IPsecSaContextExpire0 function (fwpmu.h)
The IPsecSaContextExpire0 function indicates that an IPsec security association (SA) context should be expired.
Syntax
DWORD IPsecSaContextExpire0(
[in] HANDLE engineHandle,
[in] UINT64 id
);
Parameters
[in] engineHandle
Type: HANDLE
Handle for an open session to the filter engine. Call FwpmEngineOpen0 to open a session to the filter engine.
[in] id
Type: UINT64
A runtime identifier for SA context. This identifier was received from the system when the application called IPsecSaContextCreate0.
Return value
Type: DWORD
| Return code/value | Description |
|---|---|
|
The IPsec SA context was successfully expired. |
|
A Windows Filtering Platform (WFP) specific error. See WFP Error Codes for details. |
|
Failure to communicate with the remote or local firewall engine. |
Remarks
When an SA context is expired, the corresponding outbound SA gets deleted immediately, whereas the inbound SA deletion is postponed for a minute. This allows the processing of any inbound IPsec protected traffic that may still be on the wire.
The caller needs DELETE access to the IPsec security associations database. See Access Control for more information.
IPsecSaContextExpire0 is a specific implementation of IPsecSaContextExpire. See WFP Version-Independent Names and Targeting Specific Versions of Windows for more information.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Target Platform | Windows |
| Header | fwpmu.h |
| Library | Fwpuclnt.lib |
| DLL | Fwpuclnt.dll |