Partager via


VPN Configuration Service Provider

4/8/2010

The VPN configuration service provider is used to configure virtual private networks. Each VPN node configures a virtual private network. This VPN connection can apply to one or more connectivity objects (ConRefs), as long as the ConRefs point to the same metanetwork. One or more VPN connections can be provisioned.

The ACCESS Configuration Service Provider must be configured before configuring the VPN object. The ACCESS configuration service provider maps a particular connection (using the ConRef field) with a metanetwork, such as the Internet or Work.

Note

This configuration service provider is part of the OMA DM protocol, with some proprietary extensions, and must be used when provisioning devices using OMA DM. To provision devices using the OMA Client Provisioning protocol, use the CM_VPNEntries Configuration Service Provider instead.

Note

Access to this configuration service provider is determined by security roles. Because OEMs and mobile operators can selectively disallow access, ask them about the availability of this configuration service provider.

The following image shows the management object used by OMA DM.

Bb737210.c2c2e051-6c38-4351-aba7-da9181c74605(en-us,MSDN.10).gif

  • VPN
    The root node for the VPN object. The following table shows the default settings.

    Format

    Node

    Roles allowed to query and update setting

    Manager

    AuthenticatedUser

    Access Type

    Read/Write

    Occurs

    Once

  • VPN/VPNXXX
    Specifies a VPN connection. The suggested name of this node is VPNXXX, a numbered node beginning at zero. For example, if you wanted to provision two different VPNs, you would use two nodes, VPN0 and VPN1. You can use any unique name for this node, but no spaces may appear in the node name (use %20 instead).

    Format

    Node

    Roles allowed to query and update setting

    Manager

    AuthenticatedUser

  • VPN/VPNXXX/VPNID
    Specifies the identifier of the VPN. The value of the VPNID must match a ConRef specified using the ACCESS Configuration Service Provider. The VPNID must be unique.

    The following table shows the default settings.

    Format

    String

    Roles allowed to query and update setting

    Manager

    AuthenticatedUser

  • VPN/VPNXXX/NAME
    Specifies the user-friendly name of the VPN connection.

    The following table shows the default settings.

    Format

    String

    Roles allowed to query and update setting

    Manager

    AuthenticatedUser

  • VPN/VPNXXX/ADDR
    Specifies the address of the VPN access point. The ADDR may be the network name of the access point, or any other string (such as an IP address) used to uniquely identify the VPN access point.

    Note

    If your VPN network IP address class belongs to the GPRS IP address class, the VPN network cannot be reached when both GPRS and VPN connections are active (connected).

    The following table shows the default settings.

    Format

    String

    Roles allowed to query and update setting

    Manager

    AuthenticatedUser

  • VPN/VPNXXX/ADDRTYPE
    Specifies the type of address used to identify proxy server. This value is always set to "IPv4" when provisioning VPN connections.

    The following table shows the default settings.

    Format

    String

    Roles allowed to query and update setting

    Manager

    AuthenticatedUser

  • VPN/VPNXXX/CONREFS/CONREFXXX/ConRef
    Specifies one single connectivity object associated with the VPN connection. The value must match a ConRef specified using the ACCESS Configuration Service Provider.

    The following table shows the default settings.

    Format

    String

    Roles allowed to query and update setting

    Manager

    AuthenticatedUser

  • VPN/VPNXXX/AUTHINFO
    Specifies the authentication information, including the protocol, user name, and password.

    The following table shows the default settings.

    Format

    Node

    Roles allowed to query and update setting

    Manager

    AuthenticatedUser

  • VPN/VPNXXX/AUTHINFO/AUTHTYPE
    Specifies the method of authentication. Some supported protocols are IPSecL2TP and PPTP.

    The following table shows the default settings.

    Format

    String

    Roles allowed to query and update setting

    Manager

    AuthenticatedUser

  • VPN/VPNXXX/AUTHINFO/AUTHNAME
    Specifies the user name and domain to be used during authentication. This field is in the form Domain\UserName.

    The following table shows the default settings.

    Format

    String

    Roles allowed to query and update setting

    Manager

    AuthenticatedUser

  • VPN/VPNXXX/AUTHINFO/AUTHSECRET
    Specifies the password used during authentication. Queries of this field will return a string of sixteen asterisks (*).

    The following table shows the default settings.

    Format

    String

    Roles allowed to query and update setting

    Manager

    AuthenticatedUser

  • VPN/VPNXXX/AUTHINFO/IPSECINFO/AUTHTYPE
    Specifies the type of authentication used for VPN connections established using IPSecL2TP. Valid values are PSK and Cert. Use PSK if you are using a PreSharedKey for authentication. You must specify the PreSharedKey field (described below) when using an AUTHTYPE of PSK.

    The following table shows the default settings.

    Format

    String

    Roles allowed to query and update setting

    Manager

    AuthenticatedUser

  • VPN/VPNXXX/AUTHINFO/IPSECINFO/PRESHAREDKEY
    Specifies the key used for authentication. This field is mandatory when using an AUTHTYPE of PSK, otherwise it is not required.

    The following table shows the default settings.

    Format

    String

    Roles allowed to query and update setting

    Manager

    AuthenticatedUser

  • VPN/VPN XXX /Ext
    Stores extended parameters.
  • VPN/VPN XXX /Ext/Microsoft
    Stores Microsoft-specific parameters.
  • VPN/VPN XXX /Ext/Microsoft/ReadOnly
    This parameter determines whether users are able to modify VPN settings. Permitted values are 0 for FALSE and 1 for TRUE. If the value is set to 1, users will be able to view, but not change, the VPN settings on the device.

    The following table shows the default settings.

    Permissions

    Read/Write

    Data type

    Boolean

    Roles allowed to query and update setting

    Manager

    Operator TPS

See Also

Tasks

VPN Configuration Service Provider Example for OMA DM

Concepts

Configuration Service Provider Reference for Windows Mobile Devices