes | no)" ] f9eV{eu-NvĉR0 Spe: h

] nS_MR IPsec V{euX[PMOn0 Spe: h

[ [ qmpfs = ] (yes | no) ] [ [ activate = ] (yes | no) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] <preshared key> ] [ [ rootca = ] "<certificate> certmap:(yes | no) excludecaname:(yes | no)" ] O9ec[V{euv؞T^ĉR0 (W Windows Vista T Windows vfeHr,g-N\_eudkĉR0 Spe: h

e(W_S-NL]eQv_S(u \ Nf . 2. fN f\S[WbXT gHe . 3. ǏY!kO(u rootca SpeSNcOY͑fN . 4. kyNelvOHQ~1u[(W}TN-Nvz^Q[ . 5. Yg*gc[Nel RO(uR`؞ 6. NcPO(u DES T MD50cOُN{l N(uNT N|Q[0 :yO: set defaultrule Policy1 activate= y qmsec="AH[MD5]+ESP[3DES,MD5]:100000k/2000s" X (ul: set batch [mode = ] (enable | disable) nybYtfe!j_0 Spe: mode - (uNybYtfev!j_0 PA RdV{euTvsQOo`0 PA RdN*NV{euT[vĉR0 RdN*N[{ hVRh0 RdN*N[{ hVd\O0 NV{eu-N RdN*NĉR0 N[{ hVRh-N RdN*N[{ hV0  Rd@b gV{eu [{ hVRhT[{ hVd\O0 PA  (ul: policy [ name = ] <string> | [ all ] RdV{euS[v@b gvsQĉR0 Spe: h

| [ all ] Rd[{ hVRhS[v@b gvsQ[{ hV0 Spe: h

| [ all ] Rd[{ hVd\O0 Spe: h

| [ id = ] <integer> | [ all ] [ policy = ] <string> NV{eu-N RdĉR0 Spe: h

[ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | <integer>) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ srcport = ] <port> ] [ [ dstport = ] <port> ] [ [ mirrored = ] (yes | no) ] N[{ hVRh-N RdN*N[{ hV Spe: h

f:yV{euTvsQOo`v~Oo`0 >f:yV{eu~Oo`0 >f:y[{ hVRh~Oo`0 >f:y[{ hVd\O~Oo`0 >f:yĉRv~Oo`0 >f:y@b gV{euv~Oo`SvsQOo`0 >f:y~RMvV{euv~Oo`0 >f:yS_MRV{euX[P0  (ul: policy [ name = ] <string> | [ all ] [ [ level = ] (verbose | normal) ] [ [ format = ] (list | table) ] [ [ wide = ] (yes | no) ] >f:yV{euv~Oo` Spe: h

| [ rule = ] <string> | [ all ] [ [ level = ] (verbose | normal) ] [ [ format = ] (list | table ) ] [ [ resolvedns = ] (yes | no) ] [ [ wide = ] (yes | no) ] >f:y[{ hVRhv~Oo`0 Spe: h

f:y IP 0W@WvS_MR DNS f\ NSX[P(W[{ hVW[k-Nv DNS Ty0 wide -Ygn:N no TyTc\*be N ^ 80 *NW[&{vO\U^[^0 lʑ: Ygc[N 'all' \>f:y@b g[{ hVRh0 :yO: show filterlist Filterlist=Filterlist1 resolvedns=yes wide=yes  (ul: filteraction [ name = ] <string> | [ rule = ] <string> | [ all ] [ [ level = ] (verbose | normal) ] [ [ format = ] (list | table ) ] [ [ wide = ] (yes | no) ] >f:y[{ hVd\Ov~Oo`0 Spe: h

f:y@b g[{ hVd\O0 :yO: 1. show filteraction FilterAction1 - >f:y[{ hVd\O FilterAction1 v~Oo` 2. show filteraction rule=Rule1 - >f:y1uĉR Rule1 O(uv[{ hVd\O 3. show filteraction all - >f:y@b g[{ hVd\O " (ul: rule [ name = ] <string> | [ id = ] <integer> ] | [ all ] | [default] [ policy = ] <string> [ [ type = ] (tunnel | tranport) ] [ [ level = ] (verbose | normal) ] [ [ format = ] (list | table ) ] [ [ wide = ] (yes | no) ] >f:yV{euvĉRv~Oo`0 Spe: h

f:y@b gĉR0 2. Ygc[N type Spe Rc[ 'all'0 :yO: 1. show rule all type=transport policy=Policy1 - >f:y Policy1 v@b g OĉR0 2. show rule id=1 policy=Policy1 - >f:yV{euv,{N*NĉR0 3. show rule default policy=Policy1 - >f:y Policy1 v؞T^ĉRv~Oo`0 (ul: all [ [ format = ] (list | table) ] [ [ wide = ] (yes | no) ] >f:y@b gV{eu [{ hVRhT[{ hVd\O0 Spe: h

[ [ level = ] (verbose | normal) >f:yc[v GPO v;mRV{euv~Oo`0 Spe: h

f:yc[0R GPO1 vWV{eu 2. show gpoassignedpolicy - >f:ydk{:g NS_MRc[vV{eu0  (ul: store :yO: show store PA\V{eu [{ hVTd\OmR0R SPD0 PA\_!j_V{eumR0R SPD0 \;N!j_V{eumR0R SPD0 \_!j_[{ hVmR0R SPD0 \;N!j_[{ hVmR0R SPD0 mRN*NĉRTvsQTv[{ hV0R SPD0 PA (ul: qmpolicy [ name = ] <string> [ [ soft = ] (yes | no) ] [ [ pfsgroup = ] (GRP1 | GRP2 | GRP3 | GRPMM | NOPFS) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] mRN*N_!j_V{eu0R SPD0 Spe: h

[ [ qmpermm = ] <integer> ] [ [ mmlifetime = ] <integer> ] [ [ softsaexpirationtime = ] <integer> ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] mRN*N;N!j_V{eu0R SPD0 Spe: h

