Important:
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.
4/8/2010

The VPNconfiguration service provider is used to configure virtual private networks. Each VPN node configures a virtual private network. This VPN connection can apply to one or more connectivity objects (ConRefs), as long as the ConRefs point to the same metanetwork. One or more VPN connections can be provisioned.

The ACCESS Configuration Service Providermust be configured before configuring the VPN object. The ACCESS configuration service provider maps a particular connection (using the ConReffield) with a metanetwork, such as the Internet or Work.

Note:
This configuration service provider is part of the OMA DM protocol, with some proprietary extensions, and must be used when provisioning devices using OMA DM. To provision devices using the OMA Client Provisioning protocol, use the CM_VPNEntries Configuration Service Providerinstead.
Note:
Access to this configuration service provider is determined by security roles. Because OEMs and mobile operators can selectively disallow access, ask them about the availability of this configuration service provider.

The following image shows the management object used by OMA DM.

VPN

The root node for the VPN object. The following table shows the default settings.

Format

Node

Roles allowed to query and update setting

Manager

AuthenticatedUser

Access Type

Read/Write

Occurs

Once

VPN/VPN XXX

Specifies a VPN connection. The suggested name of this node is VPN XXX, a numbered node beginning at zero. For example, if you wanted to provision two different VPNs, you would use two nodes, VPN0 and VPN1. You can use any unique name for this node, but no spaces may appear in the node name (use %20instead).

Format

Node

Roles allowed to query and update setting

Manager

AuthenticatedUser

VPN/VPN XXX /VPNID

Specifies the identifier of the VPN. The value of the VPNID must match a ConRefspecified using the ACCESS Configuration Service Provider. The VPNID must be unique.

The following table shows the default settings.

Format

String

Roles allowed to query and update setting

Manager

AuthenticatedUser

VPN/VPN XXX /NAME

Specifies the user-friendly name of the VPN connection.

The following table shows the default settings.

Format

String

Roles allowed to query and update setting

Manager

AuthenticatedUser

VPN/VPN XXX /ADDR

Specifies the address of the VPN access point. The ADDR may be the network name of the access point, or any other string (such as an IP address) used to uniquely identify the VPN access point.

Note:
If your VPN network IP address class belongs to the GPRS IP address class, the VPN network cannot be reached when both GPRS and VPN connections are active (connected).

The following table shows the default settings.

Format

String

Roles allowed to query and update setting

Manager

AuthenticatedUser

VPN/VPN XXX /ADDRTYPE

Specifies the type of address used to identify proxy server. This value is always set to "IPv4" when provisioning VPN connections.

The following table shows the default settings.

Format

String

Roles allowed to query and update setting

Manager

AuthenticatedUser

VPN/VPN XXX /CONREFS/CONREF XXX /ConRef

Specifies one single connectivity object associated with the VPN connection. The value must match a ConRefspecified using the ACCESS Configuration Service Provider.

The following table shows the default settings.

Format

String

Roles allowed to query and update setting

Manager

AuthenticatedUser

VPN/VPN XXX /AUTHINFO

Specifies the authentication information, including the protocol, user name, and password.

The following table shows the default settings.

Format

Node

Roles allowed to query and update setting

Manager

AuthenticatedUser

VPN/VPN XXX /AUTHINFO/AUTHTYPE

Specifies the method of authentication. Some supported protocols are IPSecL2TP and PPTP.

The following table shows the default settings.

Format

String

Roles allowed to query and update setting

Manager

AuthenticatedUser

VPN/VPN XXX /AUTHINFO/AUTHNAME

Specifies the user name and domain to be used during authentication. This field is in the form Domain\UserName.

The following table shows the default settings.

Format

String

Roles allowed to query and update setting

Manager

AuthenticatedUser

VPN/VPN XXX /AUTHINFO/AUTHSECRET

Specifies the password used during authentication. Queries of this field will return a string of sixteen asterisks (*).

The following table shows the default settings.

Format

String

Roles allowed to query and update setting

Manager

AuthenticatedUser

VPN/VPN XXX /AUTHINFO/IPSECINFO/AUTHTYPE

Specifies the type of authentication used for VPN connections established using IPSecL2TP. Valid values are PSK and Cert. Use PSK if you are using a PreSharedKey for authentication. You must specify the PreSharedKey field (described below) when using an AUTHTYPE of PSK.

The following table shows the default settings.

Format

String

Roles allowed to query and update setting

Manager

AuthenticatedUser

VPN/VPN XXX /AUTHINFO/IPSECINFO/PRESHAREDKEY

Specifies the key used for authentication. This field is mandatory when using an AUTHTYPE of PSK, otherwise it is not required.

The following table shows the default settings.

Format

String

Roles allowed to query and update setting

Manager

AuthenticatedUser

VPN/VPN XXX /Ext

Stores extended parameters.

VPN/VPN XXX /Ext/Microsoft

Stores Microsoft-specific parameters.

VPN/VPN XXX /Ext/Microsoft/ReadOnly

This parameter determines whether users are able to modify VPN settings. Permitted values are 0 for FALSE and 1 for TRUE. If the value is set to 1, users will be able to view, but not change, the VPN settings on the device.

The following table shows the default settings.

Permissions

Read/Write

Data type

Boolean

Roles allowed to query and update setting

Manager

Operator TPS

See Also