IPSec Application Development (Windows CE 5.0)
Windows CE includes the IPSec v4 Catalog item. The Windows CE implementation of this protocol enables two devices on a network to establish peer-to-peer communication using the IP Security (IPSec) protocol. This protocol enables Windows CE-based devices to participate in networks that are secured by IPSec.
The following table shows components of the Windows CE IPSec implementation.
| Component | Library |
|---|---|
| IPSecPolicy Agent | ipsecsvc.dll |
| Internet Key Exchange (IKE) | ipsecsvd.dll |
| IPSec Driver | ipsec.dll |
The Windows CE implementation of IPSec supports Encapsulating Security Payload (ESP) authentication and encryption using transport-mode connectivity. The Authentication Header (AH) protocol and tunnel-mode connectivity are not supported in Windows CE.
The following table shows the modes for IPSec communication that Windows CE supports.
| Mode | Description |
|---|---|
| Default responder mode | The CE device will respond to requests for securing traffic. If the peer wants to protect traffic, the CE device will respond to Internet Key Exchange (IKE) negotiations. If the negotiations succeed, incoming and outgoing traffic will be secured by IPSec. The Internet Control Message Protocol (ICMP) is exempt by default. As part of IKE negotiation, both peers must negotiate with each other. |
| Default initiator mode with optional fallback to clear. | The CE device will try to secure all outgoing traffic. If the device is unable to establish a secure channel, it will, by default fall back to allowing clear traffic. The CE device will allow clear incoming traffic by default. |
See Also
Send Feedback on this topic to the authors