[ [ qmpolicy = ] <string> ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | <integer>) ] [ [ srcport = ] <port> ] [ [ dstport = ] <port> ] [ [ mirrored = ] (yes | no) ] [ [ conntype = ] (lan | dialup | all) ] [ [ actioninbound = ] (permit | block | negotiate) ] [ [ actionoutbound = ] (permit | block | negotiate) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ tunneldstaddress = ] (ip | dns) ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] <preshared key> ] [ [ rootca = ] "<certificate> certmap:(yes | no) excludecaname: (yes | no)" ] mRĉR0 Spe: h

e(W_S-NL]eQv_S(u "\" Nf0 6. fN f\N[WbXT gHe0 7. ǏY!kO(u rootca SpeSNcOY͑fN0 8. k*NNelvOHQ~1u[(W}TN-Nvz^Q[0 9. Yg*gc[Nel RO(uR`؞0 10. cd9hfNS:gg(CA) TySN2bk\ Ty\O:NfNBlvNRS0 11. Ygc[0W@WV ~~p_{/fyr[0W@W( N/fRhbP[Q) N_{/f v Tv{|W(^/f v4 b v6)0 :yO: add rule srcaddr=192.168.145.110 dstaddr=192.168.145.215 mmpolicy=mmp qmpolicy=qmp mirrored=no srcmask=32 dstmask=255.255.255.255 rootca="C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority" rootca="C=US,O=MSFT,CN=\'Microsoft North, South, East, and West Root Authority\' certmap:yes excludecaname:no" f9e SPD -NvV{eu [{ hVTd\O0 f9e SPD -Nv_!j_V{eu0 f9e SPD -Nv;N!j_V{eu0 f9e SPD -Nv_!j_[{ hV0 f9e SPD -Nv;N!j_[{ hV0 n IPSEC MnT/TReL:N0 O9e SPD -NvĉRTvsQTv[{ hV0 PA (ul: qmpolicy [ name = ] <string> [ [ soft = ] (yes | no) ] [ [ pfsgroup = ] (GRP1 | GRP2 | GRP3 | GRPMM | NOPFS) ] [ [ qmsecmethods = ] (neg#1 neg#2... neg#n) ] (W SPD -Nf9e_!j_V{eu0 Spe: h

[ [ qmpermm = ] <integer> ] [ [ mmlifetime = ] <integer> ] [ [ softsaexpirationtime = ] <integer> ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] (ueSpe(W SPD -Nf9e;N!j_V{eu0 Spe: h

| <bootmode> | <bootexemptions> ] Mn IPSec vSpe0 Spe: h

vQ-N direction :N inbound b outbound 2. cO ipsecdiagnostics0ikelogging0ipsecloginterval0bootmod T bootexemptions y (uNT N|Q[0[N Windows Vista SNTv d\O|~eHe0 3. SrcPort T DstPort N[N TCP T UDP gHe [NvQNOS MQd) [ srcport = ] <port> [ dstport = ] <port> [ mirrored = ] (yes | no) [ conntype = ] (lan | dialup | all) [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ tunneldstaddress = ] (ip | dns) ] [ [ mmpolicy = ] <string> ] [ [ qmpolicy = ] <string> ] [ [ actioninbound = ] (permit | block | negotiate) ] [ [ actionoutbound = ] (permit | block | negotiate) ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] <preshared key> ] [ [ rootca = ] "<certificate> certmap:(yes | no) excludecaname:(yes | no)" ] (W SPD -NO9eĉRSvsQv[{ hV0 Spe: h

| [ all ] N SPD -N Rd_!j_V{eu0 Ygc[N 'all' \ Rd@b g_!j_V{eu0 Spe: h

| [ all ] N SPD -N Rd;N!j_V{eu0 Ygc[N 'all' \ Rd@b g;N!j_V{eu0 Spe: h

) [ srcport = ] <port> [ dstport = ] <port> [ mirrored = ] (yes | no) [ conntype = ] (lan | dialup | all) [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ tunneldstaddress = ] (ip | dns) ] N SPD -N RdĉR0 Spe: h

f:yV{eu [{ hVTd\O0 >f:y SPD -NvV{eu [{ hV SA T~0 N SPD -N>f:y;N!j_V{eu~Oo`0 N SPD -N>f:y_!j_V{eu~Oo`0 N SPD -N>f:y;N!j_[{ hV~Oo`0 N SPD -N>f:y_!j_[{ hV~Oo`0 N SPD -N>f:y IPsec T IKE ~0 N SPD -N>f:y;N!j_[hQsQT0 N SPD -N>f:y_!j_[hQsQT0 >f:y IPsec Mn0 >f:y SPD -NvĉR~Oo`0 PA (ul: all [ [ resolvedns = ] (yes | no) ] >f:y SPD -Nv@b gV{eu [{ hV SA T~v~Oo`0 Spe: h

f:y㉐gv dns Ty0 lʑ: resolvedns v؞f:y@b gOo` Sb dns ㉐g (ul: mmpolicy [ name = ] <string> | [ all ] N SPD -N>f:y;N!j_V{euv~Oo`0 Spe: h

f:y@b g;N!j_V{eu0 :yO: 1. show mmpolicy name=mmp 2. show mmpolicy all (ul: qmpolicy [ name = ] <string> | [ all ] N SPD -N>f:y_!j_V{euv~Oo`0 Spe: h

f:y@b g_!j_V{eu0 :yO: 1. show qmpolicy name=qmp 2. show qmpolicy all / (ul: mmfilter [ name = ] <string> | [ all ] [ [ type = ] (generic | specific) ] [ [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ resolvedns = ] (yes | no) ] N SPD -N>f:y;N!j_[{ hVv~Oo`0 Spe: h

