File name: | nshipsec.dll.mui |
Size: | 131584 byte |
MD5: | d7c695c4c7d2d3d4db718b78476ea715 |
SHA1: | 16d7a571e8de51c22b408f97a55143584509eb52 |
SHA256: | f911dd1d99cc64c950e1939ac7d54e2b864d5793dc36367df95872ddbf9f65ac |
Operating systems: | Windows 10 |
Extension: | MUI |
If an error occurred or the following message in Chinese (Traditional) language and you cannot find a solution, than check answer in English. Table below helps to know how correctly this phrase sounds in English.
id | Chinese (Traditional) | English |
---|---|---|
11110 | 從原則存放區匯出所有規則。 |
Exports all the policies from the policy store. |
11111 | 將原則從檔案匯入到原則存放區。 |
Imports the policies from a file to the policy store. |
11112 | 還原預設範例規則。 |
Restores the default example policies. |
11150 | 使用方式: exportpolicy [ file = ] 將所有原則匯出到檔案。 參數: 標記 值 name -要做為原則匯出目的地之檔案的名稱。 備註: 在預設情況下會新增 .ipsec 副檔名到檔案名稱。 範例: exportpolicy Policy1 |
Usage: exportpolicy [ file = ] Exports all the policies to a file. Parameters: Tag Value name -Name of the file into which the policies are exported. Remarks: .ipsec extension is by default added to the filename. Examples: exportpolicy Policy1 |
11151 | 使用方式: importpolicy [ file = ] 從指定檔案匯入原則。 參數: 標記 值 name -匯入原則的檔案名稱。 備註: 範例: importpolicy Policy1.ipsec |
Usage: importpolicy [ file = ] Imports policies from the specified file. Parameters: Tag Value name -Name of the file from which the policies are imported. Remarks: Examples: importpolicy Policy1.ipsec |
11152 | 使用方式: restorepolicyexamples [release = ] (win2k | win2003) 還原預設原則。 參數: 標記 值 release -OS 發行類型,預設原則範例。 備註: 這個命令只能套用在本機電腦原則存放區上。 範例: 1. restorepolicyexamples release=win2003 2. restorepolicyexamples release=win2k |
Usage: restorepolicyexamples [release = ] (win2k | win2003) Restores the default policies. Parameters: Tag Value release -OS release type, for default policies examples. Remarks: This command is only valid for the local computer policy store. Examples: 1. restorepolicyexamples release=win2003 2. restorepolicyexamples release=win2k |
11200 | 建立原則和相關資訊。 |
Creates new policies and related information. |
11210 | 建立有預設回應規則的原則。 |
Creates a policy with a default response rule. |
11211 | 建立清空的篩選器清單。 |
Creates an empty filter list. |
11212 | 建立篩選器動作。 |
Creates a filter action. |
11213 | 為指定的原則建立規則。 |
Creates a rule for the specified policy. |
11214 | 新增篩選器到篩選器清單。 |
Adds a filter to filter list. |
11250 | 使用方式: policy [ name = ] [ [ description = ] ] [ [ mmpfs = ] (yes | no) ] [ [ qmpermm = ] ] [ [ mmlifetime = ] ] [ [ activatedefaultrule = ] (yes | no) ] [ [ pollinginterval = ] ] [ [ assign = ] (yes | no) ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] 使用指定的名稱建立原則。 參數: 標記 值 name -原則的名稱。 description -原則的簡短資訊。 mmpfs -設定主圖形完整轉送密碼的選項。 qmpermm -每一個 IKE 主要模式工作階段中的快速模式工作階段數。 mmlifetime -IKE 主要模式的重新輸入時間 (以分鐘計)。 activatedefaultrule -啟用或停用預設的回應規則。只有在 Windows Vista 之前的 Windows 版本才有效。 pollinginterval -原則代理的輪詢間隔 (以分鐘計),每隔指定的時間會檢查 原則存放區的變更。 assign -將原則指派為使用或不使用。 mmsecmethods -以 ConfAlg-HashAlg-GroupNum 格式列出一個或多個 以空格分隔的安全方式清單,其中 ConfAlg 可以是 DES 或 3DES,而 HashAlg 可以是 MD5 或 SHA1。 GroupNum 可以是 1 (Low)、2 (Med)、3 (DH2048)。 備註: 1. 如果指定了 mmpfs,qmpermm 會設定成 1。 2. 如果存放區是 'domain',則 ‘assign’ 將無效。 3. 不建議使用 DES 與 MD5。這些密碼編譯演算法僅提供為 回溯相容性之用。 範例: add policy Policy1 mmpfs= yes assign=yes mmsec="3DES-SHA1-3 DES-MD5-3 3DES-MD5-2" |
Usage: policy [ name = ] [ [ description = ] ] [ [ mmpfs = ] (yes | no) ] [ [ qmpermm = ] ] [ [ mmlifetime = ] ] [ [ activatedefaultrule = ] (yes | no) ] [ [ pollinginterval = ] ] [ [ assign = ] (yes | no) ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] Creates a policy with the specified name. Parameters: Tag Value name -Name of the policy. description -Brief information about the policy. mmpfs -Option to set master perfect forward secrecy. qmpermm -Number of quick mode sessions per main mode session of IKE. mmlifetime -Time in minutes to rekey for main mode of IKE. activatedefaultrule -Activates or deactivates the default response rule. Valid only for versions of Windows prior to Windows Vista. pollinginterval -Polling Interval, time in minutes for policy agent to check for changes in policy store. assign -Assigns the policy as active or inactive. mmsecmethods -List of one or more space separated security methods in the form of ConfAlg-HashAlg-GroupNum, where ConfAlg can be DES or 3DES, HashAlg is MD5 or SHA1. GroupNum can be 1 (Low), 2 (Med), 3 (DH2048). Remarks: 1. If mmpfs is specified, qmpermm is set to 1. 2. If the store is 'domain' then ‘assign’ will have no effect. 3. The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Examples: add policy Policy1 mmpfs= yes assign=yes mmsec="3DES-SHA1-3 DES-MD5-3 3DES-MD5-2" |
11251 | 使用方式: filterlist [ name = ] [ [ description = ] ] 使用指定名稱建立一個空白篩選器清單。 參數: 標記 值 name -篩選器清單名稱。 description -篩選器清單相關簡短資訊。 備註: 範例: add filterlist Filter1 |
Usage: filterlist [ name = ] [ [ description = ] ] Creates an empty filter list with the specified name. Parameters: Tag Value name -Name of the filter list. description -Brief information about the filter list. Remarks: Examples: add filterlist Filter1 |
11252 | 使用方式: filteraction [ name = ] [ [ description = ] ] [ [ qmpfs = ] (yes | no) ] [ [ inpass = ] (yes | no) ] [ [ soft = ] (yes | no) ] [ [ action = ] (permit | block | negotiate) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] 建立篩選器動作。 參數: 標記 值 name -篩選器動作的名稱。 description -篩選器動作類型的簡短資訊。 qmpfs -用來設定快速模式完整轉送密碼的選項。 inpass -接受無安全性的通訊,但是永遠使用 IPSec 來回應。 數值可以是‘yes’或‘no’。 soft -允許跟非 IPSec 感知的電腦的不安全通訊。 數值可以是‘yes’或‘no’。 action -可以是‘permit’、‘block’或‘negotiate’。 qmsecmethods -IPSec 提供下列格式之一: ESP[ConfAlg,AuthAlg]:k/s AH[HashAlg]:k/s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/s ConfAlg 可以是 DES 或 3DES 或 None。 AuthAlg 可以是 MD5 或 SHA1 或 None。 HashAlg 是 MD5 或 SHA1。 k 是以 KB 為單位的存留期。 s 是以秒為單位的存留期。 備註: 1. 如果動作不是‘negotiate’則忽略快速模式安全性方式 2. 不建議使用 DES 和 MD5。這些加密演算法僅提供為舊版相容性之用。 範例: add filteraction name=FilterA qmpfs=yes soft=y action=negotiate qmsec="AH[MD5]:204800k/300s ESP[DES,SHA1]:30000k/480s" |
Usage: filteraction [ name = ] [ [ description = ] ] [ [ qmpfs = ] (yes | no) ] [ [ inpass = ] (yes | no) ] [ [ soft = ] (yes | no) ] [ [ action = ] (permit | block | negotiate) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] Creates a filter action. Parameters: Tag Value name -Name of the filter action. description -Brief information about the type of filter action. qmpfs -Option to set quick mode perfect forward secrecy. inpass -Accept unsecured communication, but always respond using IPsec. This takes a value of either ‘yes’ or ‘no’. soft -Allow unsecured communication with non-IPsec-aware computers. This takes a value of either ‘yes’ or ‘no’. action -This takes permit, block or negotiate. qmsecmethods -IPsec offer in one of the following formats: ESP[ConfAlg,AuthAlg]:k/s AH[HashAlg]:k/s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/s where ConfAlg can be DES or 3DES or None. where AuthAlg can be MD5 or SHA1 or None. where HashAlg is MD5 or SHA1. where k is Lifetime in kilobytes. where s is Lifetime in seconds. Remarks: 1. Quick mode security methods are ignored if the action is not ‘negotiate’ 2. The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Examples: add filteraction name=FilterA qmpfs=yes soft=y action=negotiate qmsec="AH[MD5]:204800k/300s ESP[DES,SHA1]:30000k/480s" |
11253 | 使用方式: rule [ name = ] [ policy = ] [ filterlist = ] [ filteraction = ] [ [ tunnel = ] (ip | dns) ] [ [ conntype = ] (lan | dialup | all) ] [ [ activate = ] (yes | no) ] [ [ description = ] ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] ] [ [ rootca = ] " certmap:(yes | no) excludecaname:(yes | no)" ] 用指定的篩選器和篩選器動作建立規則。 參數: 標記 值 name -規則名稱。 policy -規則所屬的原則名稱。 filterlist -要使用的篩選器清單名稱。 filteraction -要使用的篩選器動作名稱。 tunnel -通道端點 IP 位址。 conntype -連線類型可以是‘lan’,‘dialup’或‘all’。 activate -如果指定了‘yes’則啟用原則裡的規則。 description -規則的簡短資訊。 kerberos -如果指定了‘yes’則提供 Kerberos 驗證。 psk -使用指定的預先共用金鑰來提供驗證。 rootca -使用指定的根憑證來提供驗證, 如果指定了 certmap:Yes 則嘗試對應憑證, 如果指定了 excludecaname:Yes 則排除 CA 名稱。 備註: 1. 憑證、對應,和 CA 名稱設定都應該用引號包圍; 用 \' 來代替內嵌引號。 2. 憑證對應只有在網域成員上才正確。 3. 可以多次使用 rootca 參數來提供多重憑證。 4. 每個驗證方法的順序是由它在命令裡的順序來決定的。 5. 如果沒有指定驗證方法,則使用動態預設值。 6. 排除根憑證授權單位名稱會防止名稱被當成憑證要求的一部分而傳送出。 範例: add rule name=Rule policy=Policy filterlist=Filterlist filteraction=FilterAction kerberos=yes psk="my key" rootca="C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority" rootca="C=US,O=MSFT,CN=\’Microsoft North, South, East, and West Root Authority\’ certmap:yes excludecaname:no" |
Usage: rule [ name = ] [ policy = ] [ filterlist = ] [ filteraction = ] [ [ tunnel = ] (ip | dns) ] [ [ conntype = ] (lan | dialup | all) ] [ [ activate = ] (yes | no) ] [ [ description = ] ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] ] [ [ rootca = ] " certmap:(yes | no) excludecaname:(yes | no)" ] Creates a rule with the specified filter list and filter action. Parameters: Tag Value name -Name of the rule. policy -Name of the policy the rule belongs to. filterlist -Name of the filter list to be used. filteraction -Name of the filter action to be used. tunnel -Tunnel end point IP address. conntype -Connection type can be lan, dialup or ‘all’. activate -Activates the rule in the policy if ‘yes’ is specified. description -Brief information about the rule. kerberos -Provides Kerberos authentication if ‘yes’ is specified. psk -Provides authentication using a specified preshared key. rootca -Provides authentication using a specified root certificate, attempts to map the cert if certmap:Yes is specified, excludes the CA name if excludecaname:Yes is specified. Remarks: 1. Certificate, mapping, and CA name settings are all to be within quotes; embedded quotes are to be replaced with \'. 2. Certificate mapping is valid only for domain members. 3. Multiple certificates can be provided by using the rootca parameter multiple times. 4. The preference of each authentication method is determined by its order in the command. 5. If no auth methods are stated, dynamic defaults are used. 6. Excluding the root certification authority (CA) name prevents the name from being sent as part of the certificate request. Examples: add rule name=Rule policy=Policy filterlist=Filterlist filteraction=FilterAction kerberos=yes psk="my key" rootca="C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority" rootca="C=US,O=MSFT,CN=\’Microsoft North, South, East, and West Root Authority\’ certmap:yes excludecaname:no" |
11254 | 使用方式: filter [ filterlist = ] [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ [ description = ] ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) ] [ [ mirrored = ] (yes | no) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ srcport = ] ] [ [ dstport = ] ] 新增篩選器到指定的篩選器清單。 參數: 標記 值 filterlist -要新增篩選器的篩選器清單名稱。 srcaddr -來源 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱或伺服器類型。 dstaddr -目的地 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱或伺服器類型。 description -篩選器的簡短資訊。 protocol -可以是 ANY、ICMP、TCP、UDP、RAW 或整數。 mirrored -'Yes'會建立兩個篩選器,每個方向一個。 srcmask -來源位址遮罩位址遮罩或 1 到 32 間的首碼。若 srcaddr 設為範圍則不適用 dstmask -目的地位址遮罩或 1 到 32 間的首碼。若 dstaddr 設為範圍則不適用 srcport -封包的來源連接埠。0 代表任何連接埠。 dstport -封包的目的地連接埠。0 代表任何連接埠。 備註: 1. 若篩選器清單不存在則將建立它。 2. 若要指定目前電腦位址,請設定 srcaddr/dstaddr=me 若要指定所有電腦位置,請設定 srcaddr/dstaddr=any 3. 伺服器類型可以是 WINS、DNS、DHCP 或 GATEWAY。 4. 若來源是伺服器類型,則 dest 是 'me',反之亦然。 5. 若指定位址範圍,則端點必須是特定位址 (不可以是清單或子網路) 且為相同類型 (應該兩者都是 v4 或兩者都是 v6)。 範例: 1. add filter filterlist=Filter1 192.145.168.0 192.145.168.45 srcmask=24 dstmask=32 2. add filter filterlist=Filter1 srcaddr=DHCP dstaddr=0.0.0.0 protocol=ICMP srcmask=255.255.255.255 dstmask=255.255.255.255 3. add filter filterlist=Filter1 srcaddr=me dstaddr=any 4. add filter filterlist=Filter1 srcaddr= E3D7::51F4:9BC8:00A8:6420 dstaddr= ME 5. add filter filterlist=Filter1 srcaddr= 192.168.2.1-192,168.2.10 dstaddr= ME |
Usage: filter [ filterlist = ] [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ [ description = ] ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) ] [ [ mirrored = ] (yes | no) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ srcport = ] ] [ [ dstport = ] ] Adds a filter to the specified filter list. Parameters: Tag Value filterlist -Name of the filter list to which the filter is added. srcaddr -Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. description -Brief information about the filter. protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. mirrored -‘Yes’ creates two filters, one in each direction. srcmask -Source address mask or a prefix of 1 through 32. Not applicable if srcaddr is set to a range dstmask -Destination address mask or a prefix of 1 through 32. Not applicable if dstaddr is set to a range srcport -Source port of the packet. A value of 0 means any port. dstport -Destination port of the packet. A value of 0 means any port. Remarks: 1. If the filter list does not exist it will be created. 2. To specify the current computer address, set srcaddr/dstaddr=me To specify all computer addresses, set srcaddr/dstaddr=any 3. Server type can be WINS, DNS, DHCP or GATEWAY. 4. If source is a server type, then dest is 'me' and vice-versa. 5. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: 1. add filter filterlist=Filter1 192.145.168.0 192.145.168.45 srcmask=24 dstmask=32 2. add filter filterlist=Filter1 srcaddr=DHCP dstaddr=0.0.0.0 protocol=ICMP srcmask=255.255.255.255 dstmask=255.255.255.255 3. add filter filterlist=Filter1 srcaddr=me dstaddr=any 4. add filter filterlist=Filter1 srcaddr= E3D7::51F4:9BC8:00A8:6420 dstaddr= ME 5. add filter filterlist=Filter1 srcaddr= 192.168.2.1-192,168.2.10 dstaddr= ME |
11300 | 修改現存原則和相關資訊。 |
Modifies existing policies and related information. |
11310 | 修改原則。 |
Modifies a policy. |
11311 | 修改篩選器清單。 |
Modifies a filter list. |
11312 | 修改篩選器動作。 |
Modifies a filter action. |
11313 | 修改規則。 |
Modifies a rule. |
11314 | 設定目前的原則存放區。 |
Sets the current policy store. |
11315 | 修改原則的預設回應規則。 |
Modifies the default response rule of a policy. |
11317 | 設定批次更新模式。 |
Sets the batch update mode. |
11350 | 使用方式: policy [ name = ] | [ guid = ] [ [ newname = ] ] [ [ description = ] ] [ [ mmpfs = ] (yes | no) ] [ [ qmpermm = ] ] [ [ mmlifetime = ] ] [ [ activatedefaultrule = ] ( yes | no) ] [ [ pollinginterval = ] ] [ [ assign = ] (yes | no) ] [ [ gponame = ] ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] 修改原則。 參數: 標記 值 name | guid -原則的名稱或 GUID。 newname -新名稱。 description -簡短資訊。 mmpfs -設定主完整轉送密碼。 qmpermm -每個主要模式的快速模式數目。 mmlifetime -重新建立金鑰的時間。 activatedefaultrule -啟用預設回應規則。只有在 Windows Vista 之前的 Windows 版本才有效。 pollinginterval -檢查原則存放區變更的時間 (以分鐘為單位)。 assign -指派原則。 gponame -可為其指派原則的本機 AD 群組原則物件名稱。只有在存放 區是網域時才有效。 mmsecmethods -以空格分隔的安全性方法清單,其格式為 ConfAlg-HashAlg-GroupNum。 備註: 1. 若已指定 mmpfs,則 qmpermm 會設定為 1。 2. 只有當存放區設定為網域時,才能指定 GPO 名稱。 3. 不建議使用 DES 與 MD5。這些密碼編譯演算法僅提供為回溯相容性之用。 範例: 1. set policy name=Policy mmpfs=y gpo=DomainPolicy assign=y 2. set policy guid={11E6E97E-0031-49f5-AC7D-5F2FE99BABAF} newname=NewName gpo=DefaultDomainPolicy assign=y |
