VPN.IPSec

The authentication method for L2TP and Cisco IPSec.

If 1, disconnect after an on-demand connection idles.

The length of time to wait before disconnecting an on-demand connection.

The name of the group. For hybrid authentication, the string needs to end with “hybrid”.

Present only for Cisco IPSec if AuthenticationMethod is SharedSecret.

Present only if AuthenticationMethod is SharedSecret. The value is KeyID. The system uses this value for L2TP and Cisco IPSec VPNs.

If 1, enables bringing the VPN connection up on demand.

Deprecated. A list of domain names. In iOS 7 and later, if this key is present, the system treats associated domain names as though they’re associated with the OnDemandMatchDomainsOnRetry key. This behavior can be overridden by OnDemandRules.

Deprecated. A list of domain names. In iOS 7 and later, this key is deprecated (but still supported) in favor of EvaluateConnection actions in the OnDemandRules dictionaries.

Deprecated. A list of domain names. In iOS 7 and later, this field is deprecated (but still supported) in favor of EvaluateConnection actions in the OnDemandRules dictionaries.

The on-demand rules dictionary.

The UUID of the certificate payload within the same profile to use for the account credentials.

Only use this with Cisco IPSec VPNs and if the AuthenticationMethod key is to Certificate.

If true, prompts for a PIN when connecting to Cisco IPSec VPNs.

The IP address or host name of the VPN server.

The shared secret for this VPN account.

Only use this with L2TP and Cisco IPSec VPNs and if the AuthenticationMethod key is to SharedSecret.

If 1, enables Xauth for Cisco IPSec VPNs.

The user name for the VPN account for Cisco IPSec.

The VPN account password for Cisco IPSec.

A string that either has the value “Prompt” or isn’t present.