Knowledge

ERROR_IPSEC_DOSP_MAX_PER_IP_RATELIMIT_QUEUES - 13932 (0x366C)

IPsec DoS Protection failed to create a per internal IP rate limit queue because the maximum number of queues allowed by policy has been reached.

Updated: Feb 21, 2026

Technical Background

The error code ERROR_IPSEC_DOSP_MAX_PER_IP_RATELIMIT_QUEUES (13932, 0x366C) is encountered when the Windows IP Security (IPsec) DoS Protection mechanism fails to allocate a rate limit queue for an internal IP address due to reaching the maximum number of queues allowed by policy.

Error Details

This error indicates that the system has attempted to create a new rate limit queue for incoming traffic from a specific IP address, but it was unable to do so because the configured policy limits the total number of such queues. Rate limiting is used to mitigate potential denial-of-service (DoS) attacks by controlling the rate at which packets can be processed.

Common Causes

  • Exceeding Limits: The system has reached the maximum number of rate limit queues allowed by the current IPsec policy configuration.
  • Invalid Policy Configuration: The policy settings may not allow for additional rate limit queues, or there might be a misconfiguration in the policy that restricts the number of queues.

Real-World Context

In scenarios where high traffic volumes are expected, such as during peak usage times or when dealing with large-scale network operations, this error can occur. It is particularly relevant for environments where IPsec DoS protection is enabled and configured to manage incoming traffic rates.

Is This Error Critical?

The criticality of this error depends on the context in which it occurs. If the system is under a DoS attack or if there are legitimate high-traffic scenarios, this error can be indicative of an issue that needs attention. However, in normal operation, it may not necessarily indicate a severe problem.

How to Diagnose

To diagnose this error, follow these steps:

  1. Review Policy Configuration: Check the current IPsec policy settings to ensure they are configured correctly and allow for sufficient rate limit queues.
  2. Verify Traffic Patterns: Monitor network traffic patterns to identify if there is a legitimate need for additional rate limit queues or if the issue might be due to unexpected high traffic volumes.
  3. Check System Logs: Review system logs for any related events that might provide more context about the failure.

How to Resolve

To resolve this error, consider the following actions:

  1. Adjust Policy Settings: Modify the IPsec policy to increase the maximum number of rate limit queues if necessary.
  2. Optimize Traffic Management: Implement traffic management strategies such as load balancing or prioritization to distribute incoming traffic more effectively.
  3. Monitor and Tune: Continuously monitor network performance and adjust policies based on observed traffic patterns and system behavior.

Developer Notes

Developers should be aware that this error can impact the effectiveness of DoS protection mechanisms in IPsec configurations. It is important to ensure that policy settings are appropriately configured to handle expected traffic volumes while maintaining security.

Related Errors

  • ERROR_IPSEC_DOSP_MAX_PER_IP_RATELIMIT_QUEUES (13932, 0x366C)
  • ERROR_IPSEC_DOSP_MAX_GLOBAL_RATELIMIT_QUEUES (13934, 0x3672)
  • ERROR_IPSEC_DOSP_MAX_PER_INTERFACE_RATELIMIT_QUEUES (13936, 0x3678)

FAQ

Q: What does the error code 13932 mean?

A: The error code 13932 indicates that the system failed to create a rate limit queue for an IP address due to reaching the maximum allowed by policy.

Q: How can I prevent this error from occurring?

A: Ensure that your IPsec policy is configured to allow sufficient rate limit queues. Monitor traffic patterns and adjust policies as needed to handle expected volumes.

Q: Is this error related to DoS attacks?

A: Yes, this error can occur during a DoS attack or when the system is processing high-traffic scenarios that exceed the configured policy limits.

Summary

The ERROR_IPSEC_DOSP_MAX_PER_IP_RATELIMIT_QUEUES (13932) error indicates that the IPsec DoS Protection mechanism has reached its limit for rate limit queues. This can be managed by adjusting policy settings, optimizing traffic management, and continuously monitoring network performance to ensure effective protection against potential attacks.