Usage: policy [ name = ] | [ guid = ] [ [ newname = ] ] [ [ description = ] ] [ [ mmpfs = ] (yes | no) ] [ [ qmpermm = ] ] [ [ mmlifetime = ] ] [ [ activatedefaultrule = ] ( yes | no) ] [ [ pollinginterval = ] ] [ [ assign = ] (yes | no) ] [ [ gponame = ] ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] Modifies a policy. Parameters: Tag Value name | guid -Name of the policy, or guid. newname -New name. description -Brief information. mmpfs -Sets master perfect forward secrecy. qmpermm -Number of quick modes per main mode. mmlifetime -Time in minutes to rekey. activatedefaultrule -Activates the default response rule. Valid only for versions of Windows prior to Windows Vista. pollinginterval -Time in minutes to check for change in policy store. assign -Assigns the policy. gponame -Local AD group policy object name to which the policy can be assigned. Valid when the store is domain. mmsecmethods -List of one or more space separated security methods in the form of ConfAlg-HashAlg-GroupNum. Remarks: 1. If mmpfs is specified, qmpermm is set to 1. 2. A GPO name can only be specified if the store is set to domain. 3. The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Examples: 1. set policy name=Policy mmpfs=y gpo=DomainPolicy assign=y 2. set policy guid={11E6E97E-0031-49f5-AC7D-5F2FE99BABAF} newname=NewName gpo=DefaultDomainPolicy assign=y |
11351 | 使用方式: filterlist [ name = ] | [ guid = ] [ [ newname = ] ] [ [ description = ] ] 修改篩選器清單的名稱和描述。 參數: 標記 值 name | guid -篩選器清單或 guid 的名稱。 newname -篩選器清單的新名稱。 description -篩選器清單的簡短資訊。 範例: 1. set filterlist Filter1 desc=NewFilter1 2. set filterlist guid={11E6E97E-0031-49f5-AC7D-5F2FE99BABAF} newname=FilterName |
Usage: filterlist [ name = ] | [ guid = ] [ [ newname = ] ] [ [ description = ] ] Modifies a filter list name and description. Parameters: Tag Value name | guid -Name of the filter list or guid. newname -New name of the filter list. description -Brief information about the filter list. Examples: 1. set filterlist Filter1 desc=NewFilter1 2. set filterlist guid={11E6E97E-0031-49f5-AC7D-5F2FE99BABAF} newname=FilterName |
11352 | 使用方式: filteraction [ name = ] | [ guid = ] [ [ newname = ] ] [ [ description = ] ] [ [ qmpfs = ] (yes | no) ] [ [ inpass = ] (yes | no) ] [ [ soft = ] (yes | no) ] [ [ action = ] (permit | block | negotiate) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] 修改篩選器動作。 參數: 標記 值 name | guid -篩選器動作名稱或 GUID。 newname -篩選器動作的新增名稱。 description -篩選器動作的簡短資訊。 qmpfs -設定快速模式完整轉送密碼的選項。 inpass -接受無安全性的通訊,但是永遠使用 IPSec 回應。 將接受‘yes’或‘no’的值。 soft -允許跟非 IPSec 感知的電腦的不安全通訊。 將接受‘yes’或‘no’的值。 action -將接受 permit 或 block 或 negotiate。 qmsecmethods -IPSec 提供下列格式之一: ESP[ConfAlg,AuthAlg]:k/s AH[HashAlg]:k/s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/s ConfAlg 可以是 DES 或 3DES 或 None。 AuthAlg 可以是 MD5 或 SHA1 或 None。 HashAlg 是 MD5 或 SHA1。 k 是以 KB 為單位的存留期。 s 是以秒為單位的存留期。 備註: 不建議使用 DES 和 MD5。這些加密演算法僅提供為 舊版相容性之用。 範例: 1. set filteraction name=test qmsec=ESP[3DES,MD5]:100000k/2000s 2. set filteraction guid={11E6E97E-0031-49f5-AC7D-5F2FE99BABAF} inpass=y |
Usage: filteraction [ name = ] | [ guid = ] [ [ newname = ] ] [ [ description = ] ] [ [ qmpfs = ] (yes | no) ] [ [ inpass = ] (yes | no) ] [ [ soft = ] (yes | no) ] [ [ action = ] (permit | block | negotiate) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] Modifies a filter action. Parameters: Tag Value name | guid -Name or guid of the filter action. newname -New name of the filter action. description -Brief information about the filter action. qmpfs -Option to set quick mode perfect forward secrecy. inpass -Accept unsecured communication, but always respond using IPsec. This takes a value of either ‘yes’ or ‘no’. soft -Allow unsecured communication with non-IPsec-aware computers. This takes a value of either ‘yes’ or ‘no’. action -This takes permit or block or negotiate. qmsecmethods -IPsec offer in one of the following formats: ESP[ConfAlg,AuthAlg]:k/s AH[HashAlg]:k/s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/s where ConfAlg can be DES or 3DES or None. where AuthAlg can be MD5 or SHA1 or None. where HashAlg is MD5 or SHA1. where k is lifetime in kilobytes. where s is lifetime in seconds. Remarks: The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Examples:1. set filteraction name=test qmsec=ESP[3DES,MD5]:100000k/2000s 2. set filteraction guid={11E6E97E-0031-49f5-AC7D-5F2FE99BABAF} inpass=y |
11353 | 使用方式: rule [ name = ] | [id= ] [ policy = ] [ [ newname = ] ] [ [ description = ] ] [ [ filterlist = ] ] [ [ filteraction = ] ] [ [ tunnel = ] (ip | dns) ] [ [ conntype = ] (lan | dialup | all) ] [ [ activate = ] (yes | no) ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] ] [ [ rootca = ] " certmap:(yes | no) excludecaname:(yes | no)" ] 修改原則裡的規則。 參數: 標記 值 name | id -規則的名稱或 ID。 policy -規則所屬的原則名稱。 newname -規則的新增名稱。 description -規則的簡短資訊。 filterlist -要使用的篩選器清單名稱。 filteraction -要使用的篩選器動作名稱。 tunnel -通道 IP 位址或 DNS 名稱。 conntype -連線類型可以是‘lan’,‘dialup’或‘all’。 activate -如果指定了‘yes’則啟用原則裡的規則。 kerberos -如果指定了‘yes’則提供 Kerberos 驗證。 psk -使用指定的預先共用金鑰來提供驗證。 rootca -使用指定的根憑證來提供驗證,如果指定了 certmap:Yes 則 嘗試對應憑證,如果指定了 excludecaname:Yes 則排除 CA 名稱。 備註: 1. 憑證、對應,和 CA 名稱設定都要用引號包住; 用 \' 來取代嵌入式引號。 2. 只有在網域成員裡憑證對應才正確。 3. 可以多次使用 rootca 參數來提供多重憑證。 4. 每個驗證方法的優先順序是由它在命令裡的順序決定的。 5. 如果沒有指定驗證方法,會使用動態預設值。 6. 會用指定的清單來覆寫所有驗證方法。 7. 排除根憑證授權單位 (CA) 名稱將防止該名稱被當成憑證要求的一部分而傳出。 範例: 1. set rule name=Rule policy=Policy activate=yes rootca="C=US,O=MSFT,CN=\’Microsoft North, South, East, and West Root Authority\’ certmap:yes excludecaname:no" 2. set rule id=3 Policy newname=RuleNew tunnel=192.165.123.156 |
Usage: rule [ name = ] | [id= ] [ policy = ] [ [ newname = ] ] [ [ description = ] ] [ [ filterlist = ] ] [ [ filteraction = ] ] [ [ tunnel = ] (ip | dns) ] [ [ conntype = ] (lan | dialup | all) ] [ [ activate = ] (yes | no) ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] ] [ [ rootca = ] " certmap:(yes | no) excludecaname:(yes | no)" ] Modifies a rule in a policy. Parameters: Tag Value name | id -Name or ID of the rule. policy -Name of the policy, the rule belongs to. newname -New name of the rule. description -Brief information about the rule. filterlist -Name of the filter list to be used. filteraction -Name of the filter action to be used. tunnel -Tunnel ip address or dns name. conntype -Connection type can be ‘lan’, ‘dialup’ or ‘all’. activate -Activates the rule in the policy if ‘yes’ is specified. kerberos -Provides Kerberos authentication if ‘yes’ is specified. psk -Provides authentication using a specified preshared key. rootca -Provides authentication using a specified root certificate, attempts to map the cert if certmap:Yes is specified, excludes the CA name if excludecaname:Yes is specified. Remarks: 1. Certificate, mapping, and CA name settings are all to be within quotes; embedded quotes are to be replaced with \'. 2. Certificate mapping is valid only for domain members. 3. Multiple certificates can be provided by using the rootca parameter multiple times. 4. The preference of each authentication method is determined by its order in the command. 5. If no auth methods are stated, dynamic defaults are used. 6. All authentication methods are overwritten with the stated list. 7. Excluding the root certification authority (CA) name prevents the name from being sent as part of the certificate request. Examples: 1. set rule name=Rule policy=Policy activate=yes rootca="C=US,O=MSFT,CN=\’Microsoft North, South, East, and West Root Authority\’ certmap:yes excludecaname:no" 2. set rule id=3 Policy newname=RuleNew tunnel=192.165.123.156 |
11354 | 使用方式: store [location = ] (local | domain) [ [ domain = ] ] 設定目前 IPsec 原則存放區位置。 參數: 標記 值 location IPsec 原則存放區的位置。 domain 網域名稱 (只適用於網域位置)。 備註: 1. 本機存放區包含可以指派來保護此電腦安全的 IPsec 原則。如果有可用 的網域原則,會套用網域原則來代替本機原則。 2. 網域存放區包含可指派來保護網域上電腦群組安全的 IPsec 原則。 3. 使用 'set machine' 命令來設定遠端電腦。 4. 預設存放區是本機。存放區的設定變更只在目前的 Netsh 工作階段中 有效。如果您需要用批次檔在相同的存放區上執行多重命令,請在執行 您的批次檔時使用 ‘Netsh Exec’。 5. 不支援持續性存放區與持續性原則。 範例: 1. set store location= local - 使用目前電腦的本機存放區。 2. set store location=domain domain=example.microsoft. com - 使用 example.microsoft.com 的網域原則存放區。 |
Usage: store [location = ] (local | domain) [ [ domain = ] ] Sets the current IPsec policy storage location. Parameters: Tag Value location Location of the IPsec policy store. domain Domain name (only applies to the domain location). Remarks: 1. The local store contains IPsec policies that can be assigned to secure this computer. If a domain policy is available, the domain policy is applied instead of the local policy. 2. The domain store contains IPsec policies that can be assigned to secure groups of computers in a domain. 3. Use the 'set machine' command to configure a remote computer. 4. The default store is Local. Changes to the store setting persist only as long as the current Netsh session. If you need to run multiple commands in the same store from a batch file, use the ‘Netsh Exec’ when executing your batch file. 5. Persistent store and persistent policy is not supported. Examples: 1. set store location= local - uses the local store of the current computer . 2. set store location=domain domain=example.microsoft. com - uses the domain policy store for example.microsoft.com . |
11355 | 使用方式: defaultrule [ policy = ] [ [ qmpfs = ] (yes | no) ] [ [ activate = ] (yes | no) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] ] [ [ rootca = ] " certmap:(yes | no) excludecaname:(yes | no)" ] 修改指定原則的預設規則。 在 Windows Vista 與舊版 Windows 上會忽略此規則 參數: 標記 值 policy -要修改預設回應規則的 原則 名稱。 qmpfs -用來設定快速模式完整傳送密碼的選項。 activate -如果指定為‘yes’則啟動規則。 qmsecmethods -IPsec 提供下列格式之一: ESP[ConfAlg,AuthAlg]:k/ s AH[HashAlg]:k/ s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/ s ConfAlg 可以為 DES、3DES 或 None。 AuthAlg 可以為 MD5、SHA1 或 None。 HashAlg 是 MD5 或 SHA1。 k 是以 KB 為單位的存留期。 s 是以秒為單位的存留期。 kerberos -如果指定為‘yes’則提供 Kerberos 驗證。 psk -提供使用指定預先共用金鑰的驗證。 rootca -提供使用指定根憑證的驗證, 如果指定為 certmap:Yes,則嘗試對應憑證, 如果指定為 excludecaname:Yes 則排除 CA 名稱。 備註: 1. 憑證、對應與 CA 名稱設定都要在引號內; 用 \' 來取代內嵌式引號。 2. 憑證對應只對網域成員有效。 3. 可以多次使用 rootca 參數來提供多重憑證。 4. 每個驗證方式的優先順序 是由 在命令裡的順序決定。 5. 如果沒有陳述驗證方法,則會使用動態預設值 。 6. 不建議使用 DES 和 MD5。這些加密演算法僅提供為 舊版相容性之用。 範例: set defaultrule Policy1 activate= y qmsec="AH[MD5]+ESP[3DES,MD5]:100000k/2000s" |
Usage: defaultrule [ policy = ] [ [ qmpfs = ] (yes | no) ] [ [ activate = ] (yes | no) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] ] [ [ rootca = ] " certmap:(yes | no) excludecaname:(yes | no)" ] Modifies the default response rule of the specified policy. This rule will be ignored on Windows Vista and later versions of Windows Parameters: Tag Value policy -Name of the policy for which the default response rule is to be modified . qmpfs -Option to set quick mode perfect forward secrecy . activate -Activates the rule in the policy if ‘yes’ is specified . qmsecmethods -IPsec offer in one of the following formats: ESP[ConfAlg,AuthAlg]:k/ s AH[HashAlg]:k/ s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/ s where ConfAlg can be DES, or 3DES or None . where AuthAlg can be MD5, or SHA1 or None . where HashAlg is MD5 or SHA1 . where k is lifetime in kilobytes . where s is lifetime in seconds . kerberos -Provides Kerberos authentication if ‘yes’ is specified . psk -Provides authentication using a specified preshared key . rootca -Provides authentication using a specified root certificate, attempts to map the cert if certmap:Yes is specified, excludes the CA name if excludecaname:Yes is specified . Remarks: 1. Certificate, mapping, and CA name settings are all to be within quotes; embedded quotes are to be replaced with \' . 2. Certificate mapping is valid only for domain members . 3. Multiple certificates can be provided by using the rootca parameter multiple times . 4. The preference of each authentication method is determined by its order in the command . 5. If no auth methods are stated, dynamic defaults are used . 6. The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only . Examples: set defaultrule Policy1 activate= y qmsec="AH[MD5]+ESP[3DES,MD5]:100000k/2000s" |
11357 | 使用方式: set batch [mode = ] (enable | disable) 設定批次更新模式。 參數: mode - 批次更新的模式。 |
Usage: set batch [mode = ] (enable | disable) Sets the batch update mode. Parameters: mode - The mode for batch updates. |
11400 | 刪除原則和相關資訊。 |
Deletes policies and related information. |
11410 | 刪除原則和它的規則。 |
Deletes a policy and its rules. |
11411 | 刪除篩選器清單。 |
Deletes a filter list. |
11412 | 刪除篩選器動作。 |
Deletes a filter action. |
11413 | 從原則裡刪除規則。 |
Deletes a rule from a policy. |
11414 | 從篩選器清單裡刪除篩選器。 |
Deletes a filter from a filter list. |
11415 | 刪除所有原則、篩選器清單和篩選器動作。 |
Deletes all policies, filter lists, and filter actions. |
11450 | 使用方式: policy [ name = ] | [ all ] 刪除原則和它所有關聯的規則。 參數: 標記 值 name | all -原則名稱或‘all’。 備註: 如果指定了 'all',刪除所有原則。 範例: 1. delete policy all - 刪除所有原則。 2. delete policy name=Policy1 - 刪除名稱為 Policy1 的原則。 |
Usage: policy [ name = ] | [ all ] Deletes the policy and all its associated rules. Parameters: Tag Value name | all -Name of the policy or ‘all’. Remarks: If 'all' is specified, all policies are deleted. Examples: 1. delete policy all - deletes all policies. 2. delete policy name=Policy1 - deletes the policy named Policy1. |
11451 | 使用方式: filterlist [name = ] | [ all ] 刪除篩選器清單和它所有關聯的篩選器。 參數: 標記 值 name | all -篩選器清單名稱或‘all’。 備註: 如果指定了 'all',刪除所有篩選器清單。 範例: delete filterlist all |
Usage: filterlist [name = ] | [ all ] Deletes the filter list and all of its associated filters. Parameters: Tag Value name | all -Name of the filter list or ‘all’. Remarks: If 'all' is specified, all filter lists are deleted. Examples: delete filterlist all |
11452 | 使用方式: filteraction [ name = ] | [ all ] 刪除篩選器動作。 參數: 標記 值 name | all -篩選器動作名稱或‘all’。 備註: 如果指定了 'all',刪除所有篩選器動作。 範例: 1. delete filteraction FilterA 2. delete filteraction all |
Usage: filteraction [ name = ] | [ all ] Deletes a filter action. Parameters: Tag Value name | all -Name of the filter action or ‘all’. Remarks: If 'all' is specified, all filter actions are deleted. Examples: 1. delete filteraction FilterA 2. delete filteraction all |
11453 | 使用方式: rule [ name = ] | [ id = ] | [ all ] [ policy = ] 刪除原則裡的規則。 參數: 標記 值 name | id | all -規則名稱,規則的 ID,或‘all’ policy -原則名稱。 備註: 1. 如果指定了 'all',刪除原則裡所有的規則,除了預設回應規則之外。 2. 無法刪除預設回應規則。 3. 每個刪除會變更 ID。 範例: 1. delete rule id=1 Policy1 -刪除來自 Policy1,id=1 的規則。 2. delete rule all Policy1 -刪除所有來自 Policy1 的規則。 |
Usage: rule [ name = ] | [ id = ] | [ all ] [ policy = ] Deletes a rule from a policy. Parameters: Tag Value name | id | all -Name of the rule, ID of the rule, or ‘all’ policy -Name of the policy. Remarks: 1. If 'all' is specified, deletes all rules from the policy except the default response rule. 2. The default response rule cannot be deleted. 3. The IDs will change with every delete. Examples: 1. delete rule id=1 Policy1 -deletes the rule with id=1 from Policy1. 2. delete rule all Policy1 -deletes all the rules from Policy1. |