f:y㉐gv dns Ty0 lʑ: 1. ؞ type Spe:N generic0 2. gRhV{|WSN/f WINS DNS DHCP b GATEWAY0 3. Ygc[N 'all' \>f:y@b g;N!j_[{ hV0 4. Ygc[Nn0W@Wbvh0W@W \S>f:yN0W@WvsQTv[{ hV0 5. Ygc[N0W@WV ~~p_{:Nyr[0W@W(^RhbP[Q)Tv T {|W0W@W($NGW^:N v4 b v6)0 :yO: 1. show mmfilter name=mmf 2. show mmfilter all srcaddr=wins dstaddr=192.168.145.112 A (ul: qmfilter [ name = ] <string> | [ all ] [ [ type = ] (generic | specific) ] [ [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | <integer>) ] [ [ srcport = ] <port> ] [ [ dstport = ] <port> ] [ [ actioninbound = ] (permit | block | negotiate) ] [ [ actionoutbound = ] (permit | block | negotiate) ] [ [ resolvedns = ] (yes | no) ] N SPD -N>f:y_!j_[{ hVv~Oo`0 Spe: h

f:yv[{ hV{|+R SN/f specific b generic0 srcaddr -n IP 0W@W(IPV4 b IPV6)00W@WV0dns Tyb gRhV{|W0 dstaddr -vh IP 0W@W(IPV4 b IPV6)00W@WV0dns Tyb gRhV{|W0 srcmask -n0W@Wcxb 1 0R 32 vMR0 dstmask -vh0W@Wcxb 1 0R 32 vMR0 protocol -SN/f ANY0ICMP0TCP0UDP0RAW bN*Ntepe0 srcport -nzS0f:y㉐gv dns Ty0 lʑ: 1. Yg*gc[{|+R R>f:y "generic" T "specific" [{ hV0 2. gRhV{|WSN/f WINS0DNS0DHCP b GATEWAY0 3. Ygc[N0W@WV ~~p_{:Nyr[0W@W(^RhbP[Q)Tv T {|W0W@W($NGW^:N v4 b v6)0 :yO: 1. >f:y qmfilter name=qmf 2. >f:y qmfilter all srcaddr=192.134.135.133 proto=TCP 3. Ygc[ "all" R\>f:y@b g_!j_[{ hV0 4. Ygc[nbvh0W@W Ty R\S>f:yN0W@WvsQTv[{ hV0 (ul: stats [ [type =] (all | ike | ipsec) ] >f:y IPsec T IKE ~v~Oo`0 Spe: h

f:y(IPsec T IKE) lʑ: :yO: 1. show stats all 2. show stats type=ipsec  (ul: mmsas [ [ all ] ] [ [ srcaddr =] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr =] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ format = ] (list | table) ] [ [ resolvedns = ] (yes | no) ] >f:yc[0W@Wv;N!j_[hQsQT0 Spe: h

f:y@b g;N!j_[hQsQT0 srcaddr -n ip 0W@W(ipv4 b ipv6)00W@WV0dns Tyb gRhV{|W0 dstaddr -vh ip 0W@W(ipv4 b ipv6)00W@WV0dns Tyb gRhV{|W0 format -NO\U^f:y㉐gv dns Ty0 lʑ: 1. gRhV{|WSN/f WINS DNS DHCP b GATEWAY0 2. Ygc[N0W@WV ~~p_{:Nyr[0W@W(^RhbP[Q)Tv T{|W0W@W($NGW^:N v4 b v6)0\ :yO: 1. show mmsas all 2. show mmsas srca=192.168.145.110 dsta=192.168.145 .215 H (ul: qmsas [ [ all ] ] [ [ srcaddr =] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr =] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | <integer>) ] [ [ format = ] (list | table) ] [ [ resolvedns = ] (yes | no) ] >f:yc[0W@Wv_!j_[hQsQT0 Spe: h

f:y@b g_!j_[hQsQT0 srcaddr -n IP 0W@W(IPv4 b IPv6)00W@WV0DNS Tyb gRhV{|W0 dstaddr -vh IP 0W@W(IPv4 b IPv6)00W@WV0DNS Tyb gRhV{|W0 protocol -SN/f ANY0ICMP0TCP0UDP0RAW bN*Ntepe0 format -O\U^-NvQb6Rh&{Rf:y㉐gv DNS Ty0 f: 1. gRhV{|WSN/f WINS0DNS0DHCP b GATEWAY0 2. Ygc[0W@WV ~~p_{/fyr[0W@W( N/fRhbP[Q) N_{/fv Tv{|W(^/f v4 b v6)0\n :yO: 1. show qmsas all 2. show qmsas srca=192.168.145.110 dsta=192.168.145.215 ; (ul: config >f:y IPsec MnSpevS_MRn0 lʑ: :yO: show config  (ul: rule [ [ type = ] (transport | tunnel) ] [ [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | <integer>) ] [ [ srcport = ] <port> ] [ [ dstport = ] <port> ] [ [ actioninbound = ] (permit | block | negotiate) ] [ [ actionoutbound = ] (permit | block | negotiate) ] [ [ resolvedns = ] (yes | no) ] >f:y SPD -NvĉR~Oo`0 Spe: h

