FwpmIPsecTunnelAdd2 function (fwpmu.h)
The FwpmIPsecTunnelAdd2 function adds a new Internet Protocol Security (IPsec) tunnel mode policy to the system.
Syntax
DWORD FwpmIPsecTunnelAdd2(
[in] HANDLE engineHandle,
[in] UINT32 flags,
[in, optional] const FWPM_PROVIDER_CONTEXT2 *mainModePolicy,
[in] const FWPM_PROVIDER_CONTEXT2 *tunnelPolicy,
[in] UINT32 numFilterConditions,
[in] const FWPM_FILTER_CONDITION0 *filterConditions,
[in, optional] const GUID *keyModKey,
[in, optional] PSECURITY_DESCRIPTOR sd
);
Parameters
[in] engineHandle
Type: HANDLE
A handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine.
[in] flags
Type: UINT32
Possible values:
IPsec tunnel flag | Meaning |
---|---|
|
Adds a point-to-point tunnel to the system. |
|
Enables virtual interface-based IPsec tunnel mode. |
[in, optional] mainModePolicy
Type: FWPM_PROVIDER_CONTEXT2*
The Main Mode policy for the IPsec tunnel.
[in] tunnelPolicy
Type: FWPM_PROVIDER_CONTEXT2*
The Quick Mode policy for the IPsec tunnel.
[in] numFilterConditions
Type: UINT32
Number of filter conditions present in the filterConditions parameter.
[in] filterConditions
Type: FWPM_FILTER_CONDITION0*
Array of filter conditions that describe the traffic which should be tunneled by IPsec.
[in, optional] keyModKey
Type: const GUID*
Pointer to a GUID that uniquely identifies the keying module key.
If the caller supplies this parameter, only that keying module will be used for the tunnel. Otherwise, the default keying policy applies.
[in, optional] sd
Type: PSECURITY_DESCRIPTOR
The security information associated with the IPsec tunnel.
Return value
Type: DWORD
Return code/value | Description |
---|---|
|
The IPsec tunnel mode policy was successfully added. |
|
FWPM_TUNNEL_FLAG_POINT_TO_POINT was not set and conditions other than local/remote address were specified. |
|
A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. |
|
Failure to communicate with the remote or local firewall engine. |
Remarks
This function cannot be called from within a read-only transaction. It will fail with FWP_E_INCOMPATIBLE_TXN. See Object Management for more information about transactions.
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows 8 [desktop apps only] |
Minimum supported server | Windows Server 2012 [desktop apps only] |
Target Platform | Windows |
Header | fwpmu.h |
Library | Fwpuclnt.lib |
DLL | Fwpuclnt.dll |