Using the netsh advfirewall command

-

hello - i'm running following command on windows 2008 server create connection security rule between 2 devices.

netsh advfirewall consec add rule name=".secrule" endpoint1="192.168.0.1" endpoint2="192.168.0.2" action=requireinrequestout protocol=any interfacetype=any

when check properties of rule -> authentication -> method, advanced selected computer (kerb v5) first authentication.

does know how select method -> default script?

there simular post here no real answer http://social.technet.microsoft.com/forums/en-us/winserversecurity/thread/0d972d07-8089-4416-a1f6-0df7f4593b6c/

any appreciated.

regards

sarty

hi,

thanks post.

please note default authentication method computer (kerberos v5). if not specify authentication method in script, computer (kerberos v5) in advance. in command-line auth1=computerkerb. script, must specific authentication method used. cannot ui directly choose default method.

for more detailed information authentication method choose. previous post, please check following options.

                 (default)

      [auth1=computerkerb|computercert|computercertecdsap256|

         computercertecdsap384|computerpsk|computerntlm|anonymous[,...]]

     [auth1psk=<string>]

      [auth1ca="<ca name> [certmapping:yes|no] [excludecaname:yes|no]

         [catype:root|intermediate (default=root)] |..."]

      [auth1healthcert=yes|no (default=no)]

      [auth1ecdsap256ca="<ca name> [certmapping:yes|no]

         [excludecaname:yes|no]

         [catype:root|intermediate (default=root)] | ..."]

      [auth1ecdsap256healthcert=yes|no (default=no)]

      [auth1ecdsap384ca="<ca name> [certmapping:yes|no]

         [excludecaname:yes|no]

         [catype:root|intermediate (default=root)] | ..."]

      [auth1ecdsap384healthcert=yes|no (default=no)]

      [auth2=computercert|computercertecdsap256|computercertecdsap384|

         userkerb|usercert|usercertecdsap256|usercertecdsap384|userntlm|

         anonymous[,...]]

      [auth2ca="<ca name> [certmapping:yes|no]

         [catype:root|intermediate (default=root)] | ..."]

      [auth2ecdsap256ca="<ca name> [certmapping:yes|no]

         [catype:root|intermediate (default=root)] | ..."]

      [auth2ecdsap384ca="<ca name> [certmapping:yes|no]

         [catype:root|intermediate (default=root)] | ..."]



best regards,

aiden

aiden cao

technet community support



Windows Server  >  Security



Comments

Post a Comment

Popular posts from this blog

Azure MFA with Azure AD and RDS

-
i have setup following lab in azure , need help. a server (domain controller) , remote desktop services. and server multi factor authentication server. i have setup following one http://www.rdsgurus.com/uncategorized/step-by-step-using-windows-server-2012-r2-rd-gateway-with-azure-multifactor-authentication/ and when im connecting got following error. the user "domain\username", on client computer "xxx.xxx.xxx.xxx", did not meet connection authorization policy requirements , therefore not authorized access rd gateway server. authentication method used was: "ntlm" , connection protocol used: "rpc-http". following error occurred: "23003". also on security log i've got following authentication details: connection request policy name: ts gateway authorization policy network policy name: - authentication provider: radius proxy authentication server: test.test.local authenticati...
Read more

Failed to setup initiator portal. Error status is given in the dump data.

-
hi team, server configured boot san  after booting  facing issue windows server 2008 r2 system logs continuously generating iscsi port error event id 5 failed setup initiator portal. error status given in dump data. eventdata \device\raidport1 000004000100000000000000050000c0000000000000000000000000000000000000000000000000070200c0 binary data: in words 0000: 00040000 00000001 00000000 c0000005 0008: 00000000 00000000 00000000 00000000 0010: 00000000 00000000 c0000207 in bytes 0000: 00 00 04 00 01 00 00 00 ........ 0008: 00 00 00 00 05 00 00 c0 .......À 0010: 00 00 00 00 00 00 00 00 ........ 0018: 00 00 00 00 00 00 00 00 ........ 0020: 00 00 00 00 00 00 00 00 ........ 0028: 07 02 00 c0 ...À hi, please read through article below troubleshoot issue: error event id 5 logged in system log on computer uses iscsi software initiator connect iscsi target device http://suppo...
Read more

Invalid pointer on gpresult /h gpreport.html

-
hello guys i getting following error when trying generate gpresult /h  xxx.html invalid pointer this happening on windows 7 pc using test group policy. tried pc same thing when same gpo applied . hi, try apply some other gpo clients, html report generated succefully? if no, may caused unregistered .dll files, try register .dll files previous thread suggested: http://social.technet.microsoft.com/forums/en-us/winservergp/thread/0ea20c5d-c0ae-457d-89d4-a1686a359e72 if yes, please tell detailed information problematic gpo settings reproduce problem , troubleshooting it. regards, cicely Windows Server  >  Group Policy
Read more