IKEEXT_POLICY1 structure (iketypes.h)
The IKEEXT_POLICY1 structure is used to store the IKE/AuthIP main mode negotiation policy. IKEEXT_POLICY0 is available.
Syntax
typedef struct IKEEXT_POLICY1_ {
UINT32 softExpirationTime;
UINT32 numAuthenticationMethods;
IKEEXT_AUTHENTICATION_METHOD1 *authenticationMethods;
IKEEXT_AUTHENTICATION_IMPERSONATION_TYPE initiatorImpersonationType;
UINT32 numIkeProposals;
IKEEXT_PROPOSAL0 *ikeProposals;
UINT32 flags;
UINT32 maxDynamicFilters;
UINT32 retransmitDurationSecs;
} IKEEXT_POLICY1;
Members
softExpirationTime
Lifetime of the IPsec soft SA, in seconds. The caller must set this to 0.
numAuthenticationMethods
Number of authentication methods.
authenticationMethods
Array of acceptable authentication methods.
See IKEEXT_AUTHENTICATION_METHOD1 for more information.
initiatorImpersonationType
Type of impersonation. Applies only to AuthIP.
See IKEEXT_AUTHENTICATION_IMPERSONATION_TYPE for more information.
numIkeProposals
Number of main mode proposals.
ikeProposals
Array of main mode proposals.
See IKEEXT_PROPOSAL0 for more information.
flags
A combination of the following values.
maxDynamicFilters
Maximum number of dynamic IPsec filters per remote IP address and per transport layer that is allowed to be added for any SA negotiated using this policy.
Set this to 0 to disable dynamic filter addition. Dynamic filters are added by IKE/AuthIP on responder, when the QM traffic proposed by initiator is a subset of responder's traffic configuration.
retransmitDurationSecs
The number of seconds for which IKEv2 SA negotiation packets will be retransmitted before the SA times out. The caller must set this to at least 120 seconds.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 7 [desktop apps only] |
| Minimum supported server | Windows Server 2008 R2 [desktop apps only] |
| Header | iketypes.h |