f:yvĉR{|W SN/f transport b tunnel0 srcaddr -n ip 0W@W(ipv4 b ipv6)00W@WV0dns Tyb gRhV{|W0 dstaddr -vh ip 0W@W(ipv4 b ipv6)00W@WV0dns Tyb gRhV{|W0 srcmask -n0W@WcxbN*N 1 0R 32 vMR0 dstmask -vh0W@WcxbN*N 1 0R 32 vMR0 protocol -SN/f ANY ICMP TCP UDP RAW bN*Ntepe0 srcport -nzS0f:y㉐gv dns Ty0 lʑ: 1. type Spev؞f:yN0W@WvsQTvĉR0 4. Ygc[N0W@WV ~~p_{:Nyr[0W@W(^RhbP[Q)Tv T{|W 0W@W($NGW^:N v4 b v6)0 :yO: 1. show rule - shows both transport and tunnel rules 2. show rule type=transport srcaddr=192.134.135.133 proto=TCP PA V{eupev : %1!d! $X[P : ,g0WX[P <%1!s!> $X[P : ,g0WX[P <%1!s!> #X[P : WX[P <%1!s!> #X[P : WX[P <%1!s!> PAX[P : ,g0WX[P X[P : WX[P ܏ z{:g <%1!s!> ,g0W{:g <%1!s!> ܏ zW <%1!s!> ,g0WW <%1!s!>,g0W{:g,g0WWPA V{eu Ty : %1!s! - ĉR ID : %1!d!, GUID = %2!s![{ hVRh Ty : %1!s! [{ hVRh Ty : e PAV{eu Ty : %1!s! c : %1!s! c : e ]RM : /f ]RM : &T ;N PFS : /f ;N PFS : &T n : %1!d! R  ĉRpev : %1!d!  ĉR~Oo` ------------ $]RM : /f FO/f AD V{euv  ĉR Ty : %1!s!  ĉR Ty : e Nel(%1!d!) Svh IP 0W@W: ޏc{|W : hQ ޏc{|W : LAN ޏc{|W : bS PAޏc{|W : e [{ hVRh~Oo` ------------------  (W؞T^ĉR-Nl g[{ hVRh [{ hVd\O~Oo` --------------------- PA OĉRpev : %1!d! SĉRpev : %1!d!]o;m : /f ]o;m : &T E]o;m : YES Windows Vista T Windows vfeHr,g N/ec؞T^ĉR0V{eueHe0 PA[{ hVd\O Ty : %1!s! [{ hVd\O Ty : e d\O : AQ d\O : ;bk d\O : OSFU[hQ AllowUnsecure(Fallback): /f AllowUnsecure(Fallback): &T eQzǏ : /f PAeQzǏ : &T [hQelpev : %1!d!8 AH ESP LIFE (Sec/kB) 8 -- --- ------------- QMPFS : /f QMPFS : &T KERBEROS 9h CA : %1!s! qQN[ : %1!s! e PA [{ hVRh Ty : %1!s!  [{ hVRh Ty : e [{ hVpev : %1!d! [{ hV --------- GUID : %1!s!  N!kO9ee : %1!s! !n DNS Ty : <bv IP 0W@W> n DNS Ty : %1!s! !n DNS Ty : <NUO IP 0W@W> .n DNS Ty : <A Specific IP Address> -n DNS Ty : <A Specific IP Subnet> n DNS Ty : e vh DNS Ty : <bv IP 0W@W> vh DNS Ty : %1!s! vh DNS Ty : <NUO IP 0W@W> -vh DNS Ty : <A Specific IP Address> ,vh DNS Ty : <A Specific IP Subnet> vh DNS Ty : e ]\P : /f ]\P : &T n DNS Ty : %1!s! ㉐g:N vh DNS Ty : %1!s! ㉐g:N(n DNS Ty : < DNS SERVER > *n DNS Ty : < WINS SERVER > )n DNS Ty : < DHCP SERVER > *n DNS Ty : < DEFAULT GATEWAY > )vh DNS Ty : < DNS SERVER > )vh DNS Ty : < WINS SERVER > (vh DNS Ty : < DHCP SERVER > )vh DNS Ty : < DEFAULT GATEWAY > %1!-15s! %1!s!%1!s!  , ... , PA"n IP 0W@W : <bv IP 0W@W> "n IP 0W@W : <NUO IP 0W@W> n IP 0W@W : ncx : !vh IP 0W@W : <bv IP 0W@W> !vh IP 0W@W : <NUO IP 0W@W> vh IP 0W@W : vhcx : nzS : %1!d! nzS : NUO vhzS : %1!d! vhzS : NUO ㉐g:N %1!s! <DNS d"}1Y%> (n IP 0W@W : < DNS SERVER > *n IP 0W@W : < WINS SERVER > )n IP 0W@W : < DHCP SERVER > *n IP 0W@W : < DEFAULT GATEWAY > )vh IP 0W@W : < DNS SERVER > )vh IP 0W@W : < WINS SERVER > (vh IP 0W@W : < DHCP SERVER > )vh IP 0W@W : < DEFAULT GATEWAY > nzSV : %1!d!-%2!d! vhzSV : %1!d!-%2!d! OS : ICMP OS : TCP OS : UDP OS : RAW OS : ANY OS : %1!d! PA ;N!j_[hQelz^ ,;N!j_uX[e : %1!d! R / %2!d! _!j_O݋ $ R[ Ɩb DH ~ ( ---------- --------- -------- DES  3DES  SHA1  MD5  NO(1)  -N(2)  2048 + n{:g :<%1!s!> v,g0W{:g GPO ! nW : %1!s! DC Ty : %1!s! GPO Ty : %1!s! ,g0W IPsec V{eu Ty : %1!s! AD IPsec V{eu Ty : %1!s! !GPO DN : %1!s! PAGPO OU c : %1!s! AD V{eu DN : %1!s! $,g0W IPsec V{euRM : /f FO/f AD V{euck(Wv ,g0W IPsec V{eu DN : %1!s! ,g0W IPsec V{eu Ty : e AD IPsec V{eu Ty : e IPsec V{eu Ty : %1!s! IPsec V{eu DN : %1!s! IPsec V{euRM : /f  cd CA Ty : /f  cd CA Ty : &T  /T(ufN f\ : /f  /T(ufN f\ : &T  V{eupev %1!d!  