Knowledge

ERROR_IPSEC_DOSP_MAX_ENTRIES - 13929 (0x3669)

IPsec DoS Protection failed to create state because the maximum number of entries allowed by policy has been reached.

Updated: Feb 21, 2026

Technical Meaning

The ERROR_IPSEC_DOSP_MAX_ENTRIES error code (13929, 0x3669) indicates that the IPsec DoS Protection subsystem has encountered a situation where it cannot create a state entry due to reaching the maximum number of entries allowed by policy.

Error Details

This error typically occurs when an attempt is made to establish or modify a stateful connection in the IPsec context, but the system's configured policy limits the number of such connections. The IPsec DoS Protection mechanism enforces these limits to prevent denial-of-service attacks and ensure resource management.

Usage Context

The ERROR_IPSEC_DOSP_MAX_ENTRIES error is relevant in scenarios where stateful IPsec policies are enforced, particularly when multiple simultaneous connections or sessions are attempted that exceed the policy-defined limit. This can occur in network environments with strict security policies or high-traffic conditions.

Developer Interpretation

Developers should interpret this error as an indication that the system's current configuration does not allow for additional stateful IPsec connections at the moment. The application or service making the connection attempt must either wait until resources become available or adjust its behavior to comply with the existing policy constraints.

Related Errors

  • ERROR_IPSEC_KEYING_SET_DOES_NOT_EXIST (0x80290015): Indicates that a required keying set is not present, which might be related if the state creation fails due to missing configuration.
  • ERROR_IPSEC_INVALID_POLICY (0x80290014): Suggests an invalid policy setting, possibly leading to resource exhaustion issues.

FAQ

Q: What does this error mean?

A: This error indicates that the IPsec DoS Protection subsystem has reached its maximum allowed state entries as defined by the current security policy.

Q: How can I resolve this issue?

A: Ensure that your application or service complies with the existing IPsec policy constraints. If necessary, adjust the policy settings to allow more connections or sessions.

Summary

The ERROR_IPSEC_DOSP_MAX_ENTRIES error is a specific technical indicator of resource limitations in the IPsec DoS Protection subsystem. Developers should handle this error by either waiting for resources to become available or modifying their application's behavior to adhere to the current security policy constraints.