IPsecSaContextExpire0 function (fwpmu.h)

The IPsecSaContextExpire0 function indicates that an IPsec security association (SA) context should be expired.

Syntax

DWORD IPsecSaContextExpire0(
  [in] HANDLE engineHandle,
  [in] UINT64 id
);

Parameters

[in] engineHandle

Type: HANDLE

Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine.

[in] id

Type: UINT64

A runtime identifier for SA context. This identifier was received from the system when the application called IPsecSaContextCreate0.

Return value

Type: DWORD

Return code/value Description
ERROR_SUCCESS
0
The IPsec SA context was successfully expired.
FWP_E_* error code
0x80320001—0x80320039
A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details.
RPC_* error code
0x80010001—0x80010122
Failure to communicate with the remote or local firewall engine.

Remarks

When an SA context is expired, the corresponding outbound SA gets deleted immediately, whereas the inbound SA deletion is postponed for a minute. This allows the processing of any inbound IPsec protected traffic that may still be on the wire.

The caller needs DELETE access to the IPsec security associations database. See Access Control for more information.

IPsecSaContextExpire0 is a specific implementation of IPsecSaContextExpire. See WFP Version-Independent Names and Targeting Specific Versions of Windows for more information.

Requirements

Requirement Value
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Target Platform Windows
Header fwpmu.h
Library Fwpuclnt.lib
DLL Fwpuclnt.dll

See also

IPsecSaContextCreate0