FPCVpnConfiguration
The FPCVpnConfiguration object defines the virtual private network (VPN) settings for an ISA Server computer that acts as a VPN server in an array. For more information about using VPNs in ISA Server, see Virtual Private Networks.
The VPN configuration includes VPN quarantine settings, which can be accessed through the QuarantineSettings property. A VPN quarantine uses the Network Access Quarantine Control feature of Windows Server 2003 to prevent remote VPN clients from obtaining normal remote access after authentication until the configuration of their systems has been examined by a server-provided script and validated as meeting the requirements of the organization's network policies. The connection to a remote VPN client can be closed if the time-out period elapses before the configuration is validated.
The clearing of VPN clients from a quarantine can be enabled by installing Remote Access Quarantine Agent (Rqs.exe) on the ISA Server computer and Remote Access Quarantine Client (Rqc.exe) on VPN clients. Rqc.exe runs as a notification component on the remote client computer, informing the Rqs.exe listener component running on the ISA Server that the client computer complies with security policy. Both of these tools are available in the Windows Server 2003 Resource Kit Tools. After Rqs.exe is installed, the Remote Access Quarantine Tool for ISA Server 2004 (RQSUtils.EXE) should be run on the ISA Server computer. This tool adds an RQS protocol definition on the ISA Server computer, creates an instance of the RQS service, and creates an access rule allowing the RQS protocol. Additional steps must also be performed. For detailed instructions on implementing the clearing of VPN clients from a quarantine, see VPN Roaming Clients in ISA Server 2004.
Alternatively, you can create a custom listener component that listens for messages from a matching notifier component running on quarantine-compatible remote access clients. These messages indicate that the scripts have been run successfully. Then your listening component can use the MprAdminConnectionRemoveQuarantine function to remove the quarantine restrictions from the remote access connections.
In ISA Server Enterprise Edition, this object has an additional property for accessing a collection that contains a set of mappings, each of which maps a set of domain names to a single domain name.
The FPCVpnConfiguration object is accessed through the VpnConfiguration property of an FPCNetworkConfiguration object.
Click here to see the ISA Server object hierarchy.
Inheritance
This object inherits from the FPCPersist object, which contains methods and properties related to persistent storage of an object's data. They include methods for exporting an object's data to and importing it from an XML document.Methods
The FPCVpnConfiguration object defines the following methods.
| Method | Description |
|---|---|
| SetDNSConfiguration | Sets the primary and backup DNS servers, or specifies that the DNS server name is obtained from a DHCP server. |
| SetNetworkToObtainDHCP | Sets the name of the network for obtaining DHCP services. |
| SetWINSConfiguration | Sets the primary and backup WINS servers, or specifies that the WINS server name is obtained from a DHCP server. |
Properties
The FPCVpnConfiguration object has the following properties.
| Property | Description |
|---|---|
| AllowCustomIPSecPolicyForL2TP | Gets or sets a Boolean value that indicates whether incoming L2TP connections may use a custom IPsec policy. |
| BackupDNSServer | Gets the name of the backup Domain Name System (DNS) server. |
| BackupWINSServer | Gets the name of the backup Windows Internet Name Service (WINS) server. |
| DomainGroups | Gets an FPCAccounts collection that contains accounts representing domain groups. |
| DomainMappings | Gets an FPCDomainMappings collection that contains a set of mappings, each of which defines a mapping of a single domain name to a set of domain names (available only in Enterprise Edition). |
| EnableL2TP | Gets or sets a Boolean value that indicates whether L2TP is enabled. |
| EnablePPTP | Gets or sets a Boolean value that indicates whether PPTP is enabled. |
| EnableRADIUSAccounting | Gets or sets a Boolean value that indicates whether RADIUS accounting is enabled for VPN connections. |
| EnableRADIUSAuthentication | Gets or sets a Boolean value that indicates whether RADIUS authentication is enabled for authenticating VPN clients. |
| EnableVpnClients | Gets or sets a Boolean value that indicates whether access for remote VPN clients is enabled. |