11454 | 使用方式: filter [ filterlist = ] [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ srcport = ] ] [ [ dstport = ] ] [ [ mirrored = ] (yes | no) ] 從篩選器清單裡刪除篩選器 參數: 標記 值 filterlist -加入篩選器的篩選器清單名稱。 srcaddr - 來源 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱,或伺服器類型。 dstaddr -目標 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱,或伺服器類型。 protocol -可以是 ANY、ICMP、TCP、UDP、RAW 或整數。 srcmask -來源位址遮罩或首碼為 1 到 32。若 srcaddr 設為範圍則不適用 dstmask -目標位址遮罩或首碼為 1 到 32。 若 dstaddr 設為範圍則不適用 srcport -封包的來源連接埠。0 代表任何連接埠 dstport -封包的目標連接埠。0 代表任何連接埠。 mirrored -‘Yes’會建立兩個篩選器,每個方向一個。 備註: 1. 從篩選器清單裡刪除完全相符的篩選器。 2. 要指定目前電腦位址,請設定 srcaddr/dstaddr=me 要指定所有電腦位址,請設定 srcaddr/dstaddr=any 3. 伺服器類型可以是 WINS、DNS、DHCP 或 GATEWAY。 4. 如果來源是伺服器,則 dest 要設為 'me' 反之亦然。 5. 如果已經指定位址範圍,端點必須是明確的位址 (不可以為清單或子網路) 且為相同類型 (應該兩者都是 v4 或兩者都是 v6)。 範例: 1. delete filter FilterList1 src=fum.com dst=fum.com 2. delete filter Filter1 srcaddr=me dstaddr=any proto=TCP 3. delete filter Filter1 srcaddr=GATEWAY dstaddr=0.0.0.0 proto=TCP 4. delete filter Filter1 srcaddr=192.168.2.1-192.168.2.10 dstaddr=ME |
Usage: filter [ filterlist = ] [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ srcport = ] ] [ [ dstport = ] ] [ [ mirrored = ] (yes | no) ] Deletes a filter from a filter list Parameters: Tag Value filterlist -Name of the filter list to which the filter was added. srcaddr - Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. srcmask -Source address mask or a prefix of 1 through 32. Not applicable if srcaddr is set to a range dstmask -Destination address mask or a prefix of 1 through 32. Not applicable if dstaddr is set to a range srcport -Source port of the packet. A value of 0 means any port dstport -Destination port of the packet. A value of 0 means any port. mirrored -‘Yes’ creates two filters, one in each direction. Remarks: 1. Deletes the exact match filter from the filter list. 2. To specify the current computer address, set srcaddr/dstaddr=me To specify all computer addresses, set srcaddr/dstaddr=any 3. Server type can be WINS, DNS, DHCP or GATEWAY. 4. If source is a server, then dest is set to 'me' and vice-versa. 5. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: 1. delete filter FilterList1 src=fum.com dst=fum.com 2. delete filter Filter1 srcaddr=me dstaddr=any proto=TCP 3. delete filter Filter1 srcaddr=GATEWAY dstaddr=0.0.0.0 proto=TCP 4. delete filter Filter1 srcaddr=192.168.2.1-192.168.2.10 dstaddr=ME |
11455 | 使用方式: all 刪除所有原則、篩選器清單,和篩選器動作。 參數: 備註: 範例: delete all |
Usage: all Deletes all policies, filter lists, and filter actions. Parameters: Remarks: Examples: delete all |
11500 | 顯示原則的詳細和相關資訊。 |
Displays details of policies and related information. |
11510 | 顯示原則的詳細資訊。 |
Displays policy details. |
11511 | 顯示篩選器清單詳細資訊。 |
Displays filter list details. |
11512 | 顯示篩選器動作的詳細資訊。 |
Displays filter action details. |
11513 | 顯示規則的詳細資訊。 |
Displays rule details. |
11515 | 顯示所有原則的詳細和相關資訊。 |
Displays details of all policies and related information. |
11516 | 顯示群組指定原則的詳細資訊。 |
Displays details of a group assigned policy. |
11517 | 顯示目前的原則存放區。 |
Displays the current policy store. |
11550 | 使用方式: policy [ name = ] | [ all ] [ [ level = ] (verbose | normal) ] [ [ format = ] (list | table) ] [ [ wide = ] (yes | no) ] 顯示原則的詳細資訊。 參數: 標記 值 name | all -原則名稱或‘all’。 level -詳細資訊或一般。 format -在螢幕上顯示或以定位鍵格式。 wide -如果設定成‘no’,會截斷名稱和描述以符合螢幕 80 字元的寬度。 備註: 如果指定了 'all' ,會顯示所有原則的詳細資訊。 範例: show policy Policy1 wide=yes format=table |
Usage: policy [ name = ] | [ all ] [ [ level = ] (verbose | normal) ] [ [ format = ] (list | table) ] [ [ wide = ] (yes | no) ] Displays the details of a policy Parameters: Tag Value name | all -Name of the policy or ‘all’. level -Verbose or normal. format -Output in screen or tab-delimited format. wide -If set to ‘no’, the name and description are truncated to fit the screen width of 80 characters. Remarks: If 'all' is specified, all policy details are displayed. Examples: show policy Policy1 wide=yes format=table |
11551 | 使用方式: filterlist [ name = ] | [ rule = ] | [ all ] [ [ level = ] (verbose | normal) ] [ [ format = ] (list | table) ] [ [ resolvedns = ] (yes | no) ] [ [ wide = ] (yes | no) ] 顯示篩選器清單的詳細資訊。 參數: 標記 值 name | rule | all -篩選器清單名稱、規則名稱,或‘all’。 level -詳細資訊或一般。 format -在螢幕上顯示或以定位鍵格式。 resolvedns -‘yes’將強制詳細資訊輸出顯示目前儲存在篩選器欄位的 IP 位址和 DNS 名稱的 DNS 對應。 wide -如果設定成‘no’,會截斷名稱和描述以符合螢幕 80 個字元的寬度。 備註: 如果指定了 'all' ,會顯示所有的篩選器清單。 範例: show filterlist Filterlist=Filterlist1 resolvedns=yes wide=yes |
Usage: filterlist [ name = ] | [ rule = ] | [ all ] [ [ level = ] (verbose | normal) ] [ [ format = ] (list | table) ] [ [ resolvedns = ] (yes | no) ] [ [ wide = ] (yes | no) ] Displays the details of a filter list Parameters: Tag Value name | rule | all -Name of the filter list, rule name, or ‘all’. level -Verbose or normal. format -Output in screen or tab-delimited format. resolvedns -Value of ‘yes’ will force the verbose output to show the current dns mapping for ip addresses and dns names that are stored in the filter fields. wide -If set to ‘no’, the name and description are truncated to fit the screen width of 80 characters. Remarks: If 'all' is specified, all filter lists are displayed. Examples: show filterlist Filterlist=Filterlist1 resolvedns=yes wide=yes |
11552 | 使用方式: filteraction [ name = ] | [ rule = ] | [ all ] [ [ level = ] (verbose | normal) ] [ [ format = ] (list | table) ] [ [ wide = ] (yes | no) ] 顯示篩選器動作的詳細資訊。 參數: 標記 值 name | rule | all -篩選器動作名稱、規則名稱,或‘all’。 level -詳細資訊或一般。 format -在螢幕上顯示或以定位鍵格式。 wide -如果設定成‘no’,會截斷名稱和描述以符合螢幕 80 個字元的寬度。 備註: 如果指定了 'all',會顯示所有篩選器動作。 範例: 1. show filteraction FilterAction1 - shows the details of the filter action named FilterAction1 2. show filteraction rule=Rule1 - shows the filter action used by the rule named Rule1 3. show filteraction all - shows all filter actions |
Usage: filteraction [ name = ] | [ rule = ] | [ all ] [ [ level = ] (verbose | normal) ] [ [ format = ] (list | table) ] [ [ wide = ] (yes | no) ] Displays the details of a filter action Parameters: Tag Value name | rule | all -Name of the filter action, rule name, or ‘all’. level -Verbose or normal. format -Output in screen or tab-delimited format wide -If set to ‘no’, the name and description are truncated to fit the screen width of 80 characters. Remarks: If 'all' is specified, all filter actions are displayed. Examples: 1. show filteraction FilterAction1 - shows the details of the filter action named FilterAction1 2. show filteraction rule=Rule1 - shows the filter action used by the rule named Rule1 3. show filteraction all - shows all filter actions |
11553 | 使用方式: rule [ name = ] | [ id = ] ] | [ all ] | [default] [ policy = ] [ [ type = ] (tunnel | tranport) ] [ [ level = ] (verbose | normal) ] [ [ format = ] (list | table) ] [ [ wide = ] (yes | no) ] 顯示原則的規則詳細資訊。 參數: 標記 值 name | id | all | default -規則名稱、它的 ID、‘all’,或‘default’。 policy -原則名稱。 type -規則類型是‘transport’或‘tunnel’。 level -詳細資訊或一般。 format -在螢幕上顯示或以定位鍵格式。 wide -如果設定成‘no’,會截斷名稱和描述以符合螢幕 80 個字元的寬度。 備註: 1. 如果指定了‘all’,會顯示所有規則。 2. 如果指定了類型參數,則需要指定 'all'。 範例: 1. show rule all type=transport policy=Policy1 - shows all the transport rules of the policy named Policy1. 2. show rule id=1 policy=Policy1 - shows the first rule of the policy. 3. show rule default policy=Policy1 - shows the details of the default response rule of Policy1. |
Usage: rule [ name = ] | [ id = ] ] | [ all ] | [default] [ policy = ] [ [ type = ] (tunnel | tranport) ] [ [ level = ] (verbose | normal) ] [ [ format = ] (list | table) ] [ [ wide = ] (yes | no) ] Displays the details of rules for the policy. Parameters: Tag Value name | id | all | default -Name of the rule, its id, ‘all’, or ‘default’. policy -Name of the policy. type -Rule type is ‘transport’ or ‘tunnel’. level -Verbose or normal. format -Output in screen or tab-delimited format. wide -If set to ‘no’, the name and description are truncated to fit the screen width of 80 characters. Remarks: 1. If ‘all’ is specified, all rules are displayed. 2. If the type parameter is specified, 'all' needs to be specified. Examples: 1. show rule all type=transport policy=Policy1 - shows all the transport rules of the policy named Policy1. 2. show rule id=1 policy=Policy1 - shows the first rule of the policy. 3. show rule default policy=Policy1 - shows the details of the default response rule of Policy1. |
11555 | 使用方式: all [ [ format = ] (list | table) ] [ [ wide = ] (yes | no) ] 顯示所有原則、篩選器清單,和篩選器動作。 參數: 標記 值 format -在螢幕上顯示或以定位鍵格式。 wide -如果設定成‘no’,會截斷名稱和描述以符合螢幕 80 個字元的寬度。 備註: 範例: show all |
Usage: all [ [ format = ] (list | table) ] [ [ wide = ] (yes | no) ] Displays all policies, filter lists, and filter actions. Parameters: Tag Value format -Output in screen or tab-delimited format. wide -If set to ‘no’, the name and description are truncated to fit the screen width of 80 characters. Remarks: Examples: show all |
11556 | 使用方式: gpoassignedpolicy [name = ] 顯示指定的 GPO 的使用中原則詳細資訊。 參數: 標記 值 Name -本機 AD 群組原則物件名稱。 備註: 1. 如果目前的儲存區是網域,則需要 name 參數,否則 將不允許 name 參數 範例: 1. show gpoassignedpolicy name=GPO1 - 顯示已指派給 GPO1 的網域原則。 2. show gpoassignedpolicy - 顯示目前在此電腦上指派的原則。 |
Usage: gpoassignedpolicy [name = ] Displays the details of the active policy for the specified GPO. Parameters: Tag Value Name -Local AD Group policy object name. Remarks: 1. if the current store is domain, the name parameter is required, otherwise it is not allowed Examples: 1. show gpoassignedpolicy name=GPO1 - shows the assigned domain policy to GPO1. 2. show gpoassignedpolicy - shows currently assigned policy on this computer. |
11557 | 使用方式: store 範例: show store |
Usage: store Examples: show store |
12200 | 在 SPD 裡新增原則、篩選器,和動作。 |
Adds policy, filter, and actions to SPD. |
12210 | 在 SPD 裡新增快速模式原則。 |
Adds a quick mode policy to SPD. |
12211 | 在 SPD 裡新增主要模式原則。 |
Adds a main mode policy to SPD. |
12212 | 在 SPD 裡新增快速模式篩選器。 |
Adds a quick mode filter to SPD. |
12213 | 在 SPD 裡新增主要模式篩選器。 |
Adds a main mode filter to SPD. |
12215 | 新增規則和相關的篩選器到 SPD。 |
Adds a rule and associated filters to SPD. |
12250 | 使用方式: qmpolicy [ name = ] [ [ soft = ] (yes | no) ] [ [ pfsgroup = ] (GRP1 | GRP2 | GRP3 | GRPMM | NOPFS) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] 新增一個快速模式原則到 SPD。 參數: 標記 值 name -快速模式原則的名稱。 soft -允許和 IPSec 沒注意到的電腦, 做未設定安全的通訊,接受數值 'yes' 或 'no'。 pfsgroup -GRP1,GRP2,GRP3,GRPMM,NOPFS(預設)。 qmsecmethods -IPSec 提供下列幾種格式 : ESP[ConfAlg,AuthAlg]:k/s AH[HashAlg]:k/s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/s ConfAlg 可以是 DES 或 3DES 或 None。 AuthAlg 可以是 MD5 或 SHA1 或 None。 HashAlg 是 MD5 或 SHA1。 k 是存留期 (KB)。 s 是存留期 (秒)。 備註: 不建議使用 DES 和 MD5。這些加密演算法僅提供為舊版相容性之用。 範例: add qmpolicy name=qmp qmsec="AH[MD5]:10000k/24800s ESP[DES,SHA1]:30000k/300s" |
Usage: qmpolicy [ name = ] [ [ soft = ] (yes | no) ] [ [ pfsgroup = ] (GRP1 | GRP2 | GRP3 | GRPMM | NOPFS) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] Adds a quick mode policy to SPD. Parameters: Tag Value name -Name of the quick mode policy. soft -Allow unsecured communication with non-IPsec-aware computers. This takes a value of either ‘yes’ or ‘no’. pfsgroup -GRP1,GRP2,GRP3,GRPMM,NOPFS(default). qmsecmethods -IPsec offer in one of the following formats: ESP[ConfAlg,AuthAlg]:k/s AH[HashAlg]:k/s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/s where ConfAlg can be DES or 3DES or None. where AuthAlg can be MD5 or SHA1 or None. where HashAlg is MD5 or SHA1. where k is lifetime in kilobytes. where s is lifetime in seconds. Remarks: The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Examples: add qmpolicy name=qmp qmsec="AH[MD5]:10000k/24800s ESP[DES,SHA1]:30000k/300s" |
12251 | 使用方法: mmpolicy [ name = ] [ [ qmpermm = ] ] [ [ mmlifetime = ] ] [ [ softsaexpirationtime = ] ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] 新增一個主要模式原則到 SPD。 參數: 標記 值 name -主要模式原則名稱。 qmpermm -每一個 IKE 主要模式階段中的快速模式階段數。 mmlifetime -重新輸入 (以分鐘計) IKE 的主要模式。 softsaexpirationtime -未受保護的 SA 到期時間 (以分鐘計)。 mmsecmethods -以 ConfAlg-HashAlg-GroupNum 格式列出一個或多 個空格區分安全方式的清單。 ConfAlg 可能是 DES 或 3DES 而 HashAlg 可能是 MD5 或 SHA1。 GroupNum 可以是 1 (Low), 2 (Med), 3 (DH2048)。 備註: 不建議使用 DES 和 MD5。這些加密編譯演算法僅提供為舊版相容性之用。 範例: add mmp name=mmp qmpermm=10 mmlifetime=300 softsa=20 mmsec="3DES-SHA1-3 DES-SHA1-2 3DES-MD5-3" |
Usage: mmpolicy [ name = ] [ [ qmpermm = ] ] [ [ mmlifetime = ] ] [ [ softsaexpirationtime = ] ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] Adds a main mode policy to SPD. Parameters: Tag Value name -Name of the main mode policy. qmpermm -Number of quick mode sessions per main mode session of IKE. mmlifetime -Time in minutes to rekey for main mode of IKE. softsaexpirationtime -Time in minutes for an unprotected SA to expire. mmsecmethods -List of one or more space separated security methods in the form of ConfAlg-HashAlg-GroupNum. where ConfAlg can be DES or 3DES where HashAlg can be MD5 or SHA1 GroupNum can be 1 (Low) or 2 (Med) or 3 (DH2048). Remarks: The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Examples: add mmp name=mmp qmpermm=10 mmlifetime=300 softsa=20 mmsec="3DES-SHA1-3 DES-SHA1-2 3DES-MD5-3" |
12255 | 使用方式: rule [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ mmpolicy = ] [ [ qmpolicy = ] ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) ] [ [ srcport = ] ] [ [ dstport = ] ] [ [ mirrored = ] (yes | no) ] [ [ conntype = ] (lan | dialup | all) ] [ [ actioninbound = ] (permit | block | negotiate) ] [ [ actionoutbound = ] (permit | block | negotiate) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ tunneldstaddress = ] (ip | dns) ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] ] [ [ rootca = ] " certmap:(yes | no) excludecaname:(yes | no)" ] 新增規則。 參數: 標記 值 srcaddr -來源 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱或伺服器類型。 dstaddr -目標 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱或伺服器類型。 mmpolicy -主要模式原則 qmpolicy -快速模式原則 protocol -可以是 ANY、ICMP、TCP、UDP、RAW 或整數。 如果您指定連接埠,可接受的值是 TCP 或 UDP。 srcport -來源連接埠 (0 代表任何連接埠) dstport -目標連接埠 (0 代表任何連接埠) mirrored -‘Yes' 會建立兩個篩選器,每個方向一個。 conntype -連線類型 actioninbound -輸入封包動作 actionoutbound -輸出封包動作 srcmask -來源位址遮罩或首碼為 1 到 32。若 srcaddr 設為範圍則不適用 dstmask -目標位址遮罩或首碼為 1 到 32。若 dstaddr 設為範圍則不適用 tunneldstaddress -通道目標 IP 位址或 DNS 名稱。 kerberos -如果指定為‘yes’則會提供 kerberos 驗證。 psk -使用指定的預先共用金鑰來提供驗證。 rootca -使用指定的根憑證來提供驗證, 如果指定了 certmap:Yes 則會嘗試對應憑證, 如果指定了 excludecaname:Yes 則會排除 CA 名稱。 備註: 1. TCP 和 UDP 連接埠才有效。 2. 伺服器類型可以是 WINS、DNS、DHCP 或 GATEWAY 3. actioninbound 和 actionoutbound 的預設為‘negotiate’。 4. 通道規則的 mirrored 必須設定成 'no'。 5. 憑證、對應,和 CA 名稱設定都要在 引號內; 如裡面尚有引號,請使用 \' 來取代原本的引號。 6. 只有在網域成員裡憑證對應才有效。 7. 可以多次使用 rootca 參數來提供 多重憑證。 8. 每個驗證方法的優先順序是由 在命令裡的順序決定。 9. 如果沒有指定驗證方法,則會使用動態預設值。 10. 排除根憑證授權單位 (CA) 的名稱可以防止 名稱被當成憑證要求的一部分而被傳送出去。 11. 如果已經指定位址範圍,端點必須是明確的位址 (不可以為清單或子網路) 且為相同類型 (應該兩者都是 v4 或兩者都是 v6)。 範例: add rule srcaddr=192.168.145.110 dstaddr=192.168.145.215 mmpolicy=mmp qmpolicy=qmp mirrored=no srcmask=32 dstmask=255.255.255.255 rootca="C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority" rootca="C=US,O=MSFT,CN=\’Microsoft North, South, East, and West Root Authority\’ certmap:yes excludecaname:no" |
