Methods of programatically altering ipsec rules with C#?

Question

The only method I know how to execute IPsec changes involves calling netsh to do the changes. Is there a method using System.Management and WMI objects directly? If so, what is

Answer 1

You can't do it with WMI. WMI is restricted to TCP Filtering, meaning blocking ports. Nothing more.

If you are using previous Windows versions, you can either:

a) use a command line tool, in this case either ipseccmd.exe or ipsecpol.exe (W2K), or netsh

or

b) Write the policies to the registry

My guess is that the command line tools do just that: they write values to the registry.

I've been into it for some time now and i didn't find a managed code solution. Too bad that the WFP API is not available in previous windows versions.