Jenna Slomowitz
Sep 07, 2018
11:29 pm

Hello Jason,

Hopfully this supplies the information that you need:

Per-app VPN using XAuth type of VPN connection (keepon)

"KNOX_VPN_PARAMETERS": {
   "profile_attribute": {
        "profileName":"Some VPN",
        "vpn_type":"one of ssl or ipsec",
        "vpn_route_type": 1
   },
   "vendor": {
        "AnyConnectVPNConnection" : {
        "host":"Server Address",
        "authentication":"one of EAP-AnyConnect, EAP-GTC, EAP-MD5, EAP-MSCHAPv2, 
     IKE-RSA",
        "ike-identity":"IKE identity value",
        "usecert":true/false,
        "certcommonname":"mycert"
    }
  },
  "Knox": {
        "connectionType":" keepon ",
        "uidpid_search_enabled":1,
        "chaining_enabled":-1
 }
}

Per-app VPN using XAuth type of VPN connection (ondemand)

"KNOX_VPN_PARAMETERS": {

"profile_attribute": {

"profileName":"Some VPN",

"vpn_type":"one of ssl or ipsec",

"vpn_route_type": 1

},

    "vendor": {

    "    AnyConnectVPNConnection" : {

             "host":"Server Address",

             "authentication":"one of EAP-AnyConnect, EAP-GTC, EAP-MD5, EAP-MSCHAPv2, 

             IKE-RSA",

    "ike-identity":"IKE identity value",

    "usecert":true/false,

    "certcommonname":"mycert"

   }

},

     "Knox": {

           "connectionType":" ondemand ",

           "uidpid_search_enabled":1,

           "chaining_enabled":-1

        }

}

Per-app VPN using certificate type of VPN connection (ondemand)​

 

"KNOX_VPN_PARAMETERS": {

"profile_attribute": {

"profileName":"SSL VPN MyCert",

"vpn_type":" one of ssl or ipsec",

"vpn_route_type": 1

},

     "vendor":{

            "AnyConnectVPNConnection" : {

            "host" : "vpn.company.com",

            "usecert" : true,

            "certcommonname" : "mycert"

            }

   },

     "Knox": {

           "connectionType":" ondemand ",

           "uidpid_search_enabled":1,

           "chaining_enabled":-1

            }

}

User-level VPN using XAuth type of VPN connection​

"KNOX_VPN_PARAMETERS": {

"profile_attribute": {

"profileName":"Some VPN",

"vpn_type":"one of ssl or ipsec",

"vpn_route_type": 0

},

  "vendor": {

    "AnyConnectVPNConnection" : {

    "host":"Server Address",

    "authentication":"one of EAP-AnyConnect, EAP-GTC, EAP-MD5, EAP-MSCHAPv2, 

    IKE-RSA",

    "ike-identity":"IKE identity value",

    "usecert":true/false,

    "certcommonname":"mycert"

   }

},

    "Knox": {

                             

           "uidpid_search_enabled":1,

           "chaining_enabled":-1

       }

}

User-level VPN using certificate type of VPN connection​

"KNOX_VPN_PARAMETERS": {

"profile_attribute": {

"profileName":"SSL VPN MyCert",

"vpn_type":" one of ssl or ipsec",

"vpn_route_type": 0

},

     "vendor":{

         "AnyConnectVPNConnection" : {

         "host" : "vpn.company.com",

         "usecert" : true,

         "certcommonname" : "mycert"

   }

},

     "Knox": {

         "uidpid_search_enabled":1,

         "chaining_enabled":-1

         }

}

Best regards,

Jenna

Andre Paques
Sep 12, 2018
2:18 pm

Dear Jenna,
I have two questions:
1: Through the GenericVpnPolicy Class, can I create a Vpn without the need for a screen lock?
2: The following exception: "Error VPN error 103: Invalid JSON format" is constant for me in all attempts to create a VPN with class GenericVpnPolicy, I have already taken several examples Json to build the profile and always generate the error.
Here's the data I've been passing the string in: createVpnProfile (String profileInfo).
String VPN_PROFILE_JSON_FORMAT = "" +
            "\" KNOX_VPN_PARAMETERS \ ":" +
            "{" +
                "\" profile_attribute \ ":" +
                    "{" +
                        "\" profileName \ ": \" ExampleGeneric \ "," +
                        "\" vpn_type \ ": \" ipsec \ "," +
                        "\" vpn_route_type \ ": 0" + "
                    "}," +
                "\" vendor \ ":" +
                    "{" +
                        "\" basic \ ":" +
                            "{" +
                                "\" host \ ": \" x.x.x.x \ "," +
                                "\" username \ ": \" vpn \ "," +
                                "\" password \ ": \" vpn \ "," +
                                "\" authentication_type \ ": 2" +
                            "}," +
                        "\" ipsec_xauth_psk \ ":" +
                            "{" +
                                "\" identifier \ ": \" ***** \ "" +
                                "\" pre_shared_key \ ": \"*****x1234\ "" +
                            "}" +
                    "}," +
            "}";

Comments

Hello Andre

Please look at this line:

                        "\" vpn_route_type \ ": 0" + "

I believe that the last quotation mark is what is causing the issue. Please try looking into the format there, and let me know if the issue still persists.

Best regards,

Jenna

Jenna SlomowitzSep 12, 2018 at 6:41 pm