Usage: rule [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ mmpolicy = ] [ [ qmpolicy = ] ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) ] [ [ srcport = ] ] [ [ dstport = ] ] [ [ mirrored = ] (yes | no) ] [ [ conntype = ] (lan | dialup | all) ] [ [ actioninbound = ] (permit | block | negotiate) ] [ [ actionoutbound = ] (permit | block | negotiate) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ tunneldstaddress = ] (ip | dns) ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] ] [ [ rootca = ] " certmap:(yes | no) excludecaname:(yes | no)" ] Adds a Rule. Parameters: Tag Value srcaddr - Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. mmpolicy -Main mode policy qmpolicy -Quick mode policy protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. If you specify a port, acceptable value is TCP or UDP. srcport -Source port(0 means any port) dstport -Destination port(0 means any port) mirrored -‘Yes' creates two filters, one in each direction. conntype -Connection type actioninbound -Action for inbound packets actionoutbound -Action for outbound packets srcmask -Source address mask or a prefix of 1 through 32. Not applicable if srcaddr is set to a range dstmask -Destination address mask or a prefix of 1 through 32. Not applicable if dstaddr is set to a range tunneldstaddress -Tunnel destination ip address or dns name. kerberos -Provides kerberos authentication if ‘yes’ is specified. psk -Provides authentication using a specified preshared key. rootca -Provides authentication using a specified root certificate, attempts to map the cert if certmap:Yes is specified, excludes the CA name if excludecaname:Yes is specified. Remarks: 1. Port valid for TCP and UDP. 2. Server type can be WINS, DNS, DHCP or GATEWAY 3. Default for actioninbound and actionoutbound is ‘negotiate’. 4. For tunnel rules, mirrored must be set to 'no'. 5. Certificate, mapping, and CA name settings are all to be within quotes; embedded quotes are to be replaced with \'. 6. Certificate mapping is valid only for domain members. 7. Multiple certificates can be provided by using the rootca parameter multiple times. 8. The preference of each authentication method is determined by its order in the command. 9. If no auth methods are stated, dynamic defaults are used. 10. Excluding the root certification authority (CA) name prevents the name from being sent as part of the certificate request. 11. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Example: add rule srcaddr=192.168.145.110 dstaddr=192.168.145.215 mmpolicy=mmp qmpolicy=qmp mirrored=no srcmask=32 dstmask=255.255.255.255 rootca="C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority" rootca="C=US,O=MSFT,CN=\’Microsoft North, South, East, and West Root Authority\’ certmap:yes excludecaname:no" |
12300 | 在 SPD 裡修改原則、篩選器,和動作。 |
Modifies policy, filter, and actions in SPD. |
12310 | 在 SPD 裡修改快速模式原則。 |
Modifies a quick mode policy in SPD. |
12311 | 在 SPD 裡修改主要模式原則。 |
Modifies a main mode policy in SPD. |
12312 | 在 SPD 裡修改快速模式篩選器。 |
Modifies a quick mode filter in SPD. |
12313 | 在 SPD 裡修改主要模式篩選器。 |
Modifies a main mode filter in SPD. |
12319 | 設定 IPsec 設定和開機時的行為。 |
Sets the IPsec configuration and boot time behavior. |
12320 | 在 SPD 裡修改規則和相關的篩選器。 |
Modifies a rule and associated filters in SPD. |
12350 | 使用方式: qmpolicy [ name = ] [ [ soft = ] (yes | no) ] [ [ pfsgroup = ] (GRP1 | GRP2 | GRP3 | GRPMM | NOPFS) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] 在 SPD 裡修改快速模式原則。 參數: 標記 值 name -快速模式原則名稱。 soft -允許跟非 IPSec 感知的電腦不安全通訊。 可以是 'yes' 或 'no'。 pfsgroup -GRP1、GRP2、GRP3、GRPMM,NOPFS (預設值)。 qmsecmethods -IPSec 提供下列格式之一: ESP[ConfAlg,AuthAlg]:k/s AH[HashAlg]:k/s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/s ConfAlg 可以是 DES 或 3DES 或 None。 AuthAlg 可以是 MD5 或 SHA1 或 None。 HashAlg 是 MD5 或 SHA1。 k 是以 KB 為單位的存留期。 s 是以秒為單位的存留期。 備註: 不建議使用 DES 和 MD5。這些加密編譯演算法僅提供為舊版相容性之用。 範例: set qmpolicy name=qmp pfsg=grp3 qmsec="AH[MD5]:100000k/29999s+ESP[DES,SHA1]" |
Usage: qmpolicy [ name = ] [ [ soft = ] (yes | no) ] [ [ pfsgroup = ] (GRP1 | GRP2 | GRP3 | GRPMM | NOPFS) ] [ [ qmsecmethods = ] (neg#1 neg#2 ... neg#n) ] Modifies a quick mode policy in SPD. Parameters: Tag Value name -Name of the quick mode policy. soft -Allow unsecured communication with non-IPsec-aware computers. This takes a value of either 'yes' or 'no'. pfsgroup -GRP1,GRP2,GRP3,GRPMM,NOPFS(default). qmsecmethods -IPsec offer in one of the following formats: ESP[ConfAlg,AuthAlg]:k/s AH[HashAlg]:k/s AH[HashAlg]+ESP[ConfAlg,AuthAlg]:k/s where ConfAlg can be DES, or 3DES or None. where AuthAlg can be MD5, or SHA1 or None. where HashAlg is MD5 or SHA1. where k is lifetime in kilobytes. where s is lifetime in seconds. Remarks: The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Example: set qmpolicy name=qmp pfsg=grp3 qmsec="AH[MD5]:100000k/29999s+ESP[DES,SHA1]" |
12351 | 使用方式: mmpolicy [ name = ] [ [ qmpermm = ] ] [ [ mmlifetime = ] ] [ [ softsaexpirationtime = ] ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] 使用 SPD 中的新參數修改主要模式原則。 參數: 標記 值 name -主要模式原則名稱。 qmpermm -每一個 IKE 主要模式階段中的快速模式階段數。 mmlifetime -重新輸入 (以分鐘計) IKE 的主要模式。 softsaexpirationtime -未受保護的 SA 到期時間 (以分鐘計)。 mmsecmethods -以 ConfAlg-HashAlg-GroupNum 格式列出一個或多 個空格區分安全方式的清單。 ConfAlg 可能是 DES 或 3DES,HashAlg 是 MD5 或 SHA1, GroupNum 可能是 1 (Low) 或 2 (Med) 或 3 (DH2048)。 備註: 不建議使用 DES 和 MD5。這些加密編譯演算法僅提供為舊版相容性之用。 範例: set mmpolicy name=mmp qmpermm=10 mmlife=10 mmsecmethod=3DES-MD5-3 |
Usage: mmpolicy [ name = ] [ [ qmpermm = ] ] [ [ mmlifetime = ] ] [ [ softsaexpirationtime = ] ] [ [ mmsecmethods = ] (sec#1 sec#2 ... sec#n) ] Modifies a main mode policy with the new parameters in SPD. Parameters: Tag Value name -Name of the main mode policy. qmpermm -Number of quick mode sessions per main mode session of IKE. mmlifetime -Time in minutes to rekey for main mode of IKE. softsaexpirationtime -Time in minutes for an unprotected SA to expire. mmsecmethods -List of one or more space separated security methods in the form of ConfAlg-HashAlg-GroupNum, where ConfAlg can be DES or 3DES, HashAlg is MD5 or SHA1, GroupNum can be 1 (Low) or 2 (Med) or 3 (DH2048). Remarks: The use of DES and MD5 is not recommended. These cryptographic algorithms are provided for backward compatibility only. Example: set mmpolicy name=mmp qmpermm=10 mmlife=10 mmsecmethod=3DES-MD5-3 |
12359 | 使用方式: config [ property = ] (ipsecdiagnostics | ipsecexempt | ipsecloginterval | ikelogging | strongcrlcheck | bootmode | bootexemptions) ] [ value = ] | | ] 設定 IPsec 的參數。 參數: 標記 值 property -屬性名稱。 value -對應至屬性的值。 備註: 1. 有效的屬性值包括: ipsecdiagnostics - 0, 1, 2, 3, 4, 5, 6, 7 ikelogging - 0, 1 strongcrlcheck - 0, 1, 2 ipsecloginterval - 60 到 86400 秒 ipsecexempt - 0, 1, 2, 3 bootmode - stateful, block, permit bootexemptions - none, "exemption#1 exemption#2 ... exemption#n" 引號中的字串指定開機模式中永遠允許的通訊協定與連 接埠清單,格式如下: Protocol:SrcPort:DstPort:Direction 其中,protocol 是 ICMP, TCP, UDP, RAW 或 而 direction 是 inbound 或 outbound 2. ipsecdiagnostics、ikelogging、ipsecloginterval、bootmode 與 bootexemptions 選項僅提供回溯相容之用。對於 Windows Vista 與更新的作業系統無效。 3. SrcPort 與 DstPort 只對於 TCP 與 UDP 才有效,對於其他通訊協定,豁免的格式 是 Protocol:Direction。 4. 連接埠設定值 0 可允許任何連接埠的流量。 5. ikelogging 與 strongcrlcheck 會立即啟動; 所有其他屬性則會在下次開機時 才生效。 範例: 1. set config property=ipsecdiagnostics value=0 2. set config property=bootmode value=stateful 3. set config property=bootexemptions value=none 4. set config property=bootexemptions value="ICMP:inbound TCP:80:80:outbound" |
Usage: config [ property = ] (ipsecdiagnostics | ipsecexempt | ipsecloginterval | ikelogging | strongcrlcheck | bootmode | bootexemptions) ] [ value = ] | | ] Configures the parameters for IPsec. Parameters: Tag Value property -Property name. value -Value that corresponds to the property. Remarks: 1. Valid values for the properties are: ipsecdiagnostics - 0, 1, 2, 3, 4, 5, 6, 7 ikelogging - 0, 1 strongcrlcheck - 0, 1, 2 ipsecloginterval - 60 to 86400 sec ipsecexempt - 0, 1, 2, 3 bootmode - stateful, block, permit bootexemptions - none, "exemption#1 exemption#2 ... exemption#n" where the quoted string specifies a list of protocols and ports to always allow during boot mode in the following format: Protocol:SrcPort:DstPort:Direction where protocol is ICMP, TCP, UDP, RAW, or where direction is inbound or outbound 2. ipsecdiagnostics, ikelogging, ipsecloginterval, bootmode and bootexemptions options are provided for backward compatibility. Not valid for Windows Vista and later operating systems. 3. SrcPort and DstPort are only valid for TCP and UDP, with other protocols the format of the exemption is Protocol:Direction. 4. A port setting of 0 allows for traffic for any port. 5. ikelogging and strongcrlcheck are activated immediately; all other properties take effect on next boot. Examples: 1. set config property=ipsecdiagnostics value=0 2. set config property=bootmode value=stateful 3. set config property=bootexemptions value=none 4. set config property=bootexemptions value="ICMP:inbound TCP:80:80:outbound" |
12360 | 使用方式: rule [ srcaddr = ] (ip | dns | server) [ dstaddr = ] (ip | dns | server) [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) [ srcport = ] [ dstport = ] [ mirrored = ] (yes | no) [ conntype = ] (lan | dialup | all) [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ tunneldstaddress = ] (ip | dns) ] [ [ mmpolicy = ] ] [ [ qmpolicy = ] ] [ [ actioninbound = ] (permit | block | negotiate) ] [ [ actionoutbound = ] (permit | block | negotiate) ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] ] [ [ rootca = ] " certmap:(yes | no) excludecaname:(yes | no)" ] 在 SPD 裡修改規則和關聯的篩選器。 參數: 標記 值 srcaddr - 來源 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱或伺服器類型。 dstaddr -目的地 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱或伺服器類型。 protocol -可以是 ANY、ICMP、TCP、UDP、RAW 或整數。 srcport -來源連接埠 (0 代表任何連接埠) dstport -目的地連接埠 (0 代表任何連接埠) mirrored -'Yes'會建立兩個篩選器,每個方向一個。 conntype -連線類型 srcmask -來源位址遮罩或 1 到 32 間的首碼。若 rcaddr 設為範圍則不適用 dstmask -目的地位址遮罩或 1 到 32 間的首碼。若 dstaddr 設為範圍則不適用 tunneldstaddress -通道目的地 IP 位址或 DNS 名稱。 mmpolicy -主要模式原則 qmpolicy -快速模式原則 actioninbound -輸入封包動作 actionoutbound -輸出封包動作 kerberos -如果指定了'yes'則會提供 kerberos 驗證 psk -使用指定的預先共用金鑰來提供驗證 rootca -使用指定的根憑證來提供驗證,如果指定了 certmap:Yes 則嘗試對應憑證,如果指 定了 excludecaname:Yes 則排除 CA 名稱。 備註: 1. 可以設定 Mmpolicy、qmpolicy、actioninbound、actionoutbound 和 authmethods,其他欄位 是識別元。 2. 伺服器類型可以是 WINS、DNS、DHCP 或 GATEWAY 3. 憑證、對應和 CA 名稱設定都要在引號內; 用 \' 來取代內嵌式引號。 4. 只有在網域成員裡憑證對應才有效。 5. 可以多次使用 rootca 參數來提供多重憑證。 6. 每個驗證方法的順序是由它在命令裡的順序來決定的。 7. 如果沒有指定驗證方法,會使用動態預設值。 8. 所有驗證方法都會被指定的清單覆寫。 9. 排除根憑證授權單位 (CA) 名稱可防止該名稱被當成憑證要求的一部分被送出。 10. 如果指定位址範圍,則端點必須是特定的位址 (不可以為清單或子網路) 且為相同類型 (應該兩者都是 v4 或兩者都是 v6)。 範例: 1. set rule srca=WINS dsta=0.0.0.0 srcmask=32 dstmask=32 tunneldst=192.168.145.1 proto=tcp srcport=80 dstport=80 mir=no con=lan qmp=qmp actionin=negotiate actionout=permit 2. set rule srcaddr=192.168.145.110 dstaddr=192.168.145.215 mmpolicy=mmp qmpolicy=qmp mirrored=no srcmask=32 rootca="C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority" rootca="C=US,O=MSFT,CN=\'Microsoft North, South, East, and West Root Authority\' certmap:yes excludecaname:no" |
Usage: rule [ srcaddr = ] (ip | dns | server) [ dstaddr = ] (ip | dns | server) [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) [ srcport = ] [ dstport = ] [ mirrored = ] (yes | no) [ conntype = ] (lan | dialup | all) [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ tunneldstaddress = ] (ip | dns) ] [ [ mmpolicy = ] ] [ [ qmpolicy = ] ] [ [ actioninbound = ] (permit | block | negotiate) ] [ [ actionoutbound = ] (permit | block | negotiate) ] [ [ kerberos = ] (yes | no) ] [ [ psk = ] ] [ [ rootca = ] " certmap:(yes | no) excludecaname:(yes | no)" ] Modifies a rule and associated filters in SPD. Parameters: Tag Value srcaddr - Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. srcport -Source port (0 means any port) dstport -Destination port (0 means any port) mirrored -'Yes' creates two filters, one in each direction. conntype -Connection type srcmask -Source address mask or a prefix of 1 through 32. Not applicable if srcaddr is set to a range dstmask -Destination address mask or a prefix of 1 through 32. Not applicable if dstaddr is set to a range tunneldstaddress -Tunnel destination ip address or dns name. mmpolicy -Main mode policy qmpolicy -Quick mode policy actioninbound -Action for inbound packets actionoutbound -Action for outbound packets kerberos -Provides kerberos authentication if ‘yes’ is specified psk -Provides authentication using a specified preshared key rootca -Provides authentication using a specified root certificate, attempts to map the cert if certmap:Yes is specified, excludes the CA name if excludecaname:Yes is specified. Remarks: 1. Mmpolicy, qmpolicy, actioninbound, actionoutbound and authmethods can be set; other fields are identifiers. 2. Server type can be WINS, DNS, DHCP or GATEWAY 3. Certificate, mapping, and CA name settings are all to be within quotes; embedded quotes are to be replaced with \'. 4. Certificate mapping is valid only for domain members. 5. Multiple certificates can be provided by using the rootca parameter multiple times. 6. The preference of each authentication method is determined by its order in the command. 7. If no auth methods are stated, dynamic defaults are used. 8. All authentication methods are overwritten with the stated list. 9. Excluding the root certification authority (CA) name prevents the name from being sent as part of the certificate request. 10. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: 1. set rule srca=WINS dsta=0.0.0.0 srcmask=32 dstmask=32 tunneldst=192.168.145.1 proto=tcp srcport=80 dstport=80 mir=no con=lan qmp=qmp actionin=negotiate actionout=permit 2. set rule srcaddr=192.168.145.110 dstaddr=192.168.145.215 mmpolicy=mmp qmpolicy=qmp mirrored=no srcmask=32 rootca="C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority" rootca="C=US,O=MSFT,CN=\’Microsoft North, South, East, and West Root Authority\’ certmap:yes excludecaname:no" |
12400 | 從 SPD 裡刪除原則、篩選器,和動作。 |
Deletes policy, filter, and actions from SPD. |
12410 | 從 SPD 裡刪除快速模式原則。 |
Deletes a quick mode policy from SPD. |
12411 | 從 SPD 裡刪除主要模式原則。 |
Deletes a main mode policy from SPD. |
12414 | 從 SPD 裡刪除規則和相關的篩選器。 |
Deletes a rule and associated filters from SPD. |
12415 | 從 SPD 裡刪除所有原則,篩選器和動作。 |
Deletes all policies, filters, and actions from SPD. |
12450 | 使用方式: qmpolicy [ name = ] | [ all ] 從 SPD 裡刪除快速模式原則。 如果指定了 'all',會刪除所有快速模式原則。 參數: 標記 值 name -快速模式原則名稱。 備註: 必須先刪除任何關聯的快速模式篩選器才能刪除快速模式原則。 範例: delete qmpolicy name=qmp |
Usage: qmpolicy [ name = ] | [ all ] Deletes a quick mode policy from SPD. If 'all' is specified, all quick mode policies are deleted. Parameters: Tag Value name -Name of the quick mode policy. Remarks: To delete a quick mode policy, any associated quick mode filters must first be deleted. Examples: delete qmpolicy name=qmp |
12451 | 使用方式: mmpolicy [ name = ] | [ all ] 從 SPD 裡刪除主要模式原則。 如果指定了 'all',會刪除所有主要模式原則。 參數: 標記 值 name -主要模式原則名稱。 備註: 必須先刪除任何關聯的主要模式篩選器才能刪除主要模式原則。 範例: delete mmpolicy name=mmp |