V{eupev : %1!d! $X[P ,g0WX[P <%1!s!> $X[P ,g0WX[P <%1!s!> #X[P WX[P <%1!s!> #X[P WX[P <%1!s!> X[P ,g0WX[P X[P WX[P fN0R^7bv f\ /f fN0R^7bv f\ &T PA V{eu Ty %1!s!  ĉR Ty %1!s! l gc[V{eu Ty PA- ĉR ID %1!d!, GUID = %2!s! %1!-23s! V{eu Ty %1!s! c %1!s! c e ]RM /f ]RM &T ;N PFS /f PA;N PFS &T n %1!d! R  ĉRpev %1!d! ĉR~Oo`  ------------ $]RM /f FO/f AD V{euv 2 ĉR Ty ĉR N!kf9ee RM %1!-32s! YES FO/f AD V{euv  /f  &T @---------- ----- ------------ ------ ,V{eu Ty ĉR N!kf9ee 8----------- ----- ------------ PAĉR Ty : %1!s! ĉR Ty e Nel(%1!d!) * ]/T(u [{ hVRh [{ hVd\O NA ------- ---------- ------------ --------------Svh IP 0W@W e Svh IP 0W@W ޏc{|W @b g ޏc{|W LAN ޏc{|W bS ޏc{|W *gw [{ hVRh~Oo` ------------------ [{ hVd\O~Oo` -------------------- ]o;m /f ]o;m &T ĉR Ty e  /f  &T  e  Kerb Cert Pre OĉRpev %1!d! Spev %1!d!PA) ]/T(u [{ hVRh [{ hVd\O S~~p? ------- ---------- ------------ --------------8 YES Windows Vista T Windows vfeHr,g N/ec؞T^ĉR0V{eueHe0 E]o;m YES Windows Vista T Windows vfeHr,g N/ec؞T^ĉR0V{eueHe0 PA[{ hVd\O Ty %1!s! [{ hVd\O Ty e d\O AQ d\O ;bk d\O OSFU[hQ eQzǏ /f eQzǏ &T AllowUnSecure(Fallback) /f AllowUnSecure(Fallback) &T [hQel ' AH ESP y CSW[ + -- --- ------- ------ QMPFS /f QMPFS &T PA/[{ hVd\O Ty d\O N!kf9ee ?----------------- ------ ------------- %1!-38s!  e AQ ;bk OSFU e %1!-23s! %1!-23s! PA[MD5 ] [SHA1] [e] [e , e] [MD5 ,PA[SHA1 ,[e , DES ]  3DES]  e] PA%1!6u! %2!10u! KERBEROS 9h CA %1!s! qQN[ %1!s! e PA [{ hVRh Ty %1!s!  [{ hVRh Ty e [{ hV 7[{ hVRh Ty [{ hV N!kf9ee J--------------- ------- ------------- GUID %1!s!  N!kf9ee %1!s! [{ hVpev %1!d! PA %1!-45s! PAe %1!s! %1!5d!  e /f &T ]Mir Source SrcMask Destination DstMask Proto SrcPort DstPort ]--- ------------- ------------- ------------- ------------- ------- ------- ------- PA< bv IP 0W@W > < NUO IP 0W@W > %1!3d!  NUO %1!3d!  NUO  DNS SERVER  WINS SERVER  DHCP SERVER DEFAULT GATEWAY  %1!3d!-%2!3d!  %1!3d!-%2!3d!  ICMP  TCP  UDP  RAW  ANY OTHER PA ;N!j_[hQelz^ .;N!j_uX[e %1!d! R / %2!d! _!j_O݋  R[ Ɩb DH ~  ---------- --------- -------- DES 3DES  SHA1  MD5  NO(1) -N(2) 2048  rz[{ hVd\O --------------------------- " rz[{ hVd\Opev %1!d! rz[{ hVd\O -------------------------  rz[{ hVRhpev %1!d!  [{ hVRhpev %1!d!  [{ hVRhpev : %1!d!  [{ hVd\Opev %1!d!  [{ hVd\Opev : %1!d! !V{eu '%1!s!' /f;mRv0`ON6q` Rd[T? (Y/N) $`O` Rd@b gNdkV{euvsQTv[{ hVRhT[{ hVd\OT ? (Y/N) PA Rd@b g[{ hVRh N ? (Y/N) Rd@b g[{ hVd\O N ? (Y/N) $`O` Rd@b gNdkĉRvsQTv[{ hVRhT[{ hVd\OT ? (Y/N) `O/f&Tnx[ Rd@b gV{eu N ? (Y/N) PA NRV{eu/ĉRck(WO(u[ (---------------------------------------  ĉR Ty : %1!s!  ĉR Ty : e PALife ^(W %1!d! 0R %2!d! CSW[KN PA bRR^v^feNeV{eu ck(W(u Ty '%1!s!' R^eV{eu... &ck(W(u Ty '%1!s!' R^eV{eu v^Nn[:N '%2!s!'... PALife ^(W %1!d! 0R %2!d! CSW[KN vh IP 0W@W:N/f ,g:g 0W@W n IP 0W@W:N/f ,g:g 0W@W bRR^v^feeĉR ck(WR^eĉR Ty:N '%1!s!' ... 'ck(WR^ T:N '%1!s!' veĉR v^\[n:N '%2!s!' ... & N[S~~pc[ gRhV0W@W{|W00W@W{|W ME b ANY b0W@WV `O`R^N*NeV{euT? (Y/N) PA-fN0R^7bv f\S(W Active Directory WbXT N/T(u0dk y\_eu0 fN0R^7bv f\ : /f fN0R^7bv f\ : &T YgX[P/fW v^Nc[NRM GPO Ty\_eu Ygc[N GPO Ty R`O_{(WWV{euX[P Nd\O0 PA`OR^N*NeĉRT? (Y/N) PA IKE MM V{eu Ty : %1!s! <bv IP 0W@W> <NUO IP 0W@W>%1!s! ICMP TCP UDP RAW ANY  IKE oN SA uX[e : %1!u! yWINS SERVER DHCP SERVER DNS SERVER DEFAULT GATEWAY  [%1!S!]'Netsh ipsec' N NeNvh{:g N|Q[0 ;N!j_V{eu NS(u0 c[v;N!j_V{eu NS(u0 ? Encryption Integrity DH Lifetime (Kb:secs) QM Limit Per MM? ---------- --------- ---- ------------------ ---------------PA e DES  *gw 3DES  e MD5 SHA1 0 %1!