Apple iPod and iPod Touch VPN Payload

54 Appendix B Configuration Profile Format

VPN Payload

The VPN payload is designated by the com.apple.vpn.managed PayloadType value.

In addition to the settings common to all payload types, the VPN payload defines the

following keys.

There are two possible dictionaries present at the top level, under the keys “PPP” and

“IPSec”. The keys inside these two dictionaries are described below, along with the

VPNType value under which the keys are used.

PPP Dictionary Keys

The following elements are for VPN payloads of type PPP.

Key Value

UserDefinedName String. Description of the VPN connection displayed on the

device.

OverridePrimary Boolean. Specifies whether to send all traffic through the VPN

interface. If true, all network traffic is sent over VPN.

VPNType String. Determines the settings available in the payload for this

type of VPN connection. It can have three possible

values: “L2TP”, “PPTP”, or “IPSec”, representing L2TP, PPTP and

Cisco IPSec respectively.

Key Value

AuthName String. The VPN account user name. Used for L2TP and PPTP.

AuthPassword String, optional. Only visible if TokenCard is false. Used for L2TP

and PPTP.

TokenCard Boolean. Whether to use a token card such as an RSA SecurID

card for connecting. Used for L2TP.

CommRemoteAddress String. IP address or host name of VPN server. Used for L2TP and

PPTP.

AuthEAPPlugins Array. Only present if RSA SecurID is being used, in which case

it has one entry, a string with value “EAP-RSA”. Used for L2TP

and PPTP.

AuthProtocol Array. Only present if RSA SecurID is being used, in which case it

has one entry, a string with value “EAP”. Used for L2TP and PPTP.

CCPMPPE40Enabled Boolean. See discussion under CCPEnabled. Used for PPTP.

CCPMPPE128Enabled Boolean. See discussion under CCPEnabled. Used for PPTP.

CCPEnabled Boolean. Enables encryption on the connection. If this key and

CCPMPPE40Enabled are true, represents automatic encryption

level; if this key and CCPMPPE128Enabled are true, represents

maximum encryption level. If no encryption is used, then none

of the CCP keys are true. Used for PPTP.

Contents

Main K Contents Page iPhone in the Enterprise iTunes iPhone and iPod touch System Requirements Microsoft Exchange ActiveSync Remote Wipe Microsoft Exchange Global Address List Microsoft Exchange Autodiscovery Microsoft Direct Push VPN Network Security Certificates Email accounts Additional Resources This chapter provides an overview of how to deploy iPhone and iPod touch in your enterprise. Activating Devices Preparing Access to Network Services and Enterprise Data Microsoft Exchange WPA/WPA2 Enterprise Wi-Fi Networks Virtual Private Networks IMAP Email Enterprise Applications Determining Device Passcode Policies Configuring Devices Other Resources Configuration Profiles Configuration profiles define how iPhone and iPod touch work with your enterprise systems. About iPhone Configuration Utility iPhone Configuration Utility for Mac OS X Page iPhone Configuration Utility for the Web Page Creating Configuration Profiles General Settings Passcode Settings Wi-Fi Settings VPN Settings Email Settings Exchange Settings Credentials Settings Advanced Settings Editing Configuration Profiles Preparing Configuration Profiles for Deployment Distributing Configuration Profiles by Email Distributing Configuration Profiles on the Web Installing Configuration Profiles Removing and Updating Configuration Profiles Page Cisco IPSec Settings PPTP Settings L2TP Settings Wi-Fi Settings Exchange Settings Page Installing Identities and Root Certificates Additional Mail Accounts Other Resources You use iTunes to sync music and video, install applications, and more. Installing iTunes Installing iTunes on Windows Computers Installing iTunes on Macintosh Computers Setting iTunes Restrictions Setting iTunes Restrictions for Mac OS X Setting iTunes Restrictions for Windows Updating iTunes and iPhone Software Manually You can distribute iPhone and iPod touch applications to your users. Register for Application Development Signing Applications Creating the Distribution Provisioning Profile Installing Provisioning Profiles using iTunes Mac OS X Windows XP Installing Provisioning Profiles using iPhone Configuration Utility for Mac OS X Installing Applications using iTunes Page A Authentication Groups Certificates IPSec Settings Other Supported Features B Root Level Payload Content Passcode Policy Payload Email Payload APN Payload Exchange Payload VPN Payload PPP Dictionary Keys IPSec Dictionary Keys The following elements are for VPN payloads of type IPSec Wi-Fi Payload EAPClientConfiguration Dictionary Page Proxy settings