Usage: mmpolicy [ name = ] | [ all ] Deletes a main mode policy from SPD. If 'all' is specified, all main mode policies are deleted. Parameters: Tag Value name -Name of the main mode policy. Remarks: To delete a main mode policy, any associated main mode filters must first be deleted. Examples: delete mmpolicy name=mmp |
12454 | 使用方式: rule [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) [ srcport = ] [ dstport = ] [ mirrored = ] (yes | no) [ conntype = ] (lan | dialup | all) [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ tunneldstaddress = ] (ip | dns) ] 從 SPD 裡刪除規則。 參數: 標記 值 srcaddr -來源 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱或伺服器類型。 dstaddr -目的地 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱或伺服器類型。 protocol -可以是 ANY、ICMP、TCP、UDP、RAW 或整數。 srcport -來源連接埠。0 代表任何連接埠。 dstport -目的地連接埠。0 代表任何連接埠。 mirrored -'Yes' 會建立兩個篩選器,每個方向一個。 conntype -連線類型可以是 lan、dialup 或 'all'。 srcmask -來源位址遮罩或 1 到 32 間的首碼。 dstmask -目的地位址遮罩或 1 到 32 間的首碼。 tunneldstaddress -通道目的地 IP 位址或 DNS 名稱。 備註: 1. 若要指定目前電腦位址,請設定 srcaddr/dstaddr=me 若要指定所有電腦位址,請設定 srcaddr/dstaddr=any 2. 伺服器類型可以是 WINS、DNS、DHCP 或 GATEWAY 3. 如果已經指定位址範圍,端點必須是明確的位址 (不可以為清單或子網路) 且為相同類型 (應該兩者都是 v4 或兩者都是 v6)。 範例: delete rule srca=192.168.145.110 dsta=192.168.145.215 tunneldsta=192.168.145.1 proto=tcp srcport=80 dstport=80 mirror=no conntype=lan |
Usage: rule [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) [ srcport = ] [ dstport = ] [ mirrored = ] (yes | no) [ conntype = ] (lan | dialup | all) [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ tunneldstaddress = ] (ip | dns) ] Deletes a rule from SPD. Parameters: Tag Value srcaddr -Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. srcport -Source port. A value of 0 means any port. dstport -Destination port. A value of 0 means any port. mirrored -‘Yes’ creates two filters, one in each direction. conntype -Connection type can be lan, dialup or ‘all’. srcmask -Source address mask or a prefix of 1 through 32. dstmask -Destination address mask or a prefix of 1 through 32. tunneldstaddress -Tunnel destination ip address or dns name. Remarks: 1. To specify the current computer address, set srcaddr/dstaddr=me To specify all computer addresses, set srcaddr/dstaddr=any 2. Server type can be WINS, DNS, DHCP or GATEWAY 3. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: delete rule srca=192.168.145.110 dsta=192.168.145.215 tunneldsta=192.168.145.1 proto=tcp srcport=80 dstport=80 mirror=no conntype=lan |
12455 | 使用方式: all 從 SPD 裡刪除所有原則,篩選器,和驗證方法。 範例: delete all |
Usage: all Deletes all policies, filters, and authentication methods from SPD. Example: delete all |
12500 | 從 SPD 裡顯示原則、篩選器,和動作。 |
Displays policy, filter, and actions from SPD. |
12510 | 從 SPD 顯示原則、篩選器、SA,和統計。 |
Displays policies, filters, SAs, and statistics from SPD. |
12511 | 從 SPD 裡顯示主要模式原則詳細資訊。 |
Displays main mode policy details from SPD. |
12512 | 從 SPD 裡顯示快速模式原則詳細資訊。 |
Displays quick mode policy details from SPD. |
12513 | 從 SPD 裡顯示主要模式篩選器詳細資訊。 |
Displays main mode filter details from SPD. |
12514 | 從 SPD 裡顯示快速模式篩選器詳細資訊。 |
Displays quick mode filter details from SPD. |
12515 | 從 SPD 裡顯示 IPsec 和 IKE 統計。 |
Displays IPsec and IKE statistics from SPD. |
12516 | 從 SPD 裡顯示主要模式安全性關聯。 |
Displays main mode security associations from SPD. |
12517 | 從 SPD 裡顯示快速模式安全性關聯。 |
Displays quick mode security associations from SPD. |
12518 | 顯示 IPsec 設定。 |
Displays IPsec configuration. |
12519 | 從 SPD 顯示規則詳細。 |
Displays rule details from SPD. |
12550 | 使用方式: all [ [ resolvedns = ] (yes | no) ] 顯示所有 SPD 裡的原則、篩選器,SA 和統計的詳細資訊。 參數: 標記 值 resolvedns -'yes' 會顯示解析的 DNS 名稱。 備註: resolvedns 的預設值是‘no’。 範例: show all yes - 顯示所有具有 DNS 解析的資訊 |
Usage: all [ [ resolvedns = ] (yes | no) ] Displays details of all policies, filters, SAs, and statistics from SPD. Parameters: Tag Value resolvedns -Value of 'yes' displays the resolved dns name. Remarks: Default value of resolvedns is ‘no’. Examples: show all yes - shows all information with dns resolution |
12551 | 使用方式: mmpolicy [ name = ] | [ all ] 顯示 SPD 裡的主要模式原則的詳細資訊。 參數: 標記 值 name -主要模式原則名稱。 備註: 如果指定了 'all',會顯示所有主要模式原則。 範例: 1. show mmpolicy name=mmp 2. show mmpolicy all |
Usage: mmpolicy [ name = ] | [ all ] Displays main mode policy details from SPD. Parameters: Tag Value name -Name of the main mode policy. Remarks: If 'all' is specified, all main mode policies are displayed. Examples: 1. show mmpolicy name=mmp 2. show mmpolicy all |
12552 | 使用方式: qmpolicy [ name = ] | [ all ] 顯示 SPD 裡的快速模式原則的詳細資訊。 參數: 標記 值 name -快速模式原則名稱。 備註: 如果指定了 'all',會顯示所有快速模式原則。 範例: 1. show qmpolicy name=qmp 2. show qmpolicy all |
Usage: qmpolicy [ name = ] | [ all ] Displays quick mode policy details from SPD. Parameters: Tag Value name -Name of the quick mode policy. Remarks: If 'all' is specified, all quick mode policies are displayed. Examples: 1. show qmpolicy name=qmp 2. show qmpolicy all |
12553 | 使用方式: mmfilter [ name = ] | [ all ] [ [ type = ] (generic | specific) ] [ [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ resolvedns = ] (yes | no) ] 顯示來自 SPD 主要模式篩選器的詳細資料。 參數: 標記 值 name | all -主要模式篩選器名稱或‘all’。 type -要顯示的篩選器類型,specific 或 generic。 srcaddr -來源 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱,或伺服器類型。 dstaddr -目標 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱,或伺服器類型。 srcmask -來源位址遮罩或首碼為 1 到 32。 dstmask -目標位址遮罩或首碼為 1 到 32。 resolvedns -設為 'yes' 會顯示解析的 DNS 名稱。 備註: 1. type 參數預設為‘generic’。 2. 伺服器類型可以是 WINS、DNS、DHCP 或 GATEWAY。 3. 如果指定了 'all',則會顯示所有主要模式篩選器。 4. 如果指定了來源位址或目標位址, 則只會顯示跟該位址相關聯的篩選器。 5. 如果已經指定位址範圍,端點必須是明確的位址 (不可以為清單或子網路) 且為相同類型 (應該兩者都是 v4 或兩者都是 v6)。 範例: 1. show mmfilter name=mmf 2. show mmfilter all srcaddr=wins dstaddr=192.168.145.112 |
Usage: mmfilter [ name = ] | [ all ] [ [ type = ] (generic | specific) ] [ [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ resolvedns = ] (yes | no) ] Displays main mode filter details from SPD. Parameters: Tag Value name | all -Name of the main mode filter or ‘all’. type -Type of filter to display, either specific or generic. srcaddr - Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. srcmask -Source address mask or a prefix of 1 through 32. dstmask -Destination address mask or a prefix of 1 through 32. resolvedns -Value of 'yes' displays the resolved dns name. Remarks: 1. Default for the type parameter is ‘generic’. 2. Server type can be WINS, DNS, DHCP or GATEWAY. 3. If 'all' is specified, all main mode filters are displayed. 4. If source address or destination address is specified, only filters associated with that address are displayed. 5. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: 1. show mmfilter name=mmf 2. show mmfilter all srcaddr=wins dstaddr=192.168.145.112 |
12554 | 使用方式: qmfilter [ name = ] | [ all ] [ [ type = ] (generic | specific) ] [ [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) ] [ [ srcport = ] ] [ [ dstport = ] ] [ [ actioninbound = ] (permit | block | negotiate) ] [ [ actionoutbound = ] (permit | block | negotiate) ] [ [ resolvedns = ] (yes | no) ] 顯示 SPD 裡的快速模式篩選器的詳細資訊。 參數: 標記 值 name -快速模式篩選器的名稱。 type -要顯示的篩選器類型,specific 或 generic。 srcaddr -來源 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱或伺服器類型。 dstaddr -目的地 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱或伺服器類型。 srcmask -來源位址遮罩或 1 到 32 間的首碼。 dstmask -目的地位址遮罩或 1 到 32 間的首碼。 protocol -可以是 ANY、ICMP、TCP、UDP、RAW 或整數。 srcport -來源連接埠。0 代表任何連接埠。 dstport -目的地連接埠。0 代表任何連接埠。 actioninbound -輸入封包動作。 actionoutbound -輸出封包動作。 resolvedns -值 'yes' 會顯示解析的 DNS 名稱。 備註: 1. 若未指定 type 參數,則會顯示'generic' 和 'specific' 篩選器。 2. 伺服器類型可以是 WINS、DNS、DHCP 或 GATEWAY。 3. 如果已經指定位址範圍,端點必須是明確的位址 (不可以為清單或子網路) 且為相同類型 (應該兩者都是 v4 或兩者都是 v6)。 範例: 1. show qmfilter name=qmf 2. show qmfilter all srcaddr=192.134.135.133 proto=TCP 3. 如果指定了 'all',會顯示所有快速模式篩選器。 4. 如果指定了來源位址名稱或目的地位址名稱, 只會顯示與該位址關聯的篩選器。 |
Usage: qmfilter [ name = ] | [ all ] [ [ type = ] (generic | specific) ] [ [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) ] [ [ srcport = ] ] [ [ dstport = ] ] [ [ actioninbound = ] (permit | block | negotiate) ] [ [ actionoutbound = ] (permit | block | negotiate) ] [ [ resolvedns = ] (yes | no) ] Displays quick mode filter details from SPD. Parameters: Tag Value name -Name of the quick mode filter. type -Type of filter to display, either specific or generic. srcaddr - Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. srcmask -Source address mask or a prefix of 1 through 32. dstmask -Destination address mask or a prefix of 1 through 32. protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. srcport -Source port. A value of 0 means any port. dstport -Destination port. A value of 0 means any port. actioninbound -Action for inbound packets. actionoutbound -Action for outbound packets. resolvedns -Value of 'yes' displays the resolved dns name. Remarks: 1. If the type is not specified then both ‘generic’ and ‘specific’ filters are displayed. 2. Server type can be WINS, DNS, DHCP or GATEWAY. 3. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: 1. show qmfilter name=qmf 2. show qmfilter all srcaddr=192.134.135.133 proto=TCP 3. If 'all' is specified, all quick mode filters are displayed. 4. If source or destination address name is specified, only filters associated with that address are displayed. |
12555 | 使用方式: stats [ [type =] (all | ike | IPsec) ] 顯示 IPsec 和 IKE 統計的詳細資訊。 參數: 標記 值 type -IPsec、ike 或 all (會顯示 IPsec 和 ike) 備註: 範例: 1. show stats all 2. show stats type=IPsec |
Usage: stats [ [type =] (all | ike | ipsec) ] Displays details of IPsec and IKE statistics. Parameters: Tag Value type -ipsec, ike, or all (which displays both ipsec and ike) Remarks: Examples: 1. show stats all 2. show stats type=ipsec |
12556 | 使用方式: mmsas [ [ all ] ] [ [ srcaddr =] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr =] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ format = ] (list | table) ] [ [ resolvedns = ] (yes | no) ] 顯示指定位址的主要模式安全性關聯。 參數: 標記 值 all -顯示所有主要模式的安全性關聯。 srcaddr -來源 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱,或伺服器類型。 dstaddr -目標 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱,或伺服器類型。 format -輸入到螢幕或用 Tab 分隔格式輸入。 resolvedns -'yes' 會顯示解析的 DNS 名稱。 備註: 1. 伺服器類型可以是 WINS、DNS、DHCP 或 GATEWAY。 2. 如果已經指定位址範圍,端點必須是明確的位址 (不可以為清單或子網路) 且為相同類型 (應該兩者都是 v4 或兩者都是 v6)。\ 範例: 1. show mmsas all 2. show mmsas srca=192.168.145.110 dsta=192.168.145 .215 |
Usage: mmsas [ [ all ] ] [ [ srcaddr =] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr =] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ format = ] (list | table) ] [ [ resolvedns = ] (yes | no) ] Displays the main mode security associations for a specified address. Parameters: Tag Value all -Display all main mode security associations. srcaddr - Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address(ipv4 or ipv6), address range, dns name, or server type. format -Output in screen or tab-delimited format. resolvedns -Value of 'yes' displays the resolved dns name. Remarks: 1. Server type can be WINS, DNS, DHCP or GATEWAY. 2. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6).\ Examples: 1. show mmsas all 2. show mmsas srca=192.168.145.110 dsta=192.168.145 .215 |
12557 | 使用方式: qmsas [ [ all ] ] [ [ srcaddr =] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr =] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) ] [ [ format = ] (list | table) ] [ [ resolvedns = ] (yes | no) ] 顯示指定位址的快速模式安全性關聯。 參數: 標記 值 all -顯示所有快速模式安全性關聯。 srcaddr -來源 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱或伺服器類型。 dstaddr -目的地 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱或伺服器類型。 protocol -可以是 ANY、ICMP、TCP、UDP、RAW 或整數。 format -在螢幕上顯示或以 Tab 分隔格式輸出。 resolvedns -值 'yes' 會顯示解析的 DNS 名稱。 備註: 1. 伺服器類型可以是 WINS、DNS、DHCP 或 GATEWAY。 2. 如果已經指定位址範圍,端點必須是明確的位址 (不可以為清單或子網路) 且為相同類型 (應該兩者都是 v4 或兩者都是 v6)。 範例: 1. show qmsas all 2. show qmsas srca=192.168.145.110 dsta=192.168.145.215 |
Usage: qmsas [ [ all ] ] [ [ srcaddr =] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr =] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) ] [ [ format = ] (list | table) ] [ [ resolvedns = ] (yes | no) ] Displays the quick mode security associations for a specified address. Parameters: Tag Value all -Displays all quick mode security associations. srcaddr -Source ip address(ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address(ipv4 or ipv6), address range, dns name, or server type. protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. format -Output in screen or tab-delimited format. resolvedns -Value of 'yes' displays the resolved dns name. Remarks: 1. Server type can be WINS, DNS, DHCP or GATEWAY. 2. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: 1. show qmsas all 2. show qmsas srca=192.168.145.110 dsta=192.168.145.215 |
12558 | 使用方式: config 顯示目前 IPsec 設定參數的設定。 備註: 範例: show config |
Usage: config Displays current settings of IPsec configuration parameters. Remarks: Example: show config |
12559 | 使用方式: rule [ [ type = ] (transport | tunnel) ] [ [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) ] [ [ srcport = ] ] [ [ dstport = ] ] [ [ actioninbound = ] (permit | block | negotiate) ] [ [ actionoutbound = ] (permit | block | negotiate) ] [ [ resolvedns = ] (yes | no) ] 顯示 SPD 裡得規則詳細資訊。 參數: 標記 值 type -要顯示的規則類型,transport 或 tunnel。 srcaddr -來源 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱或伺服器類型。 dstaddr -目的地 IP 位址 (ipv4 或 ipv6)、位址範圍、DNS 名稱或伺服器類型。 srcmask -來源位址遮罩或 1 到 32 間的首碼。 dstmask -目的地位址遮罩或 1 到 32 間的首碼。 protocol -可以是 ANY、ICMP、TCP、UDP、RAW 或整數。 srcport -來源連接埠。0 代表任何連接埠。 dstport -目的地連接埠。0 代表任何連接埠。 actioninbound -輸入封包動作。 actionoutbound -輸出封包動作。 resolvedns -值 'yes' 會顯示解析的 DNS 名稱。 備註: 1. type 參數的預設值是'transport'。 2. 伺服器類型可以是 WINS、DNS、DHCP 或 GATEWAY。 3. 如果指定了來源位址名稱或目的地位址名稱,只會顯示與該位址關聯的規則。 4. 如果已經指定位址範圍,端點必須是明確的位址 (不可以為清單或子網路) 且為相同類型 (應該兩者都是 v4 或兩者都是 v6)。 範例: 1. show rule - 顯示 transport 與 tunnel 規則 2. show rule type=transport srcaddr=192.134.135.133 proto=TCP |
Usage: rule [ [ type = ] (transport | tunnel) ] [ [ srcaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ dstaddr = ] (ipv4 | ipv6 | ipv4-ipv4 | ipv6-ipv6 | dns | server) ] [ [ srcmask = ] (mask | prefix) ] [ [ dstmask = ] (mask | prefix) ] [ [ protocol = ] (ANY | ICMP | TCP | UDP | RAW | ) ] [ [ srcport = ] ] [ [ dstport = ] ] [ [ actioninbound = ] (permit | block | negotiate) ] [ [ actionoutbound = ] (permit | block | negotiate) ] [ [ resolvedns = ] (yes | no) ] Displays rule details from SPD. Parameters: Tag Value type -Type of rule to display, either transport or tunnel. srcaddr -Source ip address (ipv4 or ipv6), address range, dns name, or server type. dstaddr -Destination ip address (ipv4 or ipv6), address range, dns name, or server type. srcmask -Source address mask or a prefix of 1 through 32. dstmask -Destination address mask or a prefix of 1 through 32. protocol -Can be ANY, ICMP, TCP, UDP, RAW, or an integer. srcport -Source port. A value of 0 means any port. dstport -Destination port. A value of 0 means any port. actioninbound -Action for inbound packets. actionoutbound -Action for outbound packets. resolvedns -Value of 'yes' displays the resolved dns name. Remarks: 1. Default for the type parameter is ‘transport’. 2. Server type can be WINS, DNS, DHCP or GATEWAY. 3. If source or destination address name is specified, only rules associated with that address are displayed. 4. If an address range is specified, the endpoints need to be specific addresses (not lists, or subnets) and of the same type (both should be v4 or both should be v6). Examples: 1. show rule - shows both transport and tunnel rules 2. show rule type=transport srcaddr=192.134.135.133 proto=TCP |
