Psec Using the Command Line

As with many other functions in Windows Server 2008 management, you can configure IPsec policy via the command line. This section briefly outlines some of the more commonly used IPsec commands. However, you may want to explore the command line options for IPsec on your own so you're familiar with these options. You can configure static mode and dynamic mode options, as shown in Table 8.4. You can type netsh ipsec /? to get a full list of command line options related to IPsec.

Table 8.4 IPsec Command Line Options

IPsec Command

Details netsh ipsec static add policy name netsh ipsec static delete [option]

netsh ipsec dynamic set policy name netsh ipsec dynamic delete name netsh ipsec dynamic export policy name netsh ipsec dynamic show all netsh ipsec dynamic set config ipsecdiagnostics 7

netsh ipsec dynamic set config ipsecloginterval 60

Creates an IPsec policy with the specified name.

Deletes the specific IPsec policy. Can be used with the switch all to remove all IPsec policies, filter lists, and filter actions.

Sets a policy name immediately.

Removes a specific policy immediately.

Exports all IPsec policies to a specified file.

Used to view IPsec policy and statistics.

Enables IPsec driver logging of dropped inbound and outbound packets.

Used to change the default interval the IPsec log file writes entries to the log file. This example sets the interval to 60 seconds. This can be helpful in troubleshooting IPsec issues/.

Was this article helpful?

0 0
Digital Cancers

Digital Cancers

Get All The Support And Guidance You Need To Be A Success At Protecting Your PC. This Book Is One Of The Most Valuable Resources In The World When It Comes To The Damaging Facts About Computer Viruses.

Get My Free Ebook

Post a comment