| EnableWindowsAccounting | Gets or sets a Boolean value that indicates whether Windows accounting is enabled for VPN connections. |
| MaximumVpnClients | Gets or sets the maximum number of concurrent VPN clients. |
| NetworkSetsToListenOn | Gets an FPCRefs collection of references to the network sets from which VPN clients and remote VPN servers can initiate VPN connections. |
| NetworksToListenOn | Gets an FPCRefs collection of references to the networks from which VPN clients and remote VPN servers can initiate VPN connections. |
| NetworkToObtainDHCP | Gets an FPCRef object that references the FPCNetwork object representing the network for obtaining DHCP services. |
| PPPSettings | Gets an FPCVpnPPPSettings object that represents the PPP settings for an ISA Server computer acting as a VPN server. |
| PresharedIPSecKey | Gets or sets the preshared IPsec key for incoming L2TP connections. |
| PrimaryDNSServer | Gets the name of the primary DNS server. |
| PrimaryWINSServer | Gets the name of the primary WINS server. |
| QuarantineSettings | Gets an FPCVpnQuarantineSettings object that represents the VPN quarantine settings. |
| RADIUSUserMapping | Gets an FPCUserMapping object that represents the RADIUS user mapping settings for an ISA Server computer acting as a VPN server. |
| StaticAddressPool | Gets an FPCIPRangeSet collection that contains objects defining the IP address ranges in the static address pool from which a VPN server can assign IP addresses to VPN clients connecting to it (available only in Standard Edition). |
| UseDHCPForAddressAssignment | Gets or sets a Boolean value that indicates whether DHCP is used for assigning IP addresses to VPN clients and remote VPN servers. |
| UseDHCPForDNS | Gets a Boolean value that indicates whether DHCP is used for DNS servers. |
| UseDHCPForWINS | Gets a Boolean value that indicates whether DHCP is used for WINS servers. |
Methods Inherited from FPCPersist
| Name | Description |
|---|---|
| CancelWaitForChanges | Cancels the registration established by the WaitForChanges method (for use in C and C++ programming only). |
| CanImport | Returns a Boolean value that indicates whether the object's properties can be imported from the specified XML document. |
| Export | Recursively writes the stored values of all the properties of the object and its subobjects to the specified XML document. |
| ExportToFile | Recursively writes the stored values of all the properties of the object and its subobjects to the specified XML file. |
| GetServiceRestartMask | Retrieves a 32-bit bitmask of the FpcServices enumerated type that specifies which services need to be restarted for currently unsaved changes to take effect. |
| Import | Recursively copies the values of all the properties of the object and of its subobjects from the specified XML document to persistent storage. |
| ImportFromFile | Recursively copies the values of all the properties of the object and of its subobjects from the specified XML file to persistent storage. |
| LoadDocProperties | Provides the XML document's properties so that you can know what information can be imported from the document. |
| Refresh | Recursively reads the values of all the properties of the object and of its subobjects from persistent storage, overwriting any changes that have not been saved. |
| Save | Recursively writes the current values of all the properties of the object and its subobjects to persistent storage. |
| WaitForChanges | Registers to wait for an event indicating that the contents of the object have changed (for use in C and C++ programming only). |
Properties Inherited from FPCPersist
| Name | Description |
|---|---|
| PersistentName | Gets the persistent name of the object. The persistent name of an object is a name that is unique for the object at the respective level of the COM object hierarchy. |
| VendorParametersSets | Gets an FPCVendorParametersSets collection that can hold sets of custom data for extending the object. |
Interfaces for C++ Programming
This object implements the IFPCVpnConfiguration interface. In Enterprise Edition, this object also implements the IFPCEEVpnConfiguration interface.
Requirements
| Client | Requires Windows XP. |
|---|---|
| Server | Requires Windows Server 2003. Requires Windows Server 2003 or Windows 2000 for ISA Server 2004 Standard Edition. |
| Version | Requires Internet Security and Acceleration (ISA) Server 2006 or ISA Server 2004. |
| IDL | Declared in Msfpccom.idl. |