13001 | 原則數目 : %1!d! |
No. of policies : %1!d! |
13002 | 存放區 : 本機存放區 |
Store : Local Store |
13006 | 存放區 : 網域存放區 |
Store : Domain Store |
13012 | 遠端機器 | Remote Machine |
13013 | 本機機器 | Local Machine |
13014 | 遠端網域 | Remote Domain |
13015 | 本機網域 | Local Domain |
13016 | 本機電腦 | Local Machine |
13017 | 本機網域 | Local Domain |
13100 | 原則名稱 : %1!s! |
Policy Name : %1!s! |
13304 | 規則識別碼 : %1!d!, GUID = %2!s! |
Rule ID : %1!d!, GUID = %2!s! |
13305 | 篩選器清單名稱 : %1!s! |
FilterList Name : %1!s! |
13306 | 篩選器清單名稱 : 無 |
FilterList Name : NONE |
13602 | 原則名稱 : %1!s! |
Policy Name : %1!s! |
13603 | 描述 : %1!s! |
Description : %1!s! |
13604 | 描述 : 無 |
Description : NONE |
13605 | 指派 : 是 |
Assigned : YES |
13606 | 指派 : 否 |
Assigned : NO |
13607 | 主 PFS : 是 |
Master PFS : YES |
13608 | 主 PFS : 否 |
Master PFS : NO |
13609 | 輪詢間隔 : %1!d! 分鐘 |
Polling Interval : %1!d! minutes |
13610 | 規則數目 : %1!d! |
No. of Rules : %1!d! |
13611 | 規則詳細資訊 |
Rule Details |
13612 | ------------ |
------------ |
13615 | 指派 : 是但是 AD 原則覆蓋 |
Assigned : YES but AD Policy Overrides |
13700 | 規則名稱 : %1!s! |
Rule Name : %1!s! |
13701 | 規則名稱 : 無 |
Rule Name : NONE |
13705 | 驗證方法 (%1!d!) |
Authentication Methods(%1!d!) |
13708 | 通道目的地 IP 位址 : | Tunnel Dest IP Address : |
13709 | 連線類型 : 全部 |
Connection Type : ALL |
13710 | 連線類型 : 區域網路 |
Connection Type : LAN |
13711 | 連線類型 : 撥號 |
Connection Type : DIAL UP |
13712 | 連線類型 : 無 |
Connection Type : NONE |
13713 | 篩選器清單詳細資訊 |
FilterList Details |
13714 | ------------------ |
------------------ |
13715 | 在預設回應規則裡不存在篩選器清單 |
No FilterList exists in Default Response Rule |
13716 | 篩選器動作詳細資訊 |
FilterAction Details |
13717 | --------------------- |
--------------------- |
13734 | 傳輸規則數目: %1!d! |
No of Transport rule(s): %1!d! |
13735 | 通道規則數目 : %1!d! |
No of Tunnel rule(s) : %1!d! |
13736 | 啟動 : 是 |
Activated : YES |
13737 | 啟動 : 否 |
Activated : NO |
13738 | 已啟動 : 是 Windows Vista 和較新版本的 Windows 不支援預設回應規則。此原則不會生效。 |
Activated : YES Default response rule is not supported on Windows Vista and later versions of Windows. This policy is not in effect. |
13800 | 篩選器動作名稱 : %1!s! |
FilterAction Name : %1!s! |
13801 | 篩選器動作名稱 : 無 |
FilterAction Name : NONE |
13802 | 動作 : 允許 |
Action : PERMIT |
13803 | 動作 : 封鎖 |
Action : BLOCK |
13804 | 動作 : 交涉安全性 |
Action : NEGOTIATE SECURITY |
13805 | AllowUnsecure(Fallback): 是 |
AllowUnsecure(Fallback): YES |
13806 | AllowUnsecure(Fallback): 否 |
AllowUnsecure(Fallback): NO |
13807 | 輸入 Passthrough : 是 |
Inbound Passthrough : YES |
13808 | 輸入 Passthrough : 否 |
Inbound Passthrough : NO |
13809 | 安全性方式數目: %1!d! | No. of Security.Methods: %1!d! |
13812 | AH ESP 存留 (秒/kB) |
AH ESP LIFE (Sec/kB) |
13813 | -- --- ------------- |
-- --- ------------- |
13815 | QMPFS : YES |
QMPFS : YES |
13816 | QMPFS : NO |
QMPFS : NO |
14200 | KERBEROS |
KERBEROS |
14201 | 根 CA : %1!s! |
Root CA : %1!s! |
14202 | 預先共用金鑰 : %1!s! |
Preshared Key : %1!s! |
14203 | 無 |
NONE |
14300 | 篩選器清單名稱 : %1!s! |
FilterList Name : %1!s! |
14301 | 篩選器清單名稱 : 無 |
FilterList Name : NONE |
14302 | 篩選器數目 : %1!d! |
No. of Filters : %1!d! |
14304 | 篩選器 |
Filter(s) |
14305 | --------- |
--------- |
14308 | GUID : %1!s! |
GUID : %1!s! |
14309 | 上次修改 : %1!s! |
Last Modified : %1!s! |
14500 | 來源 DNS 名稱 : |
Source DNS Name : |
14501 | 來源 DNS 名稱 : %1!s! |
Source DNS Name : %1!s! |
14505 | 來源 DNS 名稱 : 無 |
Source DNS Name : NONE |
14506 | 目的地 DNS 名稱 : |
Destination DNS Name : |
14507 | 目的地 DNS 名稱 : %1!s! |
Destination DNS Name : %1!s! |
14511 | 目的地 DNS 名稱 : 無 |
Destination DNS Name : NONE |
14512 | 鏡像處理 : 是 |
Mirrored : YES |
14513 | 鏡像處理 : 否 |
Mirrored : NO |
14514 | 來源 DNS 名稱 : %1!s! 解析到 | Source DNS Name : %1!s! resolves to |
14515 | 目的地 DNS 名稱 : %1!s! 解析到 | Destination DNS Name : %1!s! resolves to |
14516 | 來源 DNS 名稱 : |
Source DNS Name : |
14517 | 來源 DNS 名稱 : |
Source DNS Name : |
14520 | 目的地 DNS 名稱 : |
Destination DNS Name : |
14521 | 目的地 DNS 名稱 : |
Destination DNS Name : |
14522 | 目的地 DNS 名稱 : |
Destination DNS Name : |
14526 | %1!-15s! | %1!-15s! |
14527 | %1!s! | %1!s! |
14528 | %1!s! |
%1!s! |
14529 | ||
14530 | , | , |
14531 | ... | ... |
14600 | 來源 IP 位址 : |
Source IP Address : |
14602 | 來源 IP 位址 : | Source IP Address : |
14603 | 來源遮罩 : | Source Mask : |
14604 | 目的地 IP 位址 : |
Destination IP Address : |
14606 | 目的地 IP 位址 : | Destination IP Address : |
14607 | 目的地遮罩 : | Destination Mask : |
14608 | 來源連接埠 : %1!d! |
Source Port : %1!d! |
14609 | 來源連接埠 : 任何 |
Source Port : ANY |
14610 | 目的地連接埠 : %1!d! |
Destination Port : %1!d! |
14611 | 目的地連接埠 : 任何 |
Destination Port : ANY |
14615 | 解析到 %1!s! |
resolves to %1!s! |
14617 | 來源 IP 位址 : |
Source IP Address : |
14618 | 來源 IP 位址 : |
Source IP Address : |
14620 | 來源 IP 位址 : |
Source IP Address : |
14621 | 目的地 IP 位址 : |
Destination IP Address : |
14622 | 目的地 IP 位址 : |
Destination IP Address : |
14623 | 目的地 IP 位址 : |
Destination IP Address : |
14624 | 目的地 IP 位址 : |
Destination IP Address : |
14625 | 來源連接埠範圍 : %1!d!-%2!d! |
Source Port Range : %1!d!-%2!d! |
14626 | 目的地連接埠範圍 : %1!d!-%2!d! |
Destination Port Range : %1!d!-%2!d! |
14700 | 通訊協定 : ICMP |
Protocol : ICMP |
14701 | 通訊協定 : TCP |
Protocol : TCP |
14703 | 通訊協定 : UDP |
Protocol : UDP |
14708 | 通訊協定 : RAW |
Protocol : RAW |
14709 | 通訊協定 : 任何 |
Protocol : ANY |
14710 | 通訊協定 : %1!d! |
Protocol : %1!d! |
14802 | 主要模式安全性方式順序 |
Main Mode Security Method Order |
14803 | 主要模式存留期 : %1!d! 分鐘 / %2!d! 快速模式工作階段 |
MainMode LifeTime : %1!d! minutes / %2!d! Quick Mode sessions |
14804 | 加密 完整性 DH 群組 |
Encryption Integrity DH Group |
14805 | ---------- --------- -------- | ---------- --------- -------- |
14900 | DES |
DES |
14901 | 3DES |
3DES |
14902 | SHA1 | SHA1 |
14903 | MD5 | MD5 |
14904 | 低(1) | Low(1) |
14905 | 媒體(2) | Medium(2) |
14906 | 2048 | 2048 |
15001 | 來源機器 : 本機電腦 GPO 為 |
Source Machine : Local Computer GPO for |
15002 | 來源網域 : %1!s! |
Source Domain : %1!s! |
15003 | DC 名稱 : %1!s! |
DC Name : %1!s! |
15004 | GPO 名稱 : %1!s! |
GPO Name : %1!s! |
15005 | 本機 IPsec 原則名稱 : %1!s! |
Local IPsec Policy Name : %1!s! |
15006 | AD IPsec 原則名稱 : %1!s! |
AD IPsec Policy Name : %1!s! |
15007 | GPO DN : %1!s! |
GPO DN : %1!s! |
15008 | GPO OU 連結 : %1!s! |
GPO OU Link : %1!s! |
15009 | AD 原則 DN : %1!s! |
AD Policy DN : %1!s! |
15010 | 本機 IPsec 原則已指派 : 是,但是 AD 原則正在覆蓋中 |
Local IPsec Policy Assigned: Yes, but AD Policy is Overriding |
15011 | 本機 IPsec 原則 DN : %1!s! |
Local IPsec Policy DN : %1!s! |
15016 | 本機 IPsec 原則名稱 : 無 |
Local IPsec Policy Name : NONE |
15017 | AD IPsec 原則名稱 : 無 |
AD IPsec Policy Name : NONE |
15018 | IPsec 原則名稱 : %1!s! |
IPsec Policy Name : %1!s! |
15019 | IPsec 原則 DN : %1!s! |
IPsec Policy DN : %1!s! |
15020 | IPsec 原則已指派 : 是 |
IPsec Policy Assigned : YES |
15021 | 排除 CA 名稱 : 是 |
Exclude CA name : YES |
15022 | 排除 CA 名稱 : 否 |
Exclude CA name : NO |
15023 | Certmapping 已啟用 : 是 |
Certmapping enabled : YES |
15024 | Certmapping 已啟用 : 否 |
Certmapping enabled : NO |
16001 | 原則數目 %1!d! |
No. of policies %1!d! |
16003 | 存放區 本機存放區 |
Store Local Store |
16007 | 存放區 網域存放區 |
Store Domain Store |
16010 | 存放區 本機存放區 |
Store Local Store |
16011 | 存放區 網域存放區 |
Store Domain Store |
16013 | 憑證到帳戶對應 是 |
Cert To Account Mapping YES |
16014 | 憑證到帳戶對應 否 |
Cert To Account Mapping NO |
16100 | 原則名稱 %1!s! |
Policy Name %1!s! |
16101 | 規則名稱 %1!s! |
Rule Name %1!s! |
16303 | 沒指定原則名稱 |
No Policy Name Specified |
16304 | 規則識別碼 %1!d!, GUID = %2!s! |
Rule ID %1!d!, GUID = %2!s! |
16306 | %1!-23s! | %1!-23s! |
16602 | 原則名稱 %1!s! |
Policy Name %1!s! |
16603 | 描述 %1!s! |
Description %1!s! |
16604 | 描述 無 |
Description NONE |
16605 | 指派了 是 |
Assigned YES |
16606 | 指派了 否 |
Assigned NO |
16607 | 主 PFS 是 |
Master PFS YES |
16608 | 主 PFS 否 |
Master PFS NO |
16609 | 輪詢間隔 %1!d! 分鐘 |
Polling Interval %1!d! minutes |
16610 | 規則數目 %1!d! |
No. of Rules %1!d! |
16611 | 規則詳細資訊 |
Rule Details |
16613 | 指派了 是但是 AD 原則覆蓋 |
Assigned YES but AD Policy Overrides |
16614 | 原則名稱 規則 上次修改 指派 |
Policy Name Rules LastModified Assign |
16615 | %1!-32s! | %1!-32s! |
16616 | 是但是 AD 原則覆蓋 |
YES but AD Policy Overrides |
16617 | 是 |
YES |
16618 | 否 |
NO |
16619 | ---------- ----- ------------ ------ |
---------- ----- ------------ ------ |
16620 | 原則名稱 規則 上次修改 |
Policy Name Rules LastModified |
16621 | ----------- ----- ------------ |
----------- ----- ------------ |
16700 | 規則名稱 %1!s! |
Rule Name %1!s! |
16701 | 規則名稱 無 |
Rule Name NONE |
16705 | 啟用 篩選器清單 篩選器動作 驗證 |
Enabled FilterList FilterAction Authentication |
16706 | ------- ---------- ------------ -------------- |
------- ---------- ------------ -------------- |
16707 | 通道目的地 IP 位址 無 |
Tunnel Dest IP Address NONE |
16708 | 通道目的地 IP 位址 | Tunnel Dest IP Address |
16709 | 連線類型 全部 |
Connection Type ALL |
16710 | 連線類型 區域網路 |
Connection Type LAN |
16711 | 連線類型 撥號 |
Connection Type DIAL UP |
16712 | 連線類型 不明 |
Connection Type UNKNOWN |
16716 | 篩選器動作詳細資訊 |
FilterAction Details |
16717 | -------------------- |
-------------------- |
16718 | 啟動了 是 |
Activated YES |
16719 | 啟動了 否 |
Activated NO |
16721 | 是 |
YES |
16722 | 否 |
NO |
16724 | 無 | NONE |
16728 | Kerb | Kerb |
16729 | Cert | Cert |
16730 | Pre | Pre |
16734 | 傳輸規則數目 %1!d! |
No of Transport rule(s) %1!d! |
16735 | 通道規則數目 %1!d! |
No of Tunnel rule(s) %1!d! |
16737 | 啟用 篩選器清單 篩選器動作 通道端點 |
Enabled FilterList FilterAction TunnelEndPoint |
16738 | ------- ---------- ------------ -------------- |
------- ---------- ------------ -------------- |
16739 | 是 Windows Vista 和較新版本的 Windows 不支援預設回應規則。此原則不會生效。 |
YES Default response rule is not supported on Windows Vista and later versions of Windows. This policy is not in effect. |
16740 | 已啟動 是 Windows Vista 和較新版本的 Windows 不支援預設回應規則。此原則不會生效。 |
Activated YES Default response rule is not supported on Windows Vista and later versions of Windows. This policy is not in effect. |
16800 | 篩選器動作名稱 %1!s! |
FilterAction Name %1!s! |
16801 | 篩選器動作名稱 無 |
FilterAction Name NONE |
16802 | 動作 允許 |
Action PERMIT |
16803 | 動作 封鎖 |
Action BLOCK |
16804 | 動作 交涉安全性 |
Action NEGOTIATE SECURITY |
16805 | 輸入 PassThrough 是 |
InBound PassThrough YES |
16806 | 輸入 PassThrough 否 |
InBound PassThrough NO |
16807 | AllowUnSecure(Fallback) 是 |
AllowUnSecure(Fallback) YES |
16808 | AllowUnSecure(Fallback) 否 |
AllowUnSecure(Fallback) NO |
16810 | 安全性方法 |
Security Methods |
16812 | AH ESP 秒鐘 kBytes |
AH ESP Seconds kBytes |
16813 | -- --- ------- ------ |
-- --- ------- ------ |
16814 | QMPFS 是 |
QMPFS YES |
16815 | QMPFS 否 |
QMPFS NO |
16816 | 篩選器動作名稱 動作 上次修改 |
FilterAction Name Action Last Modified |
16817 | ----------------- ------ ------------- |
----------------- ------ ------------- |
16818 | %1!-38s! | %1!-38s! |
16820 | 許可 | PERMIT |
16821 | 區塊 | BLOCK |
16822 | 訊號交涉 | NEGOTIATE |
16824 | %1!-23s! |
%1!-23s! |
17000 | [MD5 ] | [MD5 ] |
17001 | [SHA1] | [SHA1] |
17002 | [無] | [NONE] |
17003 | [無 , 無] | [NONE , NONE] |
17007 | [MD5 , | [MD5 , |
17008 | [SHA1 , | [SHA1 , |
17009 | [無 , | [NONE , |
17010 | DES ] | DES ] |
17011 | 3DES] | 3DES] |
17012 | 無] | NONE] |
17100 | %1!6u! %2!10u! |
%1!6u! %2!10u! |
17201 | ROOT CA %1!s! |
ROOT CA %1!s! |
17202 | 預先共用金鑰 %1!s! |
PRESHARED Key %1!s! |
17300 | 篩選器清單名稱 %1!s! |
FilterList Name %1!s! |
17301 | 篩選器清單名稱 無 |
FilterList Name NONE |
17306 | 篩選器清單名稱 篩選器 上次修改 |
FilterList Name Filters Last Modified |
17307 | --------------- ------- ------------- |
--------------- ------- ------------- |
17308 | GUID %1!s! |
GUID %1!s! |
17309 | 上次修改 %1!s! |
Last Modified %1!s! |
17310 | 篩選器數目 %1!d! |
No. of Filters %1!d! |
17501 | %1!-45s! | %1!-45s! |
17508 | %1!5d! | %1!5d! |
17512 | 是 | YES |
17513 | 否 | NO |
17514 | Mir 來源 來源遮罩 目的地 目的地遮罩 通訊協定 來源通訊協定 目的地通訊協定 |
Mir Source SrcMask Destination DstMask Proto SrcPort DstPort |
17515 | --- ------------- ------------- ------------- ------------- ------- ------- ------- |
--- ------------- ------------- ------------- ------------- ------- ------- ------- |
17600 | ||
17608 | %1!3d! | %1!3d! |
17609 | 任何 | ANY |
17610 | %1!3d! |
%1!3d! |
17611 | 任何 |
ANY |
17612 | DNS SERVER | DNS SERVER |
17613 | WINS SERVER | WINS SERVER |
17614 | DHCP SERVER | DHCP SERVER |
17615 | DEFAULT GATEWAY | DEFAULT GATEWAY |
17616 | %1!3d!-%2!3d! | %1!3d!-%2!3d! |
17617 | %1!3d!-%2!3d! |
%1!3d!-%2!3d! |
17700 | ICMP | ICMP |
17701 | TCP | TCP |
17703 | UDP | UDP |
17708 | RAW | RAW |
17710 | OTHER | OTHER |
17803 | 主要模式存留期 %1!d! 分鐘 / %2!d! 快速模式工作階段 |
MainMode LifeTime %1!d! minutes / %2!d! Quick mode sessions |
17804 | 加密性 整合性 DH 群組 |
Encryption Integrity DH Group |
17805 | ---------- --------- -------- | ---------- --------- -------- |
17900 | DES |
DES |
17901 | 3DES |
3DES |
18000 | 獨立篩選器動作 |
Stand Alone FilterAction(s) |
18001 | --------------------------- |
--------------------------- |
18004 | 獨立篩選器動作數目 %1!d! |
No. of Standalone FilterActions %1!d! |
18100 | 獨立篩選器清單 |
Stand Alone FilterList(s) |
18101 | ------------------------- |
------------------------- |
18104 | 獨立篩選器清單數目 %1!d! |
No. of Standalone FilterLists %1!d! |
18200 | 篩選器清單數目 %1!d! |
No. of FilterLists %1!d! |
18204 | 篩選器清單數目 : %1!d! |
No. of FilterLists : %1!d! |
18300 | 篩選器動作數目 %1!d! |
No. of FilterActions %1!d! |
18304 | 篩選器動作數目 : %1!d! |
No. of FilterActions : %1!d! |
18500 | 原則 '%1!s!' 是使用中。您還是想要刪除嗎? (是/否) |
The policy '%1!s!' is ACTIVE. Still would you like to delete? (Y/N) |
18503 | 您想要刪除所有跟這個原則關聯的篩選器清單和篩選器動作嗎 ? (是/否) |
Would you like to delete all the Filter List(s) and Filter Action(s) associated with the policy ? (Y/N) |
18602 | 刪除所有篩選器清單 | Delete all the Filter Lists from |
18603 | ? (是/否) |
? (Y/N) |
18652 | 刪除所有篩選器動作 | Delete all the Filter Actions from |
18706 | 您想要刪除跟這個規則關聯的篩選器清單和篩選器動作嗎? (是/否) |
Would you like to delete both the Filter List and Filter Action associated with the rule(s)? (Y/N) |
18750 | 您確定要刪除所有原則嗎 | Are you sure to delete all policies from |
18780 | 下列原則/規則正在使用它 |
Following policies/rule(s) are using it |
18781 | --------------------------------------- |
--------------------------------------- |
18782 | 規則名稱 : %1!s! |
Rule Name : %1!s! |
18783 | 規則名稱 : 無 |
Rule Name : NONE |
18794 | 時間應該是在 %1!d! 和 %2!d! kBytes 之間 |
Life should be within %1!d! and %2!d! kBytes |
18802 | 新增原則已建立和更新成功 |
New Policy is created and updated successfully |
18805 | 正在建立名稱為 '%1!s!' 的新增原則... |
Creating new Policy with name '%1!s!'... |
18806 | 正在建立名稱為 '%1!s!' 的新增原則和設定它到 '%2!s!'... |
Creating new Policy with name '%1!s!' and setting it to '%2!s!'... |
18840 | 目的地 IP 位址已當作是 'me' |
Destination IP address has been taken as 'me' |
