windows10VpnConfiguration resource type
Namespace: microsoft.graph
Important: Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.
By providing the configurations in this profile you can instruct the Windows 10 device (desktop or mobile) to connect to desired VPN endpoint. By specifying the authentication method and security types expected by VPN endpoint you can make the VPN connection seamless for end user.
Inherits from windowsVpnConfiguration
Methods
| Method | Return Type | Description |
|---|---|---|
| List windows10VpnConfigurations | windows10VpnConfiguration collection | List properties and relationships of the windows10VpnConfiguration objects. |
| Get windows10VpnConfiguration | windows10VpnConfiguration | Read properties and relationships of the windows10VpnConfiguration object. |
| Create windows10VpnConfiguration | windows10VpnConfiguration | Create a new windows10VpnConfiguration object. |
| Delete windows10VpnConfiguration | None | Deletes a windows10VpnConfiguration. |
| Update windows10VpnConfiguration | windows10VpnConfiguration | Update the properties of a windows10VpnConfiguration object. |
Properties
| Property | Type | Description |
|---|---|---|
| id | String | Key of the entity. Inherited from deviceConfiguration |
| lastModifiedDateTime | DateTimeOffset | DateTime the object was last modified. Inherited from deviceConfiguration |
| roleScopeTagIds | String collection | List of Scope Tags for this Entity instance. Inherited from deviceConfiguration |
| supportsScopeTags | Boolean | Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only. Inherited from deviceConfiguration |
| deviceManagementApplicabilityRuleOsEdition | deviceManagementApplicabilityRuleOsEdition | The OS edition applicability for this Policy. Inherited from deviceConfiguration |
| deviceManagementApplicabilityRuleOsVersion | deviceManagementApplicabilityRuleOsVersion | The OS version applicability rule for this Policy. Inherited from deviceConfiguration |
| deviceManagementApplicabilityRuleDeviceMode | deviceManagementApplicabilityRuleDeviceMode | The device mode applicability rule for this Policy. Inherited from deviceConfiguration |
| createdDateTime | DateTimeOffset | DateTime the object was created. Inherited from deviceConfiguration |
| description | String | Admin provided description of the Device Configuration. Inherited from deviceConfiguration |
| displayName | String | Admin provided name of the device configuration. Inherited from deviceConfiguration |
| version | Int32 | Version of the device configuration. Inherited from deviceConfiguration |
| connectionName | String | Connection name displayed to the user. Inherited from windowsVpnConfiguration |
| servers | vpnServer collection | List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements. Inherited from windowsVpnConfiguration |
| customXml | Binary | Custom XML commands that configures the VPN connection. (UTF8 encoded byte array) Inherited from windowsVpnConfiguration |
| profileTarget | windows10VpnProfileTarget | Profile target type. Possible values are: user, device, autoPilotDevice. |
| connectionType | windows10VpnConnectionType | Connection type. Possible values are: pulseSecure, f5EdgeClient, dellSonicWallMobileConnect, checkPointCapsuleVpn, automatic, ikEv2, l2tp, pptp, citrix, paloAltoGlobalProtect, ciscoAnyConnect, unknownFutureValue, microsoftTunnel. |
| enableSplitTunneling | Boolean | Enable split tunneling. |
| enableAlwaysOn | Boolean | Enable Always On mode. |
| enableDeviceTunnel | Boolean | Enable device tunnel. |
| enableDnsRegistration | Boolean | Enable IP address registration with internal DNS. |
| dnsSuffixes | String collection | Specify DNS suffixes to add to the DNS search list to properly route short names. |
| microsoftTunnelSiteId | String | ID of the Microsoft Tunnel site associated with the VPN profile. |
| authenticationMethod | windows10VpnAuthenticationMethod | Authentication method. Possible values are: certificate, usernameAndPassword, customEapXml, derivedCredential. |
| rememberUserCredentials | Boolean | Remember user credentials. |
| enableConditionalAccess | Boolean | Enable conditional access. |
| enableSingleSignOnWithAlternateCertificate | Boolean | Enable single sign-on (SSO) with alternate certificate. |
| singleSignOnEku | extendedKeyUsage | Single sign-on Extended Key Usage (EKU). |
| singleSignOnIssuerHash | String | Single sign-on issuer hash. |
| eapXml | Binary | Extensible Authentication Protocol (EAP) XML. (UTF8 encoded byte array) |
| proxyServer | windows10VpnProxyServer | Proxy Server. |
| associatedApps | windows10AssociatedApps collection | Associated Apps. This collection can contain a maximum of 10000 elements. |
| onlyAssociatedAppsCanUseConnection | Boolean | Only associated Apps can use connection (per-app VPN). |
| windowsInformationProtectionDomain | String | Windows Information Protection (WIP) domain to associate with this connection. |
| trafficRules | vpnTrafficRule collection | Traffic rules. This collection can contain a maximum of 1000 elements. |
| routes | vpnRoute collection | Routes (optional for third-party providers). This collection can contain a maximum of 1000 elements. |
| dnsRules | vpnDnsRule collection | DNS rules. This collection can contain a maximum of 1000 elements. |
| trustedNetworkDomains | String collection | Trusted Network Domains |
| cryptographySuite | cryptographySuite | Cryptography Suite security settings for IKEv2 VPN in Windows10 and above |
Relationships
| Relationship | Type | Description |
|---|---|---|
| groupAssignments | deviceConfigurationGroupAssignment collection | The list of group assignments for the device configuration profile. Inherited from deviceConfiguration |
| assignments | deviceConfigurationAssignment collection | The list of assignments for the device configuration profile. Inherited from deviceConfiguration |
| deviceStatuses | deviceConfigurationDeviceStatus collection | Device configuration installation status by device. Inherited from deviceConfiguration |
| userStatuses | deviceConfigurationUserStatus collection | Device configuration installation status by user. Inherited from deviceConfiguration |
| deviceStatusOverview | deviceConfigurationDeviceOverview | Device Configuration devices status overview Inherited from deviceConfiguration |
| userStatusOverview | deviceConfigurationUserOverview | Device Configuration users status overview Inherited from deviceConfiguration |
| deviceSettingStateSummaries | settingStateDeviceSummary collection | Device Configuration Setting State Device Summary Inherited from deviceConfiguration |
| identityCertificate | windowsCertificateProfileBase | Identity certificate for client authentication when authentication method is certificate. |
JSON Representation
Here is a JSON representation of the resource.
