The FwpmIPsecTunnelAdd2 function adds a new Internet Protocol Security (IPsec) tunnel mode policy to the system.
DWORD FwpmIPsecTunnelAdd2( HANDLE engineHandle, UINT32 flags, const FWPM_PROVIDER_CONTEXT2 *mainModePolicy, const FWPM_PROVIDER_CONTEXT2 *tunnelPolicy, UINT32 numFilterConditions, const FWPM_FILTER_CONDITION0 *filterConditions, const GUID *keyModKey, PSECURITY_DESCRIPTOR sd );
A handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine.
|IPsec tunnel flag||Meaning|
||Adds a point-to-point tunnel to the system.|
||Enables virtual interface-based IPsec tunnel mode.|
The Main Mode policy for the IPsec tunnel.
The Quick Mode policy for the IPsec tunnel.
Number of filter conditions present in the filterConditions parameter.
Array of filter conditions that describe the traffic which should be tunneled by IPsec.
Type: const GUID*
Pointer to a GUID that uniquely identifies the keying module key.
If the caller supplies this parameter, only that keying module will be used for the tunnel. Otherwise, the default keying policy applies.
The security information associated with the IPsec tunnel.
||The IPsec tunnel mode policy was successfully added.|
||FWPM_TUNNEL_FLAG_POINT_TO_POINT was not set and conditions other than local/remote address were specified.|
||A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details.|
||Failure to communicate with the remote or local firewall engine.|
This function cannot be called from within a read-only transaction. It will fail with FWP_E_INCOMPATIBLE_TXN. See Object Management for more information about transactions.
|Minimum supported client||Windows 8 [desktop apps only]|
|Minimum supported server||Windows Server 2012 [desktop apps only]|