18841 | 來源 IP 位址已當作是 'me' |
Source IP address has been taken as 'me' |
18848 | 新增規則已建立和更新成功 |
New Rule was created and updated successfully |
18849 | 正在建立名稱為 '%1!s!' 的新增規則... |
Creating new Rule with name '%1!s!' ... |
18855 | 正在建立名稱為 '%1!s!' 的新增規則和設定它到 '%2!s!' ... |
Creating new Rule with name '%1!s!' and setting it to '%2!s!' ... |
18856 | 伺服器位址類型或位址類型 ME、ANY 或位址範圍無法被通道端點指定。 |
Server address types, address types ME or ANY, or address ranges cannot be specified for tunnel endpoint. |
18861 | 您想要建立新增原則嗎? (是/否) |
Would you like to create a new policy? (Y/N) |
18868 | 憑證到帳戶對應只能在 Active Directory 網域成員啟用。將忽視選項。 |
Certificate-to-account mapping can only be enabled on Active Directory domain members. The option will be ignored. |
18869 | 憑證到帳戶對應: 是 |
Cert To Account Mapping: YES |
18870 | 憑證到帳戶對應: 否 |
Cert To Account Mapping: NO |
18871 | 如果儲存是網域和已指定指派,則需要 GPO 名稱 |
If store is domain and assign is specified, GPO name is required |
18872 | 如果指定 GPO 名稱,表示您是在網域原則存放區操作。 |
If GPO name is specified, then you must be operating on a domain policy store. |
18893 | 您想要建立新增規則嗎? (是/否) |
Would you like to create a new Rule? (Y/N) |
19002 | IKE MM 原則名稱 : %1!s! |
IKE MM Policy Name : %1!s! |
19012 | ANY | ANY |
19018 | IKE 軟 SA 存留期 : %1!u! 秒 |
IKE Soft SA Lifetime : %1!u! secs |
19023 | [%1!S!] | [%1!S!] |
19025 | 'Netsh ipsec' 內容和目標電腦不相容。 |
The 'Netsh ipsec' context is not compatible with the target machine. |
19102 | 主要模式原則無法使用。 |
Mainmode Policies not available. |
19104 | 所指定的主要模式原則無法使用 |
Specified Mainmode Policy not available |
19106 | 加密 完整性 DH 存留期 (Kb:秒) QM 限制 每 MM |
Encryption Integrity DH Lifetime (Kb:secs) QM Limit Per MM |
19107 | ---------- --------- ---- ------------------ --------------- |
---------- --------- ---- ------------------ --------------- |
19121 | DES | DES |
19122 | 不明 | UNKNOWN |
19123 | 3DES | 3DES |
19129 | %1!-5lu! %2!lu!:%3!lu! %4!-10lu! | %1!-5lu! %2!lu!:%3!lu! %4!-10lu! |
19130 | %1!-5lu! %2!lu!:%3!lu! 1 (MMPFS) | %1!-5lu! %2!lu!:%3!lu! 1 (MMPFS) |
19153 | 快速模式原則無法使用。 |
Quickmode Policies not available. |
19155 | 所指定的快速模式原則無法使用 |
Specified Quickmode Policy not available |
19156 | QM 交涉原則名稱 : %1!s! |
QM Negotiation Policy Name : %1!s! |
19158 | 安全性方式 存留期 (Kb:秒) PFS DH 設定 |
Security Methods Lifetime (Kb:secs) PFS DH Group |
19159 | ------------------------- --------------------- ------------ |
------------------------- --------------------- ------------ |
19165 | AH[MD5] | AH[MD5] |
19166 | AH[SHA1] | AH[SHA1] |
19167 | AH[NONE] | AH[NONE] |
19168 | ESP[ DES, | ESP[ DES, |
19169 | ESP[ ERR, | ESP[ ERR, |
19170 | ESP[3DES, | ESP[3DES, |
19171 | ESP[NONE, | ESP[NONE, |
19172 | MD5] | MD5] |
19173 | SHA1] | SHA1] |
19174 | NONE] | NONE] |
19176 | 低 (1) | Low (1) |
19178 | %1!10lu!:%2!-10lu! | %1!10lu!:%2!-10lu! |
19179 | 繼承主要模式 | Main Mode Derived |
19180 | 高 (2048) | High (2048) |
19181 | AH[ERR] | AH[ERR] |
19182 | ERR] | ERR] |
19183 | 錯誤 | ERROR |
19192 | + | + |
19193 | 媒體 (2) | Medium (2) |
19198 | 篩選器名稱 : %1!s! |
Filter name : %1!s! |
19200 | 標準主要模式篩選器無法使用。 |
Generic Mainmode Filters not available. |
19201 | 特定主要模式篩選器無法使用。 |
Specific Mainmode Filters not available. |
19202 | 指定的主要模式篩選器無法使用。 |
Specified Mainmode Filter not available. |
19203 | 主要模式篩選器: |
Main Mode Filters: |
19204 | 一般 | Generic |
19205 | ------------------------------------------------------------------------------- |
------------------------------------------------------------------------------- |
19206 | 指定的 | Specific |
19207 | 輸出 | Outbound |
19208 | 輸入 | Inbound |
19209 | 重量 : %1!d! |
Weight : %1!d! |
19210 | %1!d! 標準篩選器 |
%1!d! Generic Filter(s) |
19211 | %1!d! 特地輸出篩選器 |
%1!d! Specific Outbound Filter(s) |
19212 | %1!d! 特定輸入篩選器 |
%1!d! Specific Inbound Filter(s) |
19219 | 全部 | ALL |
19220 | LAN | LAN |
19221 | 撥號 | DIALUP |
19229 | 未知 | Unknown |
19236 | 連線類型 : |
Connection Type : |
19237 | 驗證方法 : |
Authentication Methods : |
19238 | 預先共用金鑰 |
Preshared key |
19240 | Kerberos |
Kerberos |
19241 | 安全性方式 : |
Security Methods : |
19242 | %1!d! | %1!d! |
19243 | (預設) | (default) |
19244 | NONE/ | NONE/ |
19245 | DES/ | DES/ |
19246 | UNKNOWN/ | UNKNOWN/ |
19247 | 3DES/ | 3DES/ |
19249 | MD5/ | MD5/ |
19250 | SHA1/ | SHA1/ |
19251 | DH%1!lu!/%2!lu!/QMlimit=%3!lu! | DH%1!lu!/%2!lu!/QMlimit=%3!lu! |
19265 | 標準快速模式篩選器無法使用。 |
Generic Quickmode Filters not available. |
19266 | 特定快速模式篩選器無法使用。 |
Specific Quickmode Filters not available. |
19267 | 指定的快速模式篩選器無法使用。 |
Specified Quickmode Filter not available. |
19268 | 快速模式篩選器(傳輸): |
Quick Mode Filters(Transport): |
19269 | 傳輸規則 |
Transport Rules |
19270 | 通道規則 |
Tunnel Rules |
19271 | MM 篩選器名稱 : %1!s! |
MM Filter Name : %1!s! |
19272 | QM 篩選器名稱 : %1!s! |
QM Filter Name : %1!s! |
19273 | 主要模式原則 : %1!s! |
Main Mode Policy : %1!s! |
19274 | %1!d! 傳輸篩選器 |
%1!d! Transport Filter(s) |
19275 | %1!d! 通道篩選器 |
%1!d! Tunnel Filter(s) |
19276 | 快速模式篩選器(通道): |
Quick Mode Filters(Tunnel): |
19278 | 規則無法使用。 |
Rules not available. |
19280 | 輸入動作 : Passthru |
Inbound Action : Passthru |
19281 | 輸入動作 : 交涉 |
Inbound Action : Negotiate |
19282 | 輸入動作 : 封鎖 |
Inbound Action : Blocking |
19283 | 輸入動作 : 不明 |
Inbound Action : Unknown |
19284 | 輸出動作 : Passthru |
Outbound Action : Passthru |
19285 | 輸出動作 : 交涉 |
Outbound Action : Negotiate |
19286 | 輸出動作 : 封鎖 |
Outbound Action : Blocking |
19287 | 輸出動作 : 不明 |
Outbound Action : Unknown |
19292 | %1!-5lu! | %1!-5lu! |
19293 | 通道來源 : |
Tunnel Source : |
19294 | 通道目的地 : |
Tunnel Destination : |
19295 | 來源連接埠: %1!-4lu! 目的地連接埠: %2!-4lu! | Src Port: %1!-4lu! Dest Port: %2!-4lu! |
19296 | 鏡像處理 : 是 |
Mirrored : yes |
19297 | 鏡像處理 : 否 |
Mirrored : no |
19298 | 快速模式原則 : %1!s! |
Quick Mode Policy : %1!s! |
19299 | 通訊協定 : |
Protocol : |
19300 | IKE 統計 |
IKE Statistics |
19301 | -------------- |
-------------- |
19302 | IKE 統計無法使用。 |
IKEStatistics not available. |
19303 | 主要模式 : %1!S! |
Main Modes : %1!S! |
19304 | 快速模式 : %1!S! |
Quick Modes : %1!S! |
19305 | 軟 SA : %1!S! |
Soft SAs : %1!S! |
19306 | 驗證失敗 : %1!S! |
Authentication Failures : %1!S! |
19307 | 使用中擷取 : %1!S! |
Active Acquire : %1!S! |
19308 | 使用中接收 : %1!S! |
Active Receive : %1!S! |
19309 | 擷取失敗 : %1!S! |
Acquire fail : %1!S! |
19310 | 接收失敗 : %1!S! |
Receive fail : %1!S! |
19311 | 傳送失敗 : %1!S! |
Send fail : %1!S! |
19312 | 擷取堆積大小 : %1!S! |
Acquire Heap size : %1!S! |
19313 | 接收堆積大小 : %1!S! |
Receive Heap size : %1!S! |
19314 | 交涉失敗 : %1!S! |
Negotiation Failures : %1!S! |
19315 | 接收到不正確的 Cookie : %1!S! |
Invalid Cookies Rcvd : %1!S! |
19316 | 總共擷取 : %1!S! |
Total Acquire : %1!S! |
19317 | TotalGetSpi : %1!S! |
TotalGetSpi : %1!S! |
19318 | TotalKeyAdd : %1!S! |
TotalKeyAdd : %1!S! |
19319 | TotalKeyUpdate : %1!S! |
TotalKeyUpdate : %1!S! |
19320 | GetSpiFail : %1!S! |
GetSpiFail : %1!S! |
19321 | KeyAddFail : %1!S! |
KeyAddFail : %1!S! |
19322 | KeyUpdateFail : %1!S! |
KeyUpdateFail : %1!S! |
19323 | IsadbListSize : %1!S! |
IsadbListSize : %1!S! |
19324 | ConnListSize : %1!S! |
ConnListSize : %1!S! |
19325 | 接收到不正確的封包 : %1!S! |
Invalid Packets Rcvd : %1!S! |
19326 | IPsec 統計 |
IPsec Statistics |
19327 | ---------------- |
---------------- |
19328 | IPsec 統計無法使用。 |
IPsecStatistics not available. |
19329 | 使用中關聯 : %1!S! |
Active Assoc : %1!S! |
19330 | 卸載 SA : %1!S! |
Offload SAs : %1!S! |
19331 | 擱置金鑰 : %1!S! |
Pending Key : %1!S! |
19332 | 金鑰新增 : %1!S! |
Key Adds : %1!S! |
19333 | 金鑰刪除 : %1!S! |
Key Deletes : %1!S! |
19334 | 登錄機碼 : %1!S! |
ReKeys : %1!S! |
19335 | 使用中通道 : %1!S! |
Active Tunnels : %1!S! |
19336 | 不良的 SPI 封包 : %1!S! |
Bad SPI Pkts : %1!S! |
19337 | 封包沒有解密 : %1!S! |
Pkts not Decrypted : %1!S! |
19338 | 封包沒有驗證 : %1!S! |
Pkts not Authenticated : %1!S! |
19339 | 有重新執行偵測的封包 : %1!S! |
Pkts with Replay Detection : %1!S! |
19340 | 已傳送的機密位元組 : %1!S! |
Confidential Bytes Sent : %1!S! |
19341 | 已接收的機密位元組 : %1!S! |
Confidential Bytes Received : %1!S! |
19342 | 已傳送的驗證位元組 : %1!S! |
Authenticated Bytes Sent : %1!S! |
19343 | 已接收的驗證位元組 : %1!S! |
Authenticated Bytes Received: %1!S! |
19344 | 已傳送的傳輸位元組 : %1!S! |
Transport Bytes Sent : %1!S! |
19345 | 已接收的傳輸位元組 : %1!S! |
Transport Bytes Received : %1!S! |
19346 | 已傳送的卸載位元組 : %1!S! |
Offloaded Bytes Sent : %1!S! |
19347 | 已接收的卸載位元組 : %1!S! |
Offloaded Bytes Received : %1!S! |
19348 | 已傳送到通道的位元組 : %1!S! |
Bytes Sent In Tunnels : %1!S! |
19349 | 通道裡已接受的位元組 : %1!S! |
Bytes Received In Tunnels : %1!S! |
19350 | Cookie 雙對 : |
Cookie Pair : |
19351 | %1!02x! | %1!02x! |
19352 | 第二方式 : |
Sec Methods : |
19359 | /%1!d!/%2!d! | /%1!d!/%2!d! |
19360 | 驗證模式 : |
Auth Mode : |
19361 | 預先共用金鑰 | Preshared Key |
19362 | DSS 簽章 | DSS Signature |
19363 | RSA 簽章 | RSA Signature |
19364 | RSA 加密 | RSA Encryption |
19365 | Kerberos | Kerberos |
19366 | 來源 : |
Source : |
19367 | ,連接埠 %1!d! | , port %1!d! |
19368 | ID : |
ID : |
19369 | ID : %1!s! |
ID : %1!s! |
19370 | 目的地 : |
Destination : |
19371 | 目的地 安全性方式 |
Destination SecurityMethods |
19372 | 建立的日期/時間 |
Date/Time Created |
19373 | -------------------------------------------------------- ---------------------- |
-------------------------------------------------------- ---------------------- |
19374 | [ID:%1!-35s!] | [ID:%1!-35s!] |
19375 | DNS: %1!-51S! |
DNS: %1!-51S! |
19377 | 正在發行 CA :%1!s! |
Issuing CA :%1!s! |
19378 | 指紋 : |
Thumbprint : |
19380 | : | : |
19381 | / | / |
19382 | 19383 根 CA : %1!s! |
19383 Root CA : %1!s! |
19384 | %S | %S |
19385 | ( | ( |
19386 | ) |
) |
19387 | 根 CA : %1!s! | Root CA : %1!s! |
19397 | IPsec 主要模式安全性關聯無法使用。 |
IPsec MainMode Security Associations not available. |
19398 | 在 %1!s! 的 IKE 主要模式 SA |
IKE Main Mode SAs at %1!s! |
19400 | 指定的主要模式安全性關聯無法使用。 |
Specified MainMode Security Associations not available. |
19401 | 快速模式 SA |
Quick Mode SAs |
19402 | -------------- |
-------------- |
19403 | IPsec 快速模式安全性關聯無法使用。 |
IPsec QuickMode Security Associations not available. |
19404 | 指定的快速模式安全性關聯無法使用。 |
Specified QuickMode Security Associations not available. |
19410 | 傳輸篩選器 |
Transport Filter |
19411 | 通道篩選器 |
Tunnel Filter |
19412 | 不明 |
Unknown |
19413 | 原則名稱 : %1!s! |
Policy Name : %1!s! |
19414 | 來源位址 : |
Source Address : |
19415 | 目的地位址 : |
Destination Address : |
19416 | 通訊協定 : %1!lu! |
Protocol : %1!lu! |
19417 | 來源連接埠 : %1!u! |
Source Port : %1!u! |
19418 | 目的地連接埠 : %1!u! |
Destination Port : %1!u! |
19419 | 方向 : 輸入 |
Direction : Inbound |
19420 | 方向 : 輸出 |
Direction : Outbound |
19421 | 方向 : 錯誤 |
Direction : Error |
19422 | 使用的提供 |
Offer Used |
19423 | 通訊協定 : ICMP |
Protocol : ICMP |
19424 | 通訊協定 : TCP |
Protocol : TCP |
19425 | 通訊協定 : UDP |
Protocol : UDP |
19426 | 通訊協定 : RAW |
Protocol : RAW |
19427 | AH(b/r) ESP Con(b/r) ESP Int PFS DH 群組 |
AH(b/r) ESP Con(b/r) ESP Int PFS DH Group |
19428 | ---------- ------------- ------- ------------ |
---------- ------------- ------- ------------ |
19429 | 封裝類型 : IKE |
Encapsulation Type : IKE |
19430 | 封裝類型 : 其他 |
Encapsulation Type : Other |
19431 | 來源 UDP 封裝連接埠 : %1!u! |
Source UDP Encap port : %1!u! |
19432 | 目的地 UDP 封裝連接埠 : %1!u! |
Dest UDP Encap port : %1!u! |
19433 | 同儕節點私人位址 : |
Peer Private Addr : |
19434 | 通訊協定 : 任何 |
Protocol : ANY |
19441 | ) | ) |
19446 | IPsec 設定參數 |
IPsec Configuration Parameters |
19447 | ------------------------------ |
------------------------------ |
19448 | IPsecDiagnostics : %1!d![對於 Windows Vista 或更新的作業系統而言無效] |
IPsecDiagnostics : %1!d![Not valid for Windows Vista and later operating systems] |
19449 | IKElogging : %1!d! [對於 Windows Vista 或更新的作業系統而言無效] |
IKElogging : %1!d! [Not valid for Windows Vista and later operating systems] |
19450 | StrongCRLCheck : %1!d! |
StrongCRLCheck : %1!d! |
19451 | IPsecloginterval : %1!d![對於 Windows Vista 或更新的作業系統而言無效] |
IPsecloginterval : %1!d![Not valid for Windows Vista and later operating systems] |
19452 | NLBSFlags : %1!d![對於 Windows Vista 或更新的作業系統而言無效] |
NLBSFlags : %1!d![Not valid for Windows Vista and later operating systems] |
19453 | 旗標 : %1!d![對於 Windows Vista 或更新的作業系統而言無效] |
Flags : %1!d![Not valid for Windows Vista and later operating systems] |
19454 | IPsecexempt : %1!d! |
IPsecexempt : %1!d! |
19455 | 2048DHGroupId : %1!d![對於 Windows Vista 或更新的作業系統而言無效] |
2048DHGroupId : %1!d![Not valid for Windows Vista and later operating systems] |
19456 | IPsec 診斷層級超出範圍。範圍是 0 - 7。 |
IPsec Diagnostic Level is out of range. Range is 0 - 7. |
19457 | IKE Logging 超出範圍。範圍是 0 - 1。 |
IKE Logging is out of range. Range is 0 - 1. |
19458 | 強大 CRL 檢查層級超出範圍。範圍是 0 - 2。 |
Strong CRL Check Level is out of range. Range is 0 - 2. |
19459 | IPsec 記錄間隔已超出範圍。範圍是 60 - 86400。 |
IPsec Log Interval is out of range. Range is 60 - 86400. |
19460 | IPsec 解除層級超出範圍。範圍是 0 - 3。 |
IPsec Exemption Level is out of range. Range is 0 - 3. |
19461 | (有些 IPsec 設定參數沒有設定)。 |
(Some of the IPsec Configuration parameters are not set). |
19462 | 開機模式 : | Boot Mode : |
19463 | Stateful | Stateful |
19464 | 封鎖 | Block |
19465 | 允許 | Permit |
19476 | 沒有開機模式豁免事項 |
No bootmode exemptions |
19477 | 開機模式豁免事項 : | Boot Mode Exemptions : |
19478 | 通訊協定 Src 連接埠 Dst 連接埠 方向 |
Protocol Src Port Dst Port Direction |
19479 | --------- --------- --------- --------- |
--------- --------- --------- --------- |
19480 | 允許最多 1024 豁免事項 |
A maximum of 1024 exemptions are allowed. |
19800 | MD5(%1!02lu!/%2!-02lu!) 無 無 | MD5(%1!02lu!/%2!-02lu!) None None |
19801 | SHA1(%1!02lu!/%2!-02lu!) 無 無 | SHA1(%1!02lu!/%2!-02lu!) None None |
19802 | 無 無 無 | None None None |
19803 | 無 DES (%1!02lu!/%2!-02lu!) | None DES (%1!02lu!/%2!-02lu!) |
19804 | 無 未知 | None Unknown |
19805 | 無 3DES(%1!02lu!/%2!-02lu!) | None 3DES(%1!02lu!/%2!-02lu!) |
19806 | 無 無 | None None |
19811 | certmap | certmap |
19812 | excludecaname | excludecaname |
22001 | ERR Win32[%1!05d!] : %2!s! | ERR Win32[%1!05d!] : %2!s! |
22002 | ERR IPsec[%1!05d!] : | ERR IPsec[%1!05d!] : |
22004 | ERR Win32[%1!05d!] : 無效的 Win32 錯誤碼 |
ERR Win32[%1!05d!] : Invalid Win32 Err Code |
22010 | 至少有一個必要參數尚未指定 |
One or more essential parameters not specified |
22011 | 引數不合。正確語法請查閱說明 |
Arguments are not matching. Check help for the correct syntax |
22012 | 沒有原則在原則存放區 |
No Policies in Policy Store |
22013 | 無法開啟原則存放區 |
Unable to open Policy Store |
22014 | 沒有篩選器動作在原則存放區 |
No Filter Actions in Policy Store |
22015 | 沒有篩選器清單在原則存放區 |
No Filter Lists in Policy Store |
22016 | 名稱為 %1!s! 的原則不在原則存放區 |
Policy with name %1!s! not exists in Policy Store |
22017 | 內部錯誤,無效的切換情況。 |
Internal Error, Invalid Switch Case. |
22018 | 對引數 '%1!s!' 這是無效的參數 |
Invalid Parameter for the Argument '%1!s!' |
22019 | 指定的 IP 位址無效 |
IP Address specified is invalid |
22020 | 所給予的 dns 名稱 '%1!s!' 在 DNS 對應失敗 |
DNS lookup failed for the given dns name '%1!s!' |
22021 | '%1!s!' 在此內容不是有效的標記 |
'%1!s!' not a valid tag for this context |
22022 | '%1!s!' 標記已經存在 |
'%1!s!' tag already present |
22023 | 沒有引數 'assign = y/n' GPOname 就無法指定 |
GPOname cannot be specified without argument 'assign = y/n' |
22024 | 所給予的命令需要標記 'Name' 或 'GUID' |
Tag 'Name' or 'GUID' needed for the given command |
22025 | 需要 '%1!s!' 標記 |
'%1!s!' tag is needed |
22026 | 對標記 '%2!s!' 而言 '%1!s!' 是無效的引數 |
'%1!s!' is not a valid argument for the tag '%2!s!' |
