2.2.83 FW_PHASE2_SA_DETAILS
This structure represents a security association that is established after the quick mode negotiations take place; it contains the selected algorithms to enforce IPsec.
-
typedef struct _tag_FW_PHASE2_SA_DETAILS { unsigned __int64 SaId; [range(FW_DIR_INVALID+1,FW_DIR_MAX-1)] FW_DIRECTION Direction; FW_ENDPOINTS Endpoints; unsigned short wLocalPort; unsigned short wRemotePort; unsigned short wIpProtocol; FW_PHASE2_CRYPTO_SUITE SelectedProposal; FW_PHASE2_CRYPTO_PFS Pfs; GUID TransportFilterId; unsigned long dwP2SaFlags; } FW_PHASE2_SA_DETAILS, *PFW_PHASE2_SA_DETAILS;
SaId: A 64-bit integer number that uniquely identifies the security association.
Direction: This field specifies the direction of the traffic this security association is securing.
Endpoints: This field contains IP address information of the two endpoints that established this security association. An address of zero means the security association applies to any endpoint.
wLocalPort: This field specifies the port of the local endpoint that is used in the traffic secured by this security association. A value of 0 specifies any port.
wRemotePort: This field specifies the port of the remote endpoint that is used in the traffic secured by this security association. A value of 0 specifies any port.
wIpProtocol: This field specifies the protocol of the traffic secured by this security association. If the value is within the range 0 to 255, the value describes a protocol as in IETF IANA numbers (for more information, see [IANA-PROTO-NUM]). If the value is 256, the rule matches ANY protocol.
SelectedProposal: This field contains the Phase2 cryptographic suite selected by the negotiation that is used by this security association to enforce IPsec.
Pfs: This field specifies the perfect forward secrecy used by this security association.
TransportFilterId: This GUID MAY contain additional implementation-specific<21> information about the security association. The client MUST ignore this value.
dwP2SaFlags: Reserved value and not currently used. It MUST be set to 0.