-5lu! %2!lu!:%3!lu! %4!-10lu! 0 %1!-5lu! %2!lu!:%3!lu! 1 (MMPFS) _!j_V{eu NS(u0 c[v_!j_V{eu NS(u0  QM OSFUV{eu Ty : %1!s!1 [hQel uX[e (Kb:secs) PFS DH ~> ------------------------- --------------------- ------------  AH[MD5]  AH[SHA1]  AH[NONE] ESP[ DES, ESP[ ERR, ESP[3DES, ESP[NONE,MD5] SHA1] NONE]  NO (1) <*gc[>  %1!10lu!:%2!-10lu! ;N!j_]>mu ؚ(2048)  AH[ERR] ERR]  ERROR AH[MD5] AH[SHA1] AH[NONE] AH[ERR] MD5] SHA1]NONE]ERR] + -N (2)  [{ hV Ty : %1!s!PA nf;N!j_[{ hV NS(u0 yr[;N!j_[{ hV NS(u0 c[v;N!j_[{ hV NS(u0 ;N!j_[{ hV: nf P -------------------------------------------------------------------------------yr[ Qz eQz  Cg͑ : %1!d! %1!d! nf[{ hV %1!d! yr[Qz[{ hV %1!d! yr[eQz[{ hVPA @b g  LAN  bS *gw  *gwPA ޏc{|W : Nel : qQN[ Kerberos [hQel : %1!d!(؞) e/ DES/ *gw/ 3DES/*gw/MD5/SHA1/DH%1!lu!/%2!lu!/QMlimit=%3!lu!  PAnf_!j_[{ hV NS(u0 yr[_!j_[{ hV NS(u0 c[v_!j_[{ hV NS(u0  _!j_[{ hV( O):  OĉR  SĉR  MM [{ hV Ty : %1!s! QM [{ hV Ty : %1!s! ;N!j_V{eu : %1!s! %1!d! O[{ hV  %1!d! S[{ hV  _!j_[{ hV(S): ĉR NS(u0 PA eQzd\O : Ǐ eQzd\O : OSFU eQzd\O : ;bk eQzd\O : *gw Qzd\O : Ǐ Qzd\O : OSFU Qzd\O : ;bk Qzd\O : *gw %1!-5lu!  Sn :  Svh : nzS: %1!-4lu! vhzS: %2!-4lu!  ]\P : /f ]\P : &T _!j_V{eu : %1!s! OS : IKE ~ --------  IKEStatistics NS(u0 ! ;N!j_ : %1!S! _!j_ : %1!S!# o SA : %1!S! N1Y% : %1!S! ;mRUc : %1!S! ;mRc6e : %1!S! Uc1Y% : %1!S! c6e1Y% : %1!S! S1Y% : %1!S!PA UcX'Y\ : %1!S! c6eX'Y\ : %1!S! OSFU1Y% : %1!S! c6e0ReHev Cookie : %1!S! ;`qQUc : %1!S!$ TotalGetSpi : %1!S!$ TotalKeyAdd : %1!S!$ TotalKeyUpdate : %1!S!$ GetSpiFail : %1!S!$ KeyAddFail : %1!S!$ KeyUpdateFail : %1!S!$ IsadbListSize : %1!S!$ ConnListSize : %1!S! c6e0ReHepencS : %1!S! IPsec ~ ---------------- PA IPsecStatistics NS(u0 ;mRsQT : %1!S!" xS} SA : %1!S! cwv[ : %1!S! [mR : %1!S! [ Rd : %1!S! ͑eub[ : %1!S! ;mRS : %1!S! v SPI pencS : %1!S! l g[vpencS : %1!S! *gvpencS : %1!S! g͑>ehKmvpencS : %1!S! Sv:g[W[ : %1!S! c6ev:g[W[ : %1!S! Sv~ǏvW[ : %1!S! c6ev~ǏvW[ : %1!S!PA Sv OW[ : %1!S! c6ev OW[ : %1!S! SvxS}W[ : %1!S! c6evxS}W[ : %1!S!  (WS-NSvW[ : %1!S! (WS-Nc6evW[ : %1!S! Cookie [ : %1!02x! [hQel : eDES3DES*gwMD5SHA1 /%1!d!/%2!d!PA Nel : qQN[DSS ~{ TRSA ~{ TRSA R[Kerberos n : zS %1!d! ID :  ID : %1!s! vh : D vh [hQel E e/eg]R^Q -------------------------------------------------------- ---------------------- [ID:%1!-35s!]  DNS: %1!-51S! [ID:%1!-35s!]  S CA :%1!s! c~ :%1!02x!:/*  9h CA : %1!s!%S(  ) 9h CA : %1!s!IPsec ;N!j_[hQsQT NS(u0  IKE ;N!j_ SA (W %1!s!c[v;N!j_[hQsQT NS(u0 _!j_ SA ------------ IPsec _!j_[hQsQT NS(u0 c[v_!j_[hQsQT NS(u0  O[{ hV  S[{ hV  *gw  V{eu Ty : %1!s! n0W@W :  vh0W@W :  OS : %1!lu! nzS : %1!u! vhzS : %1!u! eT : eQz eT : Qz eT :  O(uvcO  OS : ICMPPA OS : TCP OS : UDP OS : RAW/ AH(b/r) ESP Con(b/r) ESP Int PFS DH Group/ ---------- ------------- ------- ------------ \ň{|W : IKE \ň{|W : vQN n UDP \ňzS : %1!u! vh UDP \ňzS : %1!u! [I{zy g0W@W :  OS : NUO () IPsec MnSpe ------------------------------ 8IPsecDiagnostics : %1!d![Windows Vista Tfed\O|~eHe] 