22027 | 首碼應該僅介於 1 和 32 |
Prefix should be between 1 and 32 only |
22028 | '%1!s!' 不是有效的遮罩/首碼 |
'%1!s!' is not a valid Mask/Prefix |
22029 | 所提供的引數是 null |
The argument supplied is null |
22030 | 所指定的存留期 'Seconds' 超出限制。它應該介於 '%1!d!' 和 '%2!d!' 之間 |
The 'Seconds' LifeTime specified is out of limit. It should be in between '%1!d!' and '%2!d!' only |
22031 | 指定的 'Kbytes' 超出限制。它應該介於 '%1!d!' 和 '%2!d!' 之間 |
The 'Kbytes' specified is out of limit. It should be in between '%1!d!' and '%2!d!' only |
22032 | Rekey 單位 (k/s) 無效 |
The Rekey Unit (k/s) is invalid |
22033 | 指定無效的 HASH 引數 |
Invalid HASH algorithm specified |
22034 | 指定不完整的 ESP |
Incomplete ESP specified |
22035 | '%1!s!' 的 Algo's 指定重複 |
Duplicate Algo's specified for '%1!s!' |
22036 | 無而且不允許無 |
None and None not allowed |
22037 | 指定無效的 IPsec 通訊協定。它應該僅是 ESP 或 AH |
Invalid IPsec protocol specified. It should be ESP or AH only |
22038 | 已經超過最大 OFFERS 數 [%1!d!] |
Max Number of OFFERS[%1!d!] is crossed |
22039 | QM_OFFERS 無效。不允許 Encryption+Encryption 或 Authentication+Authentication |
Invalid QM_OFFERS. Encryption+Encryption or Authentication+Authentication are not allowed |
22040 | QMOffers 的存留期或指定資料無效。 |
Invalid Lifetime or Data specification for QMOffers. |
22041 | 為 MMOFFER 指定的 PFS 群組無效 |
Invalid PFS Group specified for MMOFFER |
22042 | P1 群組遺失 |
P1 Group missing |
22043 | 指定無效的 MMOFFER |
Invalid MMOFFER is specified |
22044 | 檔案名稱必須只包含 .ipsec 副檔名 |
File name should contain .ipsec extension only |
22045 | '%1!s!' 和 ALL 不允許 |
'%1!s!' and ALL not allowed |
22046 | 未指定預先共用金鑰 |
Preshared key not specified |
22047 | 指定無效的 Authmethod |
Invalid Authmethod is specified |
22048 | 指定無效的憑證 |
Invalid Certificate specified |
22049 | 指定多個 '%1!s!' 參數。只能允許一個。 |
Multiple '%1!s!' parameters are specified. Only one is allowed. |
22050 | 指定的連接埠無效。 |
The Port specified is invalid. |
22051 | 引數的數目較多,被截斷的 |
No of arguments are more,truncated |
22052 | 指定無效的 QMOFFER |
Invalid QMOFFER specified |
22053 | 指定無效的通道 IP |
Invalid Tunnel IP specified |
22054 | 沒有來源或目的地位址就無法指定通訊協定 |
Protocol can't be specified without source and destination addresses |
22055 | 指定的子網路遮罩無效 |
Subnet mask specified is invalid |
22056 | 無標記引數只能是電腦或網域 |
Non-tagged arg can only be machine or domain |
22057 | ERR WIN32[00014] : 沒有足夠的記憶體來完成這個操作。 |
ERR WIN32[00014] : There is not enough memory to complete this operation. |
22058 | 指定的連接埠無效。它應該只小於 '%1!d!' |
The Port specified is invalid. It should be in less than '%1!d!' only |
22100 | 遺失原則名稱 |
Missing Policy Name |
22101 | 輪詢間隔應該在 %1!d! 和 %2!d! 分鐘之間 |
Polling Interval should be within %1!d! and %2!d! minutes |
22102 | 快速模式限制應該在 %1!d! 和 %2!d! 工作階段之間 |
Quickmode limit should be within %1!d! and %2!d! sessions |
22103 | 存留期應該在 %1!d! 和 %2!d! 分鐘之間 |
Lifetime should be within %1!d! and %2!d! minutes |
22111 | 原則 '%1!s!' 已經存在 |
Policy with name '%1!s!' already exists |
22112 | 加入預設回應規則時產生錯誤 |
Error while adding Default Response Rule |
22113 | 建立原則 '%1!s!' 時產生錯誤 |
Error while creating Policy with name '%1!s!' |
22114 | 由於在載入預設 auth 方法時失敗,所以建立原則 '%1!s!' 時產生錯誤 |
Error while creating policy with name '%1!s!' due to failure in loading default auth methods |
22121 | 遺失 FilterList 名稱 |
Missing FilterList Name |
22122 | FilterList 名稱 '%1!s!' 已經存在 |
FilterList with name '%1!s!' already exists |
22123 | FilterList 名稱 '%1!s!'時產生錯誤 |
Error while creating FilterList with name '%1!s!' |
22124 | 指定無效的 GUID |
Invalid GUID specified |
22131 | 建立指定的篩選器時產生錯誤 |
Error while creating the specified Filter |
22141 | FilterAction '%1!s!' 已經存在 |
FilterAction with name '%1!s!' already exists |
22142 | 建立 FilterAction '%1!s!' 時產生錯誤 |
Error while creating FilterAction with name '%1!s!' |
22143 | Permit 或 Block 類型的 FilterAction 中 Inpass,Qmpfs,Soft 和 Qmsec 選項無效。您必須指定 'action = negotiate' |
Inpass, Qmpfs, Soft and Qmsec options are not valid for the Permit or Block type FilterAction. 'action = negotiate' needs to be specified |
22144 | 至少必須指定一個快速模式安全性方法 |
Atleast One Quick mode Security method needs to be specified |
22151 | 規則名稱遺失 |
Missing Rule Name |
22152 | FilterAction 名稱遺失 |
Missing FilterAction Name |
22153 | 名稱為 '%1!s!' 的原則不存在 |
Policy with name '%1!s!' does not exist |
22154 | 名稱為 '%1!s!' 的規則已經存在原則 '%2!s!' 中 |
Rule with name '%1!s!' already exists in policy '%2!s!' |
22155 | 名稱為 '%1!s!' 的 FilterAction 不存在 |
FilterAction with name '%1!s!' does not exist |
22156 | 在 FilterList 中沒有名稱為 '%1!s!' 的篩選器 |
No Filters in FilterList with name '%1!s!' |
22157 | 建立名稱為 '%1!s!' 的規則時產生錯誤 |
Error while creating Rule with name '%1!s!' |
22158 | 遺失規則名稱或規則識別碼 |
Missing Rule Name or Rule ID |
22159 | GUID %1!s! 的原則不存在 |
Policy with GUID %1!s! does not exist |
22160 | GUID %1!s! 的 FilterAction 不存在 |
FilterAction with GUID %1!s! does not exist |
22161 | 由於在載入預設 auth 方法時失敗,所以建立規則 '%1!s!' 時產生錯誤 |
Error while creating Rule with name '%1!s!' due to failure in loading default auth methods |
22165 | 憑證解碼操作失敗 |
Certificate decoding operation failed |
22166 | 名稱為 '%1!s!' 的原則不存在現存電腦網域中 |
Policy with name '%1!s!' does not exist in current machine's domain |
22167 | 指定無效的通道 IP 位址 |
Invalid Tunnel IP Address Specified |
22168 | FilterList 名稱 '%1!s!' 不存在 |
FilterList with name '%1!s!' does not exist |
22169 | 伺服器不能同時被來源和目的雙方所指定 |
Servers cannot be specified for both source and destination sides |
22170 | GUID %1!s! 的 FilterList 不存在 |
FilterList with GUID %1!s! does not exist |
22171 | 沒有目錄服務可用 |
No Directory Service available |
22172 | 名稱為 '%1!s!' 的 GPO 沒有存在目前的電腦網域 |
GPO with name '%1!s!' does not exist in current machine's domain |
22173 | 在指派原則到名稱為 '%1!s!' 的 GPO 時產生錯誤或指定的 GPO 不存在 |
Error while assigning the Policy to the GPO with name '%1!s!' or specified GPO does not exist |
22174 | 更新名稱為 '%1!s!' 的原則時產生錯誤 |
Error while updating the Policy with name '%1!s!' |
22175 | 更新 GUID %1!s! 的原則時產生錯誤 |
Error while updating the Policy with GUID %1!s! |
22176 | 從名稱為 '%1!s!' 的 GPO 解除指派原則時產生錯誤或指定的 GPO 不存在 |
Error while unassigning the Policy from the GPO with name '%1!s!' or specified GPO does not exist |
22181 | 更新名稱為 '%1!s!' 的 FilterList 時產生錯誤 |
Error while updating FilterList with name '%1!s!' |
22182 | 更新名稱為 GUID %1!s! 的 FilterList 時產生錯誤 |
Error while updating FilterList with GUID %1!s! |
22191 | 更新名稱為 '%1!s!' 的 FilterAction 時產生錯誤 |
Error while updating FilterAction with name '%1!s!' |
22192 | 更新 GUID %1!s! 的 FilterAction 時產生錯誤 |
Error while updating FilterAction with GUID %1!s! |
22201 | 名稱為 '%1!s!' 的規則不存在原則 '%2!s!'中 |
Rule with name '%1!s!' does not exist in Policy '%2!s!' |
22202 | 更新名稱為 '%1!s!' 的規則時產生錯誤 |
Error while updating rule with name '%1!s!' |
22203 | 預設規則無法更新這個命令。請使用命令 'set defaultrule' |
Default rule cannot be updated with this command. Use the 'set defaultrule' command |
22204 | 識別碼為 %1!d! 的規則不存在原則 '%2!s!' 中 |
Rule with ID %1!d! does not exist in Policy '%2!s!' |
22205 | 指定無效的規則識別碼 |
Invalid Rule ID Specified |
22211 | 更新名為 '%1!s!' 原則中的預設規則時產生錯誤 |
Error while updating Default Rule of Policy with name '%1!s!' |
22221 | 沒有指定檔案名稱 |
No file name specified |
22222 | 無效的檔案/路徑名稱 |
Invalid File / Path name |
22223 | 匯入原則時產生錯誤 |
Error while importing policies |
22231 | 匯出原則時產生錯誤 |
Error while exporting policies |
22235 | 還原預設原則時產生錯誤 |
Error while restoring default policies |
22236 | 這個命令只有在本機儲存區上可用 |
This command is only available for the local store |
22237 | 網域名稱無效。名稱為 '%1!s!' 的網域不存在 |
Invalid Domain Name. Domain with name '%1!s!' does not exist |
22238 | 您的電腦不是網域成員 |
Your machine is not a member of domain |
22241 | 刪除名稱為 '%1!s!' 的原則時產生錯誤 |
Error while deleting Policy with name '%1!s!' |
22242 | 沒有名稱為 '%1!s!' 的原則 |
No Policy with name '%1!s!' |
22251 | 無法刪除名稱為 '%1!s!' 的 FilterList | FilterList with name '%1!s!' cannot be deleted |
22252 | 刪除名稱為 '%1!s!' 的 FilterList 時產生錯誤 | Error while deleting FilterList with name '%1!s!' |
22255 | 沒有名稱為 '%1!s!' 的 FilterList |
No FilterList with name '%1!s!' |
22256 | 已指定內容的篩選器不在名為 '%1!s!' 的 FilterList 內 |
Filter with the specified spec does not exist in FilterList with name '%1!s!' |
22261 | 刪除指定內容的篩選器後,在更新名為 '%1!s!' 的 FilterList 時產生錯誤 |
Error while updating FilterList with name '%1!s!' after deletion of the specified filter |
22265 | 無法刪除名稱為 '%1!s!' 的 FilterAction | FilterAction with name '%1!s!' cannot be deleted |
22266 | 刪除名稱為 '%1!s!' 的 FilterAction 時產生錯誤 | Error while deleting FilterAction with name '%1!s!' |
22267 | 沒有名稱為 '%1!s!' 的 FilterAction |
No FilterAction with name '%1!s!' |
22271 | 刪除名稱為 '%1!s!' 的規則時產生錯誤 |
Error while deleting Rule with name '%1!s!' |
22272 | 刪除識別碼為 %1!d! 的規則時產生錯誤 |
Error while deleting Rule with ID %1!d! |
22273 | 無法刪除預設回應規則 |
Default Response Rule cannot be deleted |
22274 | 沒有名稱為 '%1!s!' 的規則 |
No Rule with name '%1!s!' |
22275 | 沒有識別碼為 %1!d! 的規則 |
No Rule with ID %1!d! |
22276 | 沒有指定原則名稱 |
No Policy name specified |
22281 | 正在展開名為 '%1!s!' 原則的 NegPol 資訊時產生錯誤 |
Error while extracting NegPol info of Policy with name '%1!s!' |
22282 | 正在展開名為 '%1!s!' 原則的篩選器資訊時產生錯誤 |
Error while extracting Filter info of Policy with name '%1!s!' |
22283 | 正在展開名為 '%1!s!' 原則的 ISAKMP 資訊時產生錯誤 |
Error while extracting ISAKMP info of Policy with name '%1!s!' |
22290 | 沒有目前指派的原則 |
No currently assigned Policy |
22295 | 沒有 FilterList 存在原則存放區 |
No FilterList exists in Policy Store |
22296 | 沒有 FilterAction 存在原則存放區 |
No FilterAction exists in Policy Store |
22297 | 無效的 GPO 名稱或是沒有目前指派的原則 |
Either invalid GPO name or no currently assigned policy |
22298 | 使用網域儲存區時必須指定名稱 |
A name must be specified when using the domain store |
22299 | 指定無效的來源 IP 位址 |
Invalid Source IP Address specified |
22300 | 指定無效的來源 IP/Mask |
Invalid Source IP/Mask specified |
22301 | 位址衝突。來源和目的不能有相同的 IP/DNS |
Address Conflict. Source and Destination cannot have same IP/DNS |
22302 | 指定無效的伺服器 |
Invalid server specified |
22303 | 必須指定伺服器 |
Server needs to be specified |
22304 | 指定無效的目的 IP 位址 |
Invalid destination IP Address specified |
22305 | 指定無效的目的遮罩 |
Invalid destination mask specified |
22306 | 無效的 Newname。名稱為 '%1!s!' 的原則已經存在 |
Invalid Newname. Policy with name '%1!s!' already exists |
22307 | 無效的 Newname。名稱為 '%1!s!' 的規則已經存在 |
Invalid Newname. Rule with name '%1!s!' already exists |
22308 | 無效的 Newname。名稱為 '%1!s!' 的 Filterlist 已經存在 |
Invalid Newname. Filterlist with name '%1!s!' already exists |
22309 | 無效的 Newname。名稱為 '%1!s!' 的 Filteraction 已經存在 |
Invalid Newname. Filteraction with name '%1!s!' already exists |
22310 | 如果指定類型,就必須指定 'all' |
If a type is specified, 'all' needs to be specified |
22311 | 這項操作產生內部錯誤 |
Internal error occurred during this operation |
22312 | 在原則 '%1!s!' 中沒有通道類型的規則存在 |
No Tunnel type rules exist in policy '%1!s!' |
22313 | 這個命令不允許更新預設 Filteraction。請用 'Set DefaultRule' 命令。 |
Updating default Filteraction is not allowed through this command. Use 'Set DefaultRule' command. |
22314 | 名稱為 '%1!s!' 的原則有 READONLY 屬性。拒絕更新 |
Policy with name '%1!s!' has READONLY attribute. Updation denied |
22315 | 指定的規則有 READONLY 屬性。拒絕更新 |
Specified Rule has READONLY attribute. Updation denied |
22316 | 名稱為 '%1!s!' 的 Filteraction 有 READONLY 屬性。拒絕更新 |
Filteraction with name '%1!s!' has READONLY attribute. Updation denied |
22317 | 名稱為 '%1!s!' 的 FilterList 有 READONLY 屬性。拒絕更新 |
FilterList with name '%1!s!' has READONLY attribute. Updation denied |
22318 | 名稱為 '%1!s!' 的原則有 READONLY 屬性。拒絕刪除 |
Policy with name '%1!s!' has READONLY attribute. Deletion denied |
22319 | 名稱為 '%1!s!' 的規則有 READONLY 屬性。拒絕刪除 |
Rule with name '%1!s!' has READONLY attribute. Deletion denied |
22320 | 名稱為 '%1!s!' 的 Filteraction 有 READONLY 屬性。拒絕刪除 |
Filteraction with name '%1!s!' has READONLY attribute. Deletion denied |
22321 | 名稱為 '%1!s!' 的 FilterList 有 READONLY 屬性。拒絕刪除 |
FilterList with name '%1!s!' has READONLY attribute. Deletion denied |
22322 | 使用本機儲存區時不能指定名稱 |
No name can be specified when using the local store |
22323 | Windows Vista 和較新版本的 Windows 不支援預設回應規則。 |
Default response rule is not supported on Windows Vista and later versions of Windows. |
23001 | 當 ActionInbound 或 ActionOutbound 指定為 NEGOTIATE 時,必須有 QMPolicy。 |
QMPolicy is needed when ActionInbound or ActionOutbound specified as NEGOTIATE. |
23002 | 連接埠號碼對 TCP 或 UDP 通訊協定有效,沒有 PortNumber 仍可繼續 |
Port number valid for TCP or UDP protocols, continuing without PortNumber. |
23003 | 指定的 QMPolicy 不存在。 |
Specified QMPolicy does not exist. |
23004 | 指定的 MainMode 原則不存在。 |
Specified MainMode Policy does not exist. |
23006 | 如果 ActionInbound 或 ActionOutbound 都未指定為 NEGOTIATE,就不能有 IPsec 原則。 |
Cannot have IPsec policy when neither ActionInbound or ActionOutbound are specified as NEGOTIATE. |
23007 | Mirror = Yes 對通道規則無效。 |
Mirror = Yes is not valid for Tunnel Rule. |
23011 | 指定的 MainMode 篩選器不存在。 |
Specified MainMode Filter does not exist. |
23012 | 指定的傳輸篩選器不存在。 |
Specified Transport Filter does not exist. |
23013 | 指定的通道篩選器不存在。 |
Specified Tunnel Filter does not exist. |
23014 | 無法使用 MainMode 原則。 |
MainMode Policies are not available. |
23015 | 無法使用 QuickMode 原則。 |
QuickMode Policies are not available. |
23021 | 所給予名稱的 MainMode 原則已經存在。 |
MainMode Policy with the given name already exists. |
23031 | 所給予名稱的 QuickMode 原則已經存在。 |
QuickMode Policy with the given name already exists. |
23061 | MainMode 篩選器不存在。 |
MainMode Filters do not exist. |
23062 | 指定的 MainMode 篩選器不存在而且找不到原則。 |
Specified MainMode Filter does not exist and Policy is not found. |
23063 | 指定的 MainMode 原則不存在或是和指定的 MainMode 篩選器沒有關連。 |
Specified MainMode Policy either does not exist or not associated with specified MainMode Filter. |
23071 | QuickMode 篩選器不存在。 |
QuickMode Filters do not exist. |
23072 | 指定的 QuickMode 篩選器不存在並且找不到原則。 |
Specified QuickMode Filter does not exist and Policy is not found. |
23073 | 指定的 QuickMode 原則不存在或是和 QuickMode 篩選器沒有關連。 |
Specified QuickMode Policy either does not exist or is not associated with QuickMode Filter. |
23074 | 指定的 QuickMode 篩選器不存在。 |
Specified QuickMode Filter does not exist. |
23075 | 已經用過驗證方法。 |
Authentication method(s) being used. |
23076 | 無法刪除 %1!d! MMFilter 物件。 |
%1!d! MMFilter object(s) could not be deleted. |
23077 | 無法刪除 %1!d! 運輸篩選器物件。 |
%1!d! Transport Filter object(s) could not be deleted. |
23078 | 無法刪除 %1!d! 通道篩選器物件。 |
%1!d! Tunnel Filter object(s) could not be deleted. |
23081 | IPsec 原則代理服務沒有啟動。 |
The IPsec Policy Agent service is not active. |
23082 | 原則代理服務啟動成功。 |
Policy Agent service successfully started. |
23090 | 分析器的權杖錯誤,應該為 IPSEC,IKE 或 ALL。 |
Wrong token from Parser, Should be either IPSEC, IKE or ALL. |
23091 | 從分析器接收到無效的 AddressType。 |
Invalid AddressType received from Parser. |
23092 | 來源和目的兩者不能為伺服器。 |
Source and Destination both cannot be Servers. |
23093 | 通道來源和通道目的兩者不能為伺服器。 |
Tunnel Source and Tunnel Destination both cannot be Servers. |
File Description: | 網路殼層 IP 安全性協助程式 DLL |
File Version: | 10.0.15063.0 (WinBuild.160101.0800) |
Company Name: | Microsoft Corporation |
Internal Name: | nshipsec.dll |
Legal Copyright: | © Microsoft Corporation. All rights reserved. |
Original Filename: | nshipsec.dll.mui |
Product Name: | Microsoft® Windows® Operating System |
Product Version: | 10.0.15063.0 |
Translation: | 0x404, 1200 |