{
"@odata.type": "#microsoft.graph.windows10VpnConfiguration",
"id": "String (identifier)",
"lastModifiedDateTime": "String (timestamp)",
"roleScopeTagIds": [
"String"
],
"supportsScopeTags": true,
"deviceManagementApplicabilityRuleOsEdition": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
"osEditionTypes": [
"String"
],
"name": "String",
"ruleType": "String"
},
"deviceManagementApplicabilityRuleOsVersion": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
"minOSVersion": "String",
"maxOSVersion": "String",
"name": "String",
"ruleType": "String"
},
"deviceManagementApplicabilityRuleDeviceMode": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
"deviceMode": "String",
"name": "String",
"ruleType": "String"
},
"createdDateTime": "String (timestamp)",
"description": "String",
"displayName": "String",
"version": 1024,
"connectionName": "String",
"servers": [
{
"@odata.type": "microsoft.graph.vpnServer",
"description": "String",
"address": "String",
"isDefaultServer": true
}
],
"customXml": "binary",
"profileTarget": "String",
"connectionType": "String",
"enableSplitTunneling": true,
"enableAlwaysOn": true,
"enableDeviceTunnel": true,
"enableDnsRegistration": true,
"dnsSuffixes": [
"String"
],
"microsoftTunnelSiteId": "String",
"authenticationMethod": "String",
"rememberUserCredentials": true,
"enableConditionalAccess": true,
"enableSingleSignOnWithAlternateCertificate": true,
"singleSignOnEku": {
"@odata.type": "microsoft.graph.extendedKeyUsage",
"name": "String",
"objectIdentifier": "String"
},
"singleSignOnIssuerHash": "String",
"eapXml": "binary",
"proxyServer": {
"@odata.type": "microsoft.graph.windows10VpnProxyServer",
"automaticConfigurationScriptUrl": "String",
"address": "String",
"port": 1024,
"bypassProxyServerForLocalAddress": true
},
"associatedApps": [
{
"@odata.type": "microsoft.graph.windows10AssociatedApps",
"appType": "String",
"identifier": "String"
}
],
"onlyAssociatedAppsCanUseConnection": true,
"windowsInformationProtectionDomain": "String",
"trafficRules": [
{
"@odata.type": "microsoft.graph.vpnTrafficRule",
"name": "String",
"protocols": 1024,
"localPortRanges": [
{
"@odata.type": "microsoft.graph.numberRange",
"lowerNumber": 1024,
"upperNumber": 1024
}
],
"remotePortRanges": [
{
"@odata.type": "microsoft.graph.numberRange",
"lowerNumber": 1024,
"upperNumber": 1024
}
],
"localAddressRanges": [
{
"@odata.type": "microsoft.graph.iPv4Range",
"lowerAddress": "String",
"upperAddress": "String"
}
],
"remoteAddressRanges": [
{
"@odata.type": "microsoft.graph.iPv4Range",
"lowerAddress": "String",
"upperAddress": "String"
}
],
"appId": "String",
"appType": "String",
"routingPolicyType": "String",
"claims": "String",
"vpnTrafficDirection": "String"
}
],
"routes": [
{
"@odata.type": "microsoft.graph.vpnRoute",
"destinationPrefix": "String",
"prefixSize": 1024
}
],
"dnsRules": [
{
"@odata.type": "microsoft.graph.vpnDnsRule",
"name": "String",
"servers": [
"String"
],
"proxyServerUri": "String",
"autoTrigger": true,
"persistent": true
}
],
"trustedNetworkDomains": [
"String"
],
"cryptographySuite": {
"@odata.type": "microsoft.graph.cryptographySuite",
"encryptionMethod": "String",
"integrityCheckMethod": "String",
"dhGroup": "String",
"cipherTransformConstants": "String",
"authenticationTransformConstants": "String",
"pfsGroup": "String"
}
}