VPN settings

The VPN settings provide settings for a Virtual Private Network (VPN) on a Windows device.

Select the Configure for Type from the list of Virtual Private Network (VPN) configuration types that are supported in MaaS360®.

Table 1. Supported VPN configuration type
VPN configuration type Supported devices
IKEv2
  • Windows Phone 8.1+
  • Windows 10+ Professional, Education, Enterprise
L2TP/IPsec PSK Windows 10+ Professional, Education, Enterprise
F5 Big-IP Edge
  • Windows Phone 8.1+
  • Windows 10+ Professional, Education, Enterprise
JunOS Pulse
  • Windows Phone 8.1+
  • Windows 10+ Professional, Education, Enterprise
Cisco AnyConnect Windows Phone 8.1+
Table 2. VPN Configuration settings
Policy setting Description
Host name of the VPN server Enter a fully-qualified host name that is used to access your server from the internet. A fully qualified host name is the server name of your server followed by your registered internet domain name. For example, ServerName.<companyname>.com.
VPN connection name Unique alphanumeric identifier for the VPN profile. Do not include a forward slash (/).
Select VPN server Select the VPN server from the available qualified host names.
Type Choose an app level or device level VPN connection. Choose app level for per-app VPN.
Note: Use Split Tunnel on VPN server settings when you are using App Level VPN on Windows 10. Using force tunnel prevents network access for applications that are not configured to use VPN.
Keep the VPN connection ON at all times Select to keep the VPN connection on (enabled) or off (disabled) at all times.
Note: If this setting is enabled, the VPN connection is started immediately when the device starts up and remains connected.
Corporate network domains Enter the corporate network domains that are allowed to connect to the VPN.
Configure JunOS pulse custom settings Select whether to allow the configuration of Junos Pulse custom settings.
  • Authentication realm: The realm that usually contains the user account location and the user account name.
  • Authentication role: The user role-level settings.
Configure F5 Big-IP edge custom settings Select whether to allow the configuration of F5 BIG-IP Edge custom settings.

Configure the F5 BIG-IP Edge custom port and landing URL.

Enable L2TP secret If this setting is enabled, the device uses the Layer 2 Tunneling Protocol (L2TP) to connect a remote client to the corporate network by using the internet or a service provider's network infrastructure.
L2TP secret Enter the password to connect to the L2TP VPN.
Domain Enter the VPN domain name. Leave this field blank to use enrollment information to populate the user domain.
DNS search domains Enter the DSN search domain that the DNS service uses to resolve host names that are not fully qualified.
IPsec pre-shared key Enter the secret pre-shared key (PSK). PSK is a secret key that was previously shared between two parties in a secure channel.
Profile name Enter the name that identifies the VPN profile.
Server name or IP address Enter the VPN server address that is the qualified host names.
Connect automatically Allows the device to connect to the VPN automatically.
Send all traffic Select whether to allow the device to send all traffic. The setting applies to Windows Phone 8.1. Disable this setting to configure the following options:
  • Allowed domains: Add or edit protected domains. Enter comma-separated URLs.
  • Allowed IP ranges: Add or edit protected IP ranges. Enter comma-separated IPs.
  • Allowed apps: Add or edit protected App IDS or GUID. Enter comma-separated values.
Configure proxy settings Configure the proxy server name and port details. Select whether to allow a proxy for the intranet address. The setting applies to Windows Phone 8.1+.
Connection type Choose the VPN connection type as manual or automatic.
Don't use VPN on company wifi Select whether to allow the device to connect to the VPN with corporate wifi network. This setting applies to Windows Phone 8.1+.
Company wifi network domains Enter a comma-separated list of company domains that are restricted access to the VPN. This setting applies to Windows Phone 10+.
DNS suffix Enter the DNS name without the host name.
Don't use VPN for local wifi traffic Select whether to allow the device to connect to the VPN from a local wifi network. This setting applies to Windows Phone 8.1.
User authentication type Select from the options such as password, certificate, or certificate and password as the authentication type.