VPN¶
Template
Contents
PayloadType: | com.apple.vpn.managed |
---|---|
Supervised Only: | |
N/A | |
macOS: | N/A |
macOS Deprecated: | |
N/A | |
iOS: | N/A |
iOS Deprecated: | N/A |
Highlander: | N/A |
Keys¶
UserDefinedName¶
User Defined Name
Description of the VPN connection displayed on the device
Type | Default | Required | Regex | iOS | macOS | Supervised |
---|---|---|---|---|---|---|
string | N/A | always | N/A | N/A | N/A | N/A |
VPNType¶
Type
Determines the settings available for this VPN payload
Type | Default | Required | Regex | iOS | macOS | Supervised |
---|---|---|---|---|---|---|
string | L2TP | always | N/A | N/A | N/A | N/A |
Valid Choices¶
- L2TP
- PPTP
- IPSec
- VPN
- IKEv2
- AlwaysOn
VPNSubType¶
VPN Subtype
If VPNType is “VPN” this field will be an identifier for a vendor specified configuration dictionary
Type | Default | Required | Regex | iOS | macOS | Supervised |
---|---|---|---|---|---|---|
string | N/A | N/A | N/A | N/A | N/A | N/A |
DisconnectOnIdle¶
DisconnectOnIdle
DisconnectOnIdle
Type | Default | Required | Regex | iOS | macOS | Supervised |
---|---|---|---|---|---|---|
integer | 0 | N/A | N/A | N/A | N/A | N/A |
DisconnectOnIdleTimer¶
DisconnectOnIdleTimer
DisconnectOnIdleTimer
Type | Default | Required | Regex | iOS | macOS | Supervised |
---|---|---|---|---|---|---|
integer | N/A | N/A | N/A | N/A | N/A | N/A |
AlwaysOn¶
AlwaysOn
Always On settings
Type | Default | Required | Regex | iOS | macOS | Supervised |
---|---|---|---|---|---|---|
dictionary | {‘AllowedCaptiveNetworkPlugins’: [], ‘ServiceExceptions’: [], ‘TunnelConfigurations’: [{‘UseConfigurationAttributeInternalIPSubnet’: 0, ‘IKESecurityAssociationParameters’: {‘EncryptionAlgorithm’: ‘3DES’, ‘LifeTimeInMinutes’: 1440, ‘DiffieHellmanGroup’: 14, ‘IntegrityAlgorithm’: ‘SHA1-96’}, ‘EnableCertificateRevocationCheck’: 0, ‘NATKeepAliveInterval’: 110, ‘ProtocolType’: ‘IKEv2’, ‘Interfaces’: [‘Cellular’], ‘EnablePFS’: 0, ‘DeadPeerDetectionRate’: ‘Medium’, ‘DisableRedirect’: 0, ‘NATKeepAliveOffloadEnable’: 1, ‘DisableMOBIKE’: 0, ‘ChildSecurityAssociationParameters’: {‘EncryptionAlgorithm’: ‘3DES’, ‘LifeTimeInMinutes’: 1440, ‘DiffieHellmanGroup’: 14, ‘IntegrityAlgorithm’: ‘SHA1-96’}, ‘AuthenticationMethod’: ‘SharedSecret’}, {‘UseConfigurationAttributeInternalIPSubnet’: 0, ‘IKESecurityAssociationParameters’: {‘EncryptionAlgorithm’: ‘3DES’, ‘LifeTimeInMinutes’: 1440, ‘DiffieHellmanGroup’: 14, ‘IntegrityAlgorithm’: ‘SHA1-96’}, ‘EnableCertificateRevocationCheck’: 0, ‘NATKeepAliveInterval’: 20, ‘ProtocolType’: ‘IKEv2’, ‘Interfaces’: [‘WiFi’], ‘EnablePFS’: 0, ‘DeadPeerDetectionRate’: ‘Medium’, ‘DisableRedirect’: 0, ‘NATKeepAliveOffloadEnable’: 1, ‘DisableMOBIKE’: 0, ‘ChildSecurityAssociationParameters’: {‘EncryptionAlgorithm’: ‘3DES’, ‘LifeTimeInMinutes’: 1440, ‘DiffieHellmanGroup’: 14, ‘IntegrityAlgorithm’: ‘SHA1-96’}, ‘AuthenticationMethod’: ‘SharedSecret’}]} | N/A | N/A | N/A | N/A | N/A |
Name | Type | Title | Description | Required |
---|---|---|---|---|
TunnelConfigurations | array | TunnelConfigurations | This array contains an arbitrary number of TunnelConfigurations | always |
- EAP
- IKEv2
- Summary
- Keys
- RemoteAddress
- LocalIdentifier
- RemoteIdentifier
- AuthenticationMethod
- PayloadCertificateUUID
- SharedSecret
- ExtendedAuthEnabled
- AuthName
- DisableRedirect
- DisableMOBIKE
- UseConfigurationAttributeInternalIPSubnet
- EnablePFS
- ServerAddresses
- SearchDomains
- DomainName
- SupplementalMatchDomains
- EnableCertificateRevocationCheck
- AuthPassword
- DeadPeerDetectionRate
- CertificateType
- ServerCertificateIssuerCommonName
- ServerCertificateCommonName
- TLSMinimumVersion
- TLSMaximumVersion
- NATKeepAliveOffloadEnable
- NATKeepAliveInterval
- IKESecurityAssociationParameters
- ChildSecurityAssociationParameters
- IPSec
- IPv4
- PPP
- Proxies
- VendorConfig
- VPN