|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Protocols and Routing IP, IPX and other protocol support |
 |
|
|
LinkBack | Thread Tools |
03-06-2009, 01:11 AM
|
#1 (permalink) |
|
Registered User
Join Date: Mar 2009
Posts: 1
OS: Windows Server 2008 Standard
|
netsh ipsec dynamic delete rule question
Hi all,
I'm trying to delete a dynamic ipsec rule, but it appears that Windows ipsec has a bug. The following works fine. I create a mmpolicy, qmpolicy and a rule. I can then delete the rule with no issues: netsh ipsec dynamic add mmpolicy name=test1 mmsecmethods="3DES-SHA1-2 3DES-MD5-2 3DES-SHA1-3" netsh ipsec dynamic add qmpolicy name=test2 pfsgroup=grp1 qmsecmethods="ESP[3DES,MD5]:50000K/3600S" netsh ipsec dynamic add rule srcaddr=192.168.69.200 dstaddr=192.168.11.1 mmpolicy=test1 qmpolicy=test2 protocol=ANY mirror=no conntype=all dstmask=255.255.255.255 psk=0000000000000000 netsh ipsec dynamic delete rule srcaddr=192.168.69.200 dstaddr=192.168.11.1 protocol=ANY srcport=0 dstport=0 mirrored=no conntype=all The following works fine but throws an error. The rule is deleted, but the command reports "ERR IPsec[06011] : Specified MainMode Filter does not exist. netsh ipsec dynamic add mmpolicy name=test1 mmsecmethods="3DES-SHA1-2 3DES-MD5-2 3DES-SHA1-3" netsh ipsec dynamic add qmpolicy name=test2 pfsgroup=grp1 qmsecmethods="ESP[3DES,MD5]:50000K/3600S" netsh ipsec dynamic add rule srcaddr=192.168.69.200 dstaddr=192.168.11.1 mmpolicy=test1 qmpolicy=test2 protocol=ANY mirror=no conntype=all dstmask=255.255.255.255 psk=0000000000000000 tunneldstaddr=127.0.0.1 netsh ipsec dynamic delete rule srcaddr=192.168.69.200 dstaddr=192.168.11.1 protocol=ANY srcport=0 dstport=0 mirrored=no conntype=all tunneldstaddr=127.0.0.1 We can check that the rule is gone by using the following command: netsh ipsec dynamic show rule The next example fails altogether to delete. Instead of specifying one address, a range is specifed. This is where I'm having problems. netsh ipsec dynamic add mmpolicy name=test1 mmsecmethods="3DES-SHA1-2 3DES-MD5-2 3DES-SHA1-3" netsh ipsec dynamic add qmpolicy name=test2 pfsgroup=grp1 qmsecmethods="ESP[3DES,MD5]:50000K/3600S" netsh ipsec dynamic add rule srcaddr=192.168.69.200 dstaddr=192.168.11.0 mmpolicy=test1 qmpolicy=test2 protocol=ANY mirror=no conntype=all dstmask=255.255.255.0 psk=0000000000000000 tunneldstaddr=127.0.0.1 netsh ipsec dynamic delete rule srcaddr=192.168.69.200 dstaddr=192.168.11.0 protocol=ANY srcport=0 dstport=0 mirrored=no conntype=all tunneldstaddr=127.0.0.1 I know it's possible to delete all policys and rules using the following, but I just want to delete one rule, not all of them. netsh ipsec dynamic delete all Thanks to anyone who can help. Might be a bug. I'm using Windows Server 2008 Standard, but Vista should show the same behaviour. |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
| Thread Tools | |
|
|
