SetIPSecMode (Windows Embedded CE 6.0)

  • Article

1/6/2010

This function is used to configure the IPSec mode.

Syntax

 HRESULT SetIPSecMode(
  IPSEC_API_MODE_INFO modeInfo,
  DWORD flags
);

Parameters

  • flags
    [in] This parameter can be set to one of the following flags:

    Flag Description

    IPSEC_API_NO_ICMP_EXEMPT

    The Internet Control Messaging Protocol (ICMP) is not exempt from IPSec.

    IPSEC_API_NO_SPECIALSERVERS_EXEMPT

    Special servers (DNS< DHCP, Gateway, WINS) are not exempt from IPSec.

    IPSEC_API_APPLY_TO_ALL_SRC_IP

    Apply IPSec policy to all source IP address. This flag should be set only if the srcIP field of modeInfo is set to zero.

    Note   If this flag is set and if an IPaddress is provided, then the API SetIPsecMode will return E_INVALIDARG.

Return Value

Returns S_OK if successful, or an appropriate HRESULT value otherwise.

Remarks

You can also use this function to modify any IPSec configuration parameters. SetIPSecMode should be called after a successful call to StartIPSec. If the IPSec mode has already been set, the call to SetIPSecMode will fail with an HRESULT_FROM_WIN32(ERROR_INVALID_OPERATION) error code.

To set a different IPSec mode, you cannot call SetIPSecMode consecutively, but you instead must call ResetIPSecMode before calling SetIPSecMode again. It is also recommended that, in addition to calling ResetIPSecMode, you restart IPSec by calling StopIPSec and StartIPSec in sequence. After calling ResetIPMode and restarting IPSec you can call SetIPSecMode and specify a new mode.

If a call to SetIPSecMode has failed, any calls to ResetIPSecMode will also fail.

Requirements

Header ipsec_api.h
Library Ipsec_api.lib
Windows Embedded CE Windows CE 5.0 and later

See Also

Reference

IPSec Functions
StartIPSec
StopIPSec
ResetIPSecMode
IPSEC_API_MODE_INFO