IPsecSaContextCreate1 function

The IPsecSaContextCreate1 function creates an IPsec security association (SA) context.

Note  IPsecSaContextCreate1 is the specific implementation of IPsecSaContextCreate used in Windows 7 and later. See WFP Version-Independent Names and Targeting Specific Versions of Windows for more information. For Windows Vista, IPsecSaContextCreate0 is available.
 

Syntax


DWORD IPsecSaContextCreate1(
  _In_            HANDLE                        engineHandle,
  _In_      const IPSEC_TRAFFIC1                *outboundTraffic,
  _In_opt_  const IPSEC_VIRTUAL_IF_TUNNEL_INFO0 *virtualIfTunnelInfo,
  _Out_opt_       UINT64                        *inboundFilterId,
  _Out_           UINT64                        *id
);

Parameters

engineHandle [in]

Type: HANDLE

Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine.

outboundTraffic [in]

Type: const IPSEC_TRAFFIC1*

The outbound traffic of the SA.

virtualIfTunnelInfo [in, optional]

Type: const IPSEC_VIRTUAL_IF_TUNNEL_INFO0*

Details related to virtual interface tunneling.

inboundFilterId [out, optional]

Type: UINT64*

Optional filter identifier of the cached inbound filter corresponding to the outboundTraffic parameter specified by the caller. Base filtering engine (BFE) may cache the inbound filter identifier and return the cached value, if available. Caller must handle the case when BFE does not have a cached value, in which case this parameter will be set to 0.

id [out]

Type: UINT64*

The identifier of the IPsec SA context.

Return value

Type: DWORD

Return code/valueDescription
ERROR_SUCCESS
0

The IPsec SA context was created successfully.

FWP_E_* error code
0x80320001—0x80320039

A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details.

RPC_* error code
0x80010001—0x80010122

Failure to communicate with the remote or local firewall engine.

 

Remarks

This function cannot be called from within a transaction. It will fail with FWP_E_TXN_IN_PROGRESS. See Object Management for more information about transactions.

This function cannot be called from within a dynamic session. The call will fail with FWP_E_DYNAMIC_SESSION_IN_PROGRESS. See Object Management for more information about dynamic sessions.

The caller needs FWPM_ACTRL_ADD access to the IPsec security associations database. See Access Control for more information.

Requirements

Minimum supported client

Windows 7 [desktop apps only]

Minimum supported server

Windows Server 2008 R2 [desktop apps only]

Header

Fwpmu.h

Library

Fwpuclnt.lib

DLL

Fwpuclnt.dll

See also

IPSEC_TRAFFIC1
IPSEC_VIRTUAL_IF_TUNNEL_INFO0

 

 

Show: