Can netsh ipsec command set ESP Integrity_key and Ciphering

Can netsh ipsec command set ESP Integrity_key and Ciphering_key

I use netsh ipsec command on win7 to setup IPSEC between two PC. I use the commands below and they are worked.

netsh ipsec static add policy name=mypolicy

netsh ipsec static add filterlist name=myaccess

netsh ipsec static add filteraction name=ok action=negotiate qmsec="ESP[DES,SHA1]:204800k/3600s"

netsh ipsec static add filter filterlist=myaccess srcaddr=192.168.109.143 dstaddr=192.168.109.216 protocol=ANY mirrored=yes

netsh ipsec static add rule name=Rule policy=mypolicy filterlist=myaccess filteraction=ok kerberos=yes psk="my key"

netsh ipsec static set policy name=mypolicy assign=y

And I also want to setup ESP Integrity_key and Ciphering_key myself, such as below

Integrity_key = 19B65AEF8A75418B70D45D5564046967

Ciphering_key = 75A75A54EFB6968D4856071554B04E9B56F85FB5460451D4DA175

I want to know whether netsh ipsec command can do this, I didn't find the proper command.

Thank you.

March 24th, 2015 7:05am

Hi,

As far as I know, we can only specify parameters such as encryption algorithm, integrity algorithm, hash function and session key lifetime, there is no netsh IPSec command which can set ESP Integrity_key and Ciphering_key .

More information for you:

Netsh commands for Internet Protocol security

https://technet.microsoft.com/en-us/library/cc739550%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

Best Regards,

Amy

Free Windows Admin Tool Kit Click here and download it now

March 25th, 2015 4:02am

Hi Amy

Thank you for your quick response, and it helps to me.

Best Regards,

Wang

March 25th, 2015 9:30pm

This topic is archived. No further replies will be accepted.