FwpmIPsecTunnelAdd0 function (fwpmk.h)

The FwpmIPsecTunnelAdd0 function adds a new Internet Protocol Security (IPsec) tunnel mode policy to the system.

Syntax

NTSTATUS FwpmIPsecTunnelAdd0(
  [in]                              HANDLE                       engineHandle,
  [in]                              UINT32                       flags,
  [in, optional]                    const FWPM_PROVIDER_CONTEXT0 *mainModePolicy,
  [in]                              const FWPM_PROVIDER_CONTEXT0 *tunnelPolicy,
  [in]                              UINT32                       numFilterConditions,
  [ in, reads(numFilterConditions)] const FWPM_FILTER_CONDITION0 *filterConditions,
  [in, optional]                    PSECURITY_DESCRIPTOR         sd
);

Parameters

[in] engineHandle

Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine.

[in] flags

Possible values:

IPsec tunnel flag Meaning
FWPM_TUNNEL_FLAG_POINT_TO_POINT Adds a point-to-point tunnel to the system.

[in, optional] mainModePolicy

The Main Mode policy for the IPsec tunnel.

[in] tunnelPolicy

The Quick Mode policy for the IPsec tunnel.

[in] numFilterConditions

Number of filter conditions present in the filterConditions parameter.

[ in, reads(numFilterConditions)] filterConditions

Array of filter conditions that describe the traffic which should be tunneled by IPsec.

[in, optional] sd

The security information associated with the IPsec tunnel.

Return value

Return code/value Description
ERROR_SUCCESS
0
The IPsec tunnel mode policy was successfully added.
FWP_E_INVALID_PARAMETER
0x80320035
FWPM_TUNNEL_FLAG_POINT_TO_POINT was not set and conditions other than local/remote address were specified.
FWP_E_* error code
0x80320001—0x80320039
A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details.
RPC_* error code
0x80010001—0x80010122
Failure to communicate with the remote or local firewall engine.
Other NTSTATUS codes An error occurred.

Remarks

This function cannot be called from within a read-only transaction, it fails with FWP_E_INCOMPATIBLE_TXN. See Object Management for more information about transactions.

FwpmIPsecTunnelAdd0 is a specific implementation of FwpmIPsecTunnelAdd. See WFP Version-Independent Names and Targeting Specific Versions of Windows for more information.

Requirements

Requirement Value
Minimum supported client Available starting with Windows Vista.
Target Platform Universal
Header fwpmk.h
Library fwpkclnt.lib
IRQL <= PASSIVE_LEVEL

See also