9IKElogging : %1!d! [Windows Vista Tfed\O|~eHe] StrongCRLCheck : %1!d! 8IPsecloginterval : %1!d![Windows Vista Tfed\O|~eHe] 8NLBSFlags : %1!d![Windows Vista Tfed\O|~eHe] 6h_ : %1!d![Windows Vista Tfed\O|~eHe] IPsecexempt : %1!d! 82048DHGroupId : %1!d![Windows Vista Tfed\O|~eHe] IPsec ʋe~+RQV0V/f 0 0R 70 IKE e_QV0V/f 0 0R 10 :_ CRL hgI{~QV0V/f 0 0R 20 IPsec e_QV0V/f 60 0R 864000 IPsec MQdI{~QV0V/f 0 0R 30 (NN IPsec MnSpel gn)0 _[!j_ : Stateful;bkS UDP TCP ICMP RAW ANY %1!3d! %1!5d! eQzQz l g_[!j_MQd _[!j_MQd :OS nzS vhzS eT (--------- --------- --------- --------- g'YAQ 1024 *NMQd0 * MD5(%1!02lu!/%2!-02lu!) e e *SHA1(%1!02lu!/%2!-02lu!) e e  e e e % e DES (%1!02lu!/%2!-02lu!)  e *gw % e 3DES(%1!02lu!/%2!-02lu!)  e e  MD5 PA SHA1  e  e certmap excludecaname/f&TERR Win32[%1!05d!] : %2!s!ERR IPsec[%1!05d!] :  : $ERR Win32[%1!05d!] : eHev Win32 Nx N*NbY*NW,gSpel gc[ Spe N9SM0g.^RNNcknxl (WV{euX[P-Nl gV{eu NSb_V{euX[P (WV{euX[P-Nl g[{ hVd\O (WV{euX[P-Nl g[{ hVRh  T:N %1!s! vV{euX[(WNV{euX[P-N Q eHev Switch Case0 Spe[Sϑ '%1!s!' eHe c[v IP 0W@WeHe [~[v DNS Ty '%1!s!' DNS d"}1Y% '%1!s!' [dk N Neeg N/f gHevh '%1!s!' h]~X[(W "l gSpe 'assign = y/n' e Nc[ GPOname ~[}TNh 'Name' b 'GUID'  '%1!s!' h '%1!s!' [h '%2!s!' eg N/f gHevSpe MR^(W 1 0R 32 KN '%1!s!' N/fN*N gHevcx/MR cOvSpe:Nzz 2c[v 'Seconds' uX[eǏNP6R0[^(W '%1!d!' 0R '%2!d!' KN -c[v 'Kbytes' ǏNP6R0[^(W '%1!d!' 0R '%2!d!' KN ͑eub[USMO(k/s)eHe c[NeHevT ^{l c[N N[tev ESP :N '%1!s!' c[N͑ Yv{l  NAQ None T None c[NeHev IPsec OS0[^:N ESP b AH ǏNg'Ypevv OFFERS[%1!d!] GeHe QM_OFFERS0 NAQ Encryption+Encryption b Authentication+Authentication [ QMOffers c[NeHevuX[ebpenc0 :N MMOFFER c[NeHev PFS ~ :\ P1 ~ c[NeHev MMOFFER eN T^SS+T .ipsecibU\  NAQ '%1!s!' T ALL l gc[qQN[ c[NeHeNel PAc[NeHefN c[NY*N '%1!s!' Spe0SAQN*N0 c[vzSeHe0 Spe*YY *be c[NeHev QMOFFER c[NeHevS IP l gnTvh0W@W Nc[OS c[vP[QcxeHe l gh~{vSpeS/f{:gbW "ERR WIN32[00014] : l gYvQX[eg[bdkd\O0 c[vzSeHe0[^\N '%1!d!' PA:\V{eu Ty n^(W %1!d! 0R %2!d! RKN _!j_P6R^(W %1!d! 0R %2!d! *NO݋KN uX[e^(W %1!d! 0R %2!d! RKN  T:N '%1!s!' vV{eu]~X[(W mR؞T^ĉReSu (u Ty '%1!s!' R^V{eu1Y% '1uNR}؞Nel1Y% (W(u Ty '%1!s!' R^V{eueSu :\ FilterList Ty  T:N '%1!s!' v FilterList ]~X[(W (u Ty '%1!s!' R^ FilterList 1Y% c[NeHev GUID PA R^c[v[{ hV1Y%  T:N '%1!s!' v FilterAction ]~X[(W (u Ty '%1!s!' R^ FilterAction 1Y% ][N Permit b Block {|Wv FilterAction Inpass0 Qmpfs0Soft T Qmsec yeHe0c[ 'action = negotiate' \c[N*N_!j_[hQel :\ĉR Ty :\ FilterAction Ty  T:N '%1!s!' vV{eu NX[(W T:N '%1!s!' vĉR]~(WV{eu '%2!s!' -NX[(W  T:N '%1!s!' v FilterAction NX[(W (W FilterList -Nl g T:N '%1!s!' v[{ hV (W(u Ty '%1!s!' R^ĉReQs :\ĉR TybĉR ID GUID :N %1!s! vV{eu NX[(W PA GUID :N %1!s! v FilterAction NX[(W &1uNR}؞Nel1Y% (W(u Ty '%1!s!' R^ĉReQs fNxd\O1Y%  T:N '%1!s!' vV{eu(WS_MR{:gvW-N NX[(W c[NeHevS IP 0W@W  T:N '%1!s!' v FilterList NX[(W nTvhz Nc[ gRhV GUID :N %1!s! v FilterList NX[(W l gS(uvvU_ gR  T:N '%1!s!' v GPO (WS_MR{:gvW-N NX[(W +(W\V{euRM~ T:N '%1!s!' v GPO eQs bc[v GPO NX[(W fe T:N '%1!s!' vV{eueQs fe GUID :N %1!s! vV{eueQs PA,(WN T:N '%1!s!' v GPO -NSmRMvV{eue1Y% bc[v GPO NX[(W fe T:N '%1!s!' v FilterList eQs fe GUID :N %1!s! v FilterList 1Y% fe T:N '%1!s!' v FilterAction 1Y% PA"fe GUID :N %1!s! v FilterAction 1Y%  T:N '%1!s!' vĉR(WV{eu '%2!s!' -N NX[(W (Wfe T:N '%1!s!' vĉReQs & N(udk}TNfe؞ĉR0O(u 'set defaultrule' }TN ID :N %1!d! vĉR(WV{eu '%2!s!' -N NX[(W c[NeHeĉR ID (Wfe T:N '%1!s!' vV{euv؞ĉReQs l gc[eN T eHeeN/_ Ty [eQV{eueQs [QV{eueQs ؏S؞V{eueQs dk}TNS[,g0WX[PS(u eHeW T0 T:N '%1!s!' vW NX[(W `Ov{:g N/fWvbXT  Rd T:N '%1!s!' vV{euQs l g T:N '%1!s!' vV{eu  N Rd T:N '%1!s!' v FilterList Rd T:N '%1!s!' v FilterList Qsl g T:N '%1!s!' v FilterList PA$c[v[{ hV(W T:N '%1!s!' v FilterList -N NX[(W + Rdc[v[{ hVT (Wfe T:N '%1!s!' v FilterList eQs  N Rd T:N '%1!s!' v FilterAction"(W Rd T:N '%1!s!' v FilterAction eSul g T:N '%1!s!' v FilterAction (W Rd T:N '%1!s!' vĉReSu PA(W Rd ID :N %1!d! vĉReSu N Rd؞T^ĉR l g T:N '%1!s!' vĉR l g ID :N %1!d! vĉR l gc[V{eu Ty l g T:N '%1!s!' vV{eu "(WcS T:N '%1!s!' vV{euv NegPol Oo`eQs (WcS T:N '%1!s!' vV{euv[{ hVOo`eQs "(WcS T:N '%1!s!' vV{euv ISAKMP Oo`eQs l g T:N '%1!s!' vĉR l g ID :N %1!d! vĉR l gS_MR]RMvV{eu (WV{euX[P-Nl g]X[(Wv FilterList (WV{euX[P-Nl g]X[(Wv FilterAction eHev GPO Ty bl gS_MR]c[vV{eu (WO(uWX[Pe_{c[ Ty c[NeHevn IP 0W@W c[NeHevn IP/cx 0W@WQz0nTvh N gv Tv IP/DNS c[NeHev gRhV c[ gRhV c[NeHevvh IP 0W@W c[NeHevvhcx Newname eHe0 T:N '%1!s!' vV{eu]~X[(W Newname eHe0 T:N '%1!s!' vĉR]~X[(W (Newname eHe0 T:N '%1!s!' v Filterlist ]~X[(W *Newname eHe0 T:N '%1!s!' v Filteraction ]~X[(W Ygc[N{|W Rc[ 'all' (Wdkd\OǏ z-NSuNQ (WV{eu '%1!s!' -N NX[(WS{|WĉR 3 NǏdk}TNfe؞ Filteraction0O(u 'Set DefaultRule' }TN0 " T:N '%1!s!' vV{eu g READONLY ^\'`0feb~ c[ĉR g READONLY ^\'`0feb~ . T:N '%1!s!' v Filteraction g READONLY ^\'`0feb~ , T:N '%1!s!' v FilterList g READONLY ^\'`0feb~ " T:N '%1!s!' vV{eu g READONLY ^\'`0 Rdb~ " T:N '%1!s!' vĉR g READONLY ^\'`0 Rdb~ PA. T:N '%1!s!' v Filteraction g READONLY ^\'`0 Rdb~ , T:N '%1!s!' v FilterList g READONLY ^\'`0 Rdb~ (WO(u,g0WX[Pe Nc[ Ty (Windows Vista T Windows vfeHr,g N/ec؞T^ĉR0 PA>S_ ActionInbound b ActionOutbound c[:N NEGOTIATE e QMPolicy0 ) zSS[ TCP b UDP OS gHe \~~ NO(u PortNumber0 c[v QMPolicy NX[(W0 c[v MainMode V{eu NX[(W0 >S_ ActionInbound b ActionOutbound c[:N NEGOTIATE e QMPolicy0 ?ActionInbound b ActionOutbound Nc[:N NEGOTIATE eelwQ g IPsec V{eu0 Mirror = Yes [SĉR/feHev0 c[v MainMode [{ hV NX[(W0 c[v O[{ hV NX[(W0 c[vS[{ hV NX[(W0 MainMode V{eu NS(u0 QuickMode V{eu NS(u0 ~[ Tyv MainMode V{eu]~X[(W0 PA~[ Tyv QuickMode V{eu]~X[(W0 c[v MainMode V{eu NX[(W0 c[v QMPolicy NX[(W0 MainMode [{ hV NX[(W0 c[v MainMode [{ hV NX[(W v^N~b N0RV{eu0 ,c[v MainMode V{eu NX[(W bl gNc[v MainMode [{ hVvsQT0 c[v MainMode [{ hV NX[(W0 QuickMode [{ hV NX[(W0 PAc[v QuickMode [{ hV NX[(W v^N~b N0RV{eu0 +c[v QuickMode V{eu NX[(W bl gN QuickMode [{ hVvsQT0 c[v QuickMode [{ hV NX[(W0 ck(WO(uvNel0  N Rd %1!d! MMFilter [a0  N Rd %1!d! O[{ hV[a0  N Rd %1!d! S[{ hV[a0 IPsec V{euNt gRl g(WЏL0 V{euNt gRbR/TR0 ! egRghVvW[&{2N ^/f IPSEC IKE b ALL0 NRghVc6e0ReHev AddressType0 nTvh N/f gRhV0 SnTSvh N/f gRhV0 4VS_VERSION_INFO@%@%? StringFileInfo080404B0LCompanyNameMicrosoft CorporationXFileDescriptionNet Shell IP [hQ.^R z^ DLLr)FileVersion6.3.9600.16384 (winblue_rtm.130821-1623): InternalNamenshipsec.dll.LegalCopyright Microsoft Corporation. All rights reserved.JOriginalFilenamenshipsec.dll.muij%ProductNameMicrosoft Windows Operating SystemBProductVersion6.3.9600.16384DVarFileInfo$TranslationPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGX