AnyConnect Secure Mobility Client 5.1.10.233
Macros | Enumerations
api.h File Reference
#include "GlobalEnums.h"

Go to the source code of this file.

Macros

#define UNICODE
 
#define _UNICODE
 
#define tstring   std::wstring
 
#define tostream   std::wostream
 
#define VPN_VPNAPI   __declspec(dllimport)
 
#define OUT
 
#define IN
 

Enumerations

enum  MessageType {
  MsgType_Error , MsgType_Alert , MsgType_Warn , MsgType_Info ,
  MsgType_Status , MsgType_UrlError , MsgType_Announcement , MsgType_Ephemeral_Alert
}
 
enum  SDITokenType { SDITT_NONE , SDITT_HARDWARE , SDITT_SOFTWARE }
 
enum  VPNState {
  CONNECTED = STATE_CONNECTED , DISCONNECTED = STATE_DISCONNECTED , CONNECTING = STATE_CONNECTING , DISCONNECTING = STATE_DISCONNECTING ,
  RECONNECTING = STATE_RECONNECTING , PAUSING = STATE_PAUSING , PAUSED = STATE_PAUSED , SSOPOLLING = STATE_SSOPOLLING ,
  UNKNOWN = ~0
}
 
enum  VPNSubState {
  VPNSS_NORMAL = VCSS_NORMAL , VPNSS_INDEFINITE_DELAY = VCSS_INDEFINITE_DELAY , VPNSS_SESSION_EXPIRING = VCSS_SESSION_EXPIRING , VPNSS_MT_DISCONNECTED_DISABLED = VCSS_MT_DISCONNECTED_DISABLED ,
  VPNSS_MT_DISCONNECTED_TRUSTED_NW = VCSS_MT_DISCONNECTED_TRUSTED_NW , VPNSS_MT_DISCONNECTED_USER_TUNNEL_ACTIVE = VCSS_MT_DISCONNECTED_USER_TUNNEL_ACTIVE , VPNSS_MT_DISCONNECTED_LAUNCH_FAILED = VCSS_MT_DISCONNECTED_LAUNCH_FAILED , VPNSS_MT_DISCONNECTED_CONNECT_FAILED = VCSS_MT_DISCONNECTED_CONNECT_FAILED ,
  VPNSS_MT_DISCONNECTED_BAD_VPN_CONFIG = VCSS_MT_DISCONNECTED_BAD_VPN_CONFIG , VPNSS_MT_DISCONNECTED_SW_UP_PENDING = VCSS_MT_DISCONNECTED_SW_UP_PENDING , VPNSS_MTU_ADJUSTMENT_PENDING = VCSS_MTU_ADJUSTMENT_PENDING
}
 
enum  WMHint {
  MINIMIZE , OPEN , QUIT , REFRESHHOSTNAMES ,
  REFRESHPREFS , SHOWCONNECTING , CLOSECREDENTIALPOPUP
}
 
enum  WMHintReason {
  SECONDGUISTART , PROXYREQUEST , SERVICEFAILURE , DISCONNECT ,
  SERVICESTOPPED , CONNECT , REASONUNKNOWN
}
 
enum  ConnectPromptType {
  CERTIFICATE , CREDENTIALS , PROXY , MANUAL_PKCS12_IMPORT ,
  STATUS , SINGLESIGNON , SINGLELOGOUT , LEGACY_SINGLESIGNON
}
 
enum  PromptType {
  Prompt_Input , Prompt_Password , Prompt_Banner , Prompt_Combo ,
  Prompt_Header , Prompt_Hidden , Prompt_CheckBox , Prompt_SSO
}
 
enum  PreferenceId {
  ServiceDisable , CertificateStoreOverride , CertificateStore , CertificateStoreMac ,
  CertificateStoreLinux , ShowPreConnectMessage , AutoConnectOnStart , MinimizeOnConnect ,
  LocalLanAccess , DisableCaptivePortalDetection , AutoReconnect , AutoReconnectBehavior ,
  SuspendOnConnectedStandby , UseStartBeforeLogon , AutoUpdate , RSASecurIDIntegration ,
  WindowsLogonEnforcement , WindowsVPNEstablishment , LinuxLogonEnforcement , LinuxVPNEstablishment ,
  ProxySettings , AllowLocalProxyConnections , PPPExclusion , PPPExclusionServerIP ,
  AutomaticVPNPolicy , TrustedNetworkPolicy , UntrustedNetworkPolicy , BypassConnectUponSessionTimeout ,
  TrustedDNSDomains , TrustedDNSServers , TrustedHttpsServerList , DisableUntrustedInterfaces ,
  AlwaysOn , ConnectFailurePolicy , AllowCaptivePortalRemediation , CaptivePortalRemediationTimeout ,
  ApplyLastVPNLocalResourceRules , AllowVPNDisconnect , SuppressConnectionRetries , AllowedHosts ,
  EnableScripting , TerminateScriptOnNextEvent , EnablePostSBLOnConnectScript , AutomaticCertSelection ,
  RetainVpnOnLogoff , UserEnforcement , DeviceLockRequired , DeviceLockMaximumTimeoutMinutes ,
  DeviceLockMinimumPasswordLength , DeviceLockPasswordComplexity , EnableAutomaticServerSelection , AutoServerSelectionImprovement ,
  AutoServerSelectionSuspendTime , AuthenticationTimeout , SafeWordSofTokenIntegration , AllowIPsecOverSSL ,
  ClearSmartcardPin , IPProtocolSupport , CaptivePortalRemediationBrowserFailover , AllowManualHostInput ,
  BlockUntrustedServers , PublicProxyServerAddress , CertificatePinning , UnknownPreference
}
 
enum  PreferenceScope { User , Global , UserAndGlobal }
 
enum  OperatingMode {
  FIPS = (1 << 0) , StartBeforeLogon = (1 << 1) , GUI = (1 << 2) , TrustedNetworkDetection = (1 << 3) ,
  AlwaysOnVpn = (1 << 4) , NetworkIssue = (1 << 5) , Quarantined = (1 << 6) , AutomaticHeadendSelection = (1 << 7) ,
  DisconnectAllowed = (1 << 8) , VPNDisabled = (1 << 9) , SCEPMode = (1 << 10) , OnTrustedNetwork = (1 << 11) ,
  ManualHostInputAllowed = (1 << 12) , ErrorSuppressed = (1 << 13) , StrictMode = (1 << 14) , CLI = (1 << 15) ,
  Management = (1 << 16)
}
 
enum  VPNError {
  VPNSuccess = 0 , VPNError_Generic_FatalError = 1 , VPNError_Connection_Error = 100 , VPNError_Connection_InvalidGroupURL ,
  VPNError_Network_Error = 200 , VPNError_Authentication_Error = 300 , VPNError_Authentication_DAP_Terminate , VPNError_ClientCertificate_UnknownError = 400 ,
  VPNError_ClientCertificate_Missing , VPNError_ClientCertificate_Expired , VPNError_ClientCertificate_NotYetValid , VPNError_ServerCertificate_UnknownError = 500 ,
  VPNError_ServerCertificate_Expired , VPNError_ServerCertificate_NotYetValid
}
 
enum  CertAuthMode { CertAuth_Automatic , CertAuth_Disabled , CertAuth_Manual }
 
enum  CertificateType { CertificateType_Client , CertificateType_SystemTrusted , CertificateType_Server }
 
enum  CertConfirmReason {
  CertConfirmReason_Unspecified , CertConfirmReason_NameMismatch , CertConfirmReason_Expired , CertConfirmReason_NotValidYet ,
  CertConfirmReason_UntrustedSource , CertConfirmReason_InvalidUse , CertConfirmReason_Revoked , CertConfirmReason_Malformed ,
  CertConfirmReason_NotFipsCompliant , CertConfirmReason_InvalidateDate , CertConfirmReason_SignatureAlgorithm , CertConfirmReason_KeySize
}
 
enum  UserResponseError {
  UserResponseError_None , UserResponseError_Unspecified , UserResponseError_BadServerCert , UserResponseError_SsoNavigation ,
  UserResponseError_SsoGettingCookie , UserResponseError_SsoTimeout , UserResponseError_SsoMissingDependency , UserResponseError_SsoClientCertRequest ,
  UserResponseError_SsoAborted
}
 
enum  ClientType { ClientType_GUI , ClientType_GUI_SBL , ClientType_CLI , ClientType_MGMT }
 

Detailed Description

This file contains some basic compiler definitions as well as common enums.

Macro Definition Documentation

◆ tstring

#define tstring   std::wstring

std::wstring my wstring description

Enumeration Type Documentation

◆ CertAuthMode

enum CertAuthMode
Enumerator
CertAuth_Automatic 

Will try each available certificate in succession until authentication is obtained or we run out of available certificates

CertAuth_Disabled 

Will disable Certificate Based Authentication

CertAuth_Manual 

Will only use preconfigured certificate to attempt Certificate Based Authentication

632{
633 CertAuth_Automatic, /**< Will try each available certificate in succession
634 until authentication is obtained or we run out of
635 available certificates */
636 CertAuth_Disabled, /**< Will disable Certificate Based Authentication */
637 CertAuth_Manual /**< Will only use preconfigured certificate to attempt
638 Certificate Based Authentication */
639};
CertAuth_Automatic
@ CertAuth_Automatic
Definition api.h:633
CertAuth_Manual
@ CertAuth_Manual
Definition api.h:637
CertAuth_Disabled
@ CertAuth_Disabled
Definition api.h:636

◆ CertConfirmReason

enum CertConfirmReason
649{
650 CertConfirmReason_Unspecified,
651 CertConfirmReason_NameMismatch,
652 CertConfirmReason_Expired,
653 CertConfirmReason_NotValidYet,
654 CertConfirmReason_UntrustedSource,
655 CertConfirmReason_InvalidUse,
656 CertConfirmReason_Revoked,
657 CertConfirmReason_Malformed,
658 CertConfirmReason_NotFipsCompliant,
659 CertConfirmReason_InvalidateDate,
660 CertConfirmReason_SignatureAlgorithm,
661 CertConfirmReason_KeySize
662};

◆ CertificateType

enum CertificateType
642{
643 CertificateType_Client,
644 CertificateType_SystemTrusted,
645 CertificateType_Server
646};

◆ ClientType

enum ClientType
681{
682 ClientType_GUI,
683 ClientType_GUI_SBL,
684 ClientType_CLI,
685 ClientType_MGMT
686};

◆ ConnectPromptType

enum ConnectPromptType

provides an indication of the type of credential data being requested.

Enumerator
CERTIFICATE 

Indicates a certificate-only type of connection and would not normally be sent to client unless a post-authentication banner is to be displayed.

CREDENTIALS 

Indicates that the user is to be prompted for authentication credentials

PROXY 

Indicates that the user is to be prompted for proxy-authentication credentials

MANUAL_PKCS12_IMPORT 

Indicates that the user is to be prompted for passwords related to PKCS12 import

STATUS 

Indicates that status messages are to be displayed to the user

SINGLESIGNON 

Indicates an embedded browser based single sign-on authentication method is requested.

SINGLELOGOUT 

Indicates an embedded browser based single sign-on authentication logout is requested.

LEGACY_SINGLESIGNON 

(deprecated) Indicates a browser based single sign-on authentication method is requested.

234{
235 CERTIFICATE, /**< Indicates a certificate-only type of connection and
236 would not normally be sent to client unless a
237 post-authentication banner is to be displayed. */
238 CREDENTIALS, /**< Indicates that the user is to be prompted for authentication
239 credentials */
240 PROXY, /**< Indicates that the user is to be prompted for
241 proxy-authentication credentials */
242 MANUAL_PKCS12_IMPORT, /**< Indicates that the user is to be prompted for passwords related
243 to PKCS12 import*/
244 STATUS, /**< Indicates that status messages are to be displayed to
245 the user*/
246 SINGLESIGNON, /**< Indicates an embedded browser based single sign-on authentication method is requested. */
247 SINGLELOGOUT, /**< Indicates an embedded browser based single sign-on authentication logout is requested. */
248 LEGACY_SINGLESIGNON, /**< (deprecated) Indicates a browser based single sign-on authentication method is requested. */
249};
SINGLESIGNON
@ SINGLESIGNON
Definition api.h:246
MANUAL_PKCS12_IMPORT
@ MANUAL_PKCS12_IMPORT
Definition api.h:242
CREDENTIALS
@ CREDENTIALS
Definition api.h:238
CERTIFICATE
@ CERTIFICATE
Definition api.h:235
STATUS
@ STATUS
Definition api.h:244
SINGLELOGOUT
@ SINGLELOGOUT
Definition api.h:247
PROXY
@ PROXY
Definition api.h:240
LEGACY_SINGLESIGNON
@ LEGACY_SINGLESIGNON
Definition api.h:248

◆ MessageType

enum MessageType

MessageType presents a level of severity associated with messages that are sent to the API. The severity can be useful for deciding how a message is to be shown. A UI might decide based on type to show a message as a modal dialog versus a message written to the status area for an existing UI.

Enumerator
MsgType_Error 

Issue usually requiring user to acknowledge

MsgType_Alert 

Warning message that must be shown to user.

MsgType_Warn 

Less severe, not required to be shown to user

MsgType_Info 

General message providing status, progress, etc.

MsgType_Status 

Can be used to indicate unexpected tunnel status change.

MsgType_UrlError 

Error message that provides additional information by opening browser.

MsgType_Announcement 

Informational message that must be shown to the user. Announcements are currently only supported on desktop platforms.

MsgType_Ephemeral_Alert 

Warning message that must be shown to the user, but is closed by the occurrence of an error, announcement, or alert message. Ephemeral Alerts are currently only supported on desktop platforms

109{
110 MsgType_Error, /**< Issue usually requiring user to acknowledge */
111 MsgType_Alert, /**< Warning message that must be shown to user. */
112 MsgType_Warn, /**< Less severe, not required to be shown to user */
113 MsgType_Info, /**< General message providing status, progress, etc. */
114 MsgType_Status, /**< Can be used to indicate unexpected tunnel status change. */
115 MsgType_UrlError, /**< Error message that provides additional information by opening browser. */
116 MsgType_Announcement,/**< Informational message that must be shown to the user.
117 Announcements are currently only supported on desktop platforms. */
118 MsgType_Ephemeral_Alert,/**< Warning message that must be shown to the user, but is closed by
119 the occurrence of an error, announcement, or alert message.
120 Ephemeral Alerts are currently only supported on desktop platforms */
121};
MsgType_Error
@ MsgType_Error
Definition api.h:110
MsgType_Announcement
@ MsgType_Announcement
Definition api.h:116
MsgType_Info
@ MsgType_Info
Definition api.h:113
MsgType_UrlError
@ MsgType_UrlError
Definition api.h:115
MsgType_Alert
@ MsgType_Alert
Definition api.h:111
MsgType_Status
@ MsgType_Status
Definition api.h:114
MsgType_Warn
@ MsgType_Warn
Definition api.h:112
MsgType_Ephemeral_Alert
@ MsgType_Ephemeral_Alert
Definition api.h:118

◆ OperatingMode

enum OperatingMode

Indicates the client mode of operation. Unlike tunneling mode or other mutually exclusive modes, client operating modes are independent settings, several of which can be turned on simultaneously.

Enumerator
FIPS 

Indicates that the client is running in FIPS mode.

StartBeforeLogon 

Indicates that the client is running in Start Before Login mode.

GUI 

Indicates that the client is a GUI client.

TrustedNetworkDetection 

Indicates that a Trusted Network Detection policy is enabled for the client.

AlwaysOnVpn 

Indicates that the Always On policy is enabled for the client.

NetworkIssue 

For user notifications only. Indication by API to the UI that there is a network condition.

Quarantined 

Indicates that the VPN session is being Quarantined by the secure gateway.

AutomaticHeadendSelection 

Indicates that Automatic Headend is enabled.

DisconnectAllowed 

Indicates that the user is allowed to disconnect the VPN based on policy.

VPNDisabled 

Indicates that the VPN service is to be marked as disabled.

SCEPMode 

Indicates that the client is performing a SCEP cert enrollment.

OnTrustedNetwork 

Indicates that at last check, the client detected that it was on a trusted network.

ManualHostInputAllowed 

Indicates that the user is allowed to add a new host by typing its name in the VPN edit box.

ErrorSuppressed 

Indicates a connection error has been returned fronm the agent, but was suppressed to warning to prevent popup dialog in the UI.

StrictMode 

Indicates that the client is running in strict certificate trust mode.

CLI 

Indicates that the client is a CLI client.

Management 

Indicates that the client is strictly used for initiating a management tunnel.

537{
538 FIPS = (1 << 0), /**< Indicates that the client is
539 running in FIPS mode. */
540 StartBeforeLogon = (1 << 1), /**< Indicates that the client is
541 running in Start Before Login
542 mode. */
543 GUI = (1 << 2), /**< Indicates that the client is
544 a GUI client. */
545 TrustedNetworkDetection = (1 << 3), /**< Indicates that a Trusted Network
546 Detection policy is enabled for
547 the client. */
548 AlwaysOnVpn = (1 << 4), /**< Indicates that the Always On
549 policy is enabled for the client. */
550 NetworkIssue = (1 << 5), /**< For user notifications only.
551 Indication by API to the UI that
552 there is a network condition. */
553 Quarantined = (1 << 6), /**< Indicates that the VPN session is being
554 Quarantined by the secure gateway. */
555 AutomaticHeadendSelection= (1 << 7), /**< Indicates that Automatic Headend
556 is enabled. */
557 DisconnectAllowed = (1 << 8), /**< Indicates that the user is allowed
558 to disconnect the VPN based on
559 policy. */
560 VPNDisabled = (1 << 9), /**< Indicates that the VPN service is
561 to be marked as disabled. */
562 SCEPMode = (1 << 10), /**< Indicates that the client is
563 performing a SCEP cert enrollment. */
564 OnTrustedNetwork = (1 << 11), /**< Indicates that at last check, the
565 client detected that it was on
566 a trusted network. */
567 ManualHostInputAllowed = (1 << 12), /**< Indicates that the user is allowed
568 to add a new host by typing its name
569 in the VPN edit box. */
570 ErrorSuppressed = (1 << 13), /**< Indicates a connection error has
571 been returned fronm the agent, but
572 was suppressed to warning to
573 prevent popup dialog in the UI. */
574 StrictMode = (1 << 14), /**< Indicates that the client is
575 running in strict certificate trust mode. */
576 CLI = (1 << 15), /**< Indicates that the client is
577 a CLI client. */
578 Management = (1 << 16) /**< Indicates that the client is strictly
579 used for initiating a management tunnel. */
580};
CLI
@ CLI
Definition api.h:576
VPNDisabled
@ VPNDisabled
Definition api.h:560
FIPS
@ FIPS
Definition api.h:538
NetworkIssue
@ NetworkIssue
Definition api.h:550
DisconnectAllowed
@ DisconnectAllowed
Definition api.h:557
GUI
@ GUI
Definition api.h:543
ErrorSuppressed
@ ErrorSuppressed
Definition api.h:570
ManualHostInputAllowed
@ ManualHostInputAllowed
Definition api.h:567
AlwaysOnVpn
@ AlwaysOnVpn
Definition api.h:548
AutomaticHeadendSelection
@ AutomaticHeadendSelection
Definition api.h:555
StrictMode
@ StrictMode
Definition api.h:574
TrustedNetworkDetection
@ TrustedNetworkDetection
Definition api.h:545
Management
@ Management
Definition api.h:578
Quarantined
@ Quarantined
Definition api.h:553
OnTrustedNetwork
@ OnTrustedNetwork
Definition api.h:564
StartBeforeLogon
@ StartBeforeLogon
Definition api.h:540
SCEPMode
@ SCEPMode
Definition api.h:562

◆ PreferenceId

enum PreferenceId
Enumerator
ServiceDisable 

This preference disable the VPN service.
If more than one profile exists and any one profile has VPN enabled, then it will be enabled. False is the default.

CertificateStoreOverride 

This preference will trigger an alternate authentication sequence in the API. The preference is only settable by an administrator.

CertificateStore 

This preference indicates which Windows certificate store AnyConnect should look in for client certificates. The options are All, Machine and User with a default of All. The preference is only settable by an administrator.

CertificateStoreMac 

This preference indicates which macOS keychain AnyConnect should look in for client certificates. The options are All, System and Login with a default of All. The preference is only settable by an administrator.

CertificateStoreLinux 

This preference indicates which Linux certificate store AnyConnect should look in for client certificates. The options are All, Machine and User with a default of All. The preference is only settable by an administrator.

ShowPreConnectMessage 

The ShowPreConnectMessage preference gives the administrator the ability to display an AnyConnect startup banner message. The message will appear only once per AnyConnect program start. The
preference is only settable by an administrator.

AutoConnectOnStart 

This preference allows the user to select whether to establish a connection automatically on startup or not.

MinimizeOnConnect 

This preference allows the user to select if the GUI should minimize when the connection is established

LocalLanAccess 

This preference will provide a mechanism where the user can disable access to their Local LAN.

DisableCaptivePortalDetection 

This preference will provide a mechanism where the user can disable captive portal detection.

AutoReconnect 

First control of the reconnect behavior. If the client becomes disconnected for any reason, a reconnect attempt is made.

AutoReconnectBehavior 

Second control of the reconnect behavior. When coming out of suspend/hibernate/standby mode. Options are disconnect on suspend and reconnect after suspend.

SuspendOnConnectedStandby 

This setting allows to control whether the VPN tunnel is suspended when the system enters the Connected Standby mode. It applies only to Windows 8 and above.

UseStartBeforeLogon 

This preference allows an administrator to control the use of the Start Before Logon feature. The preference can be set to true (on) or false (off).

AutoUpdate 

Once the Downloader has loaded the profile, it can check the AutoUpdate preference to see if updates are either disabled or enabled

RSASecurIDIntegration 

This preference will enable the administrator and possibly end user to select the preferred method of managing their SDI PIN and PASSCODE interactions. Options are Automatic (default), SoftwareTokens and HardwareTokens.

WindowsLogonEnforcement 

This preference allows an administrator to control if more than one user may be logged into the client PC during the VPN connection (Windows only).

WindowsVPNEstablishment 

This preference allows an administrator to control whether or not remote users may initiate a VPN connection (Windows only).

LinuxLogonEnforcement 

This preference allows an administrator to control if more than one user may be logged into the client PC during the VPN connection (Linux only).

LinuxVPNEstablishment 

This preference allows an administrator to control whether or not remote users may initiate a VPN connection (Linux only).

ProxySettings 

This preference allows an administrator to control how user's proxy setups are handled.

AllowLocalProxyConnections 

This preference allows the administrator to control whether to allow establishing a connection through a local proxy.

PPPExclusion 

This preference allows an administrator to control the policy used to exclude routes to PPP servers when connecting over L2TP or PPTP. Options are Automatic (default), Disable, and Override.

PPPExclusionServerIP 

When PPPExclusion is set to Manual, the value of this preference allows an end user to specify the address of a PPP server that should be excluded from tunnel traffic.

AutomaticVPNPolicy 

This preference allows an administrator to define a policy to automatically manage when a VPN connection should be started or stopped.

TrustedNetworkPolicy 

This preference allows an administrator to define a policy for users in trusted networks. The options are: Disconnect or DoNothing.

UntrustedNetworkPolicy 

This preference allows an administrator to define a policy for users in untrusted networks. The options are: Connect or DoNothing.

BypassConnectUponSessionTimeout 

This preference allows an administrator the ability to instruct the client to bypass the automatic connection retry after a VPN session timeout.

TrustedDNSDomains 

This preference defines a list of comma separated DNS suffixes that a network interface in a trusted network might have.

TrustedDNSServers 

This preference defines a list of comma separated DNS servers that a network interface in a trusted network might have.

TrustedHttpsServerList 

This preference defines a list of comma separated https servers reachable only via a trusted network.

DisableUntrustedInterfaces 

This preference disables interface without trusted server connectivity while in trusted network when there are multiple network interfaces.

AlwaysOn 

This preference governs VPN reestablishment after interruptions

ConnectFailurePolicy 

This preference gives the network administrator the ability to dictate the network access allowed by the client endpoint device following a VPN connection establishment failure. It is a component of Always On

AllowCaptivePortalRemediation 

This preference gives the network administrator the ability to dictate the network access allowed by the client endpoint device following a VPN connection establishment failure it is a component of Always On

CaptivePortalRemediationTimeout 

This preference allows the network administrator the ability to impose a time limit for captive portal remediation when the ConnectFailurePolicy value is Closed It is a component of Always On

ApplyLastVPNLocalResourceRules 

This preference gives the network administrator the ability to allow split routes and firewall rules to be applied following a VPN connection establishment failure when the ConnectFailurePolicy value is Closed It is a component of Always On

AllowVPNDisconnect 

During Always On, this specifies that the user is allowed to disconnect the VPN session.

SuppressConnectionRetries 

During Always On, this preference gives the network administrator the ability to suppress the VPN connection retry attempts

AllowedHosts 

During Always On, user has access to the specified hosts when VPN is disconnected.

EnableScripting 

This preference allows an administrator to enable scripting (on connect or on disconnect).

TerminateScriptOnNextEvent 

This preference dictates whether or not AnyConnect will terminate a running script process if a transition to another scriptable event occurs.

EnablePostSBLOnConnectScript 

This preference is used to control whether or not the OnConnect script will be launched from the desktop GUI when a tunnel has been established via SBL.

AutomaticCertSelection 

This preference dictates whether or not to disable the default automatic certificate selection for user certificates. If disabled, a certificate selection dialog is displayed. This only applies if the GUI is enabled and not SBL. This only applies to Windows (not WinMobile).

RetainVpnOnLogoff 

First control of the logoff behavior. This preference allows an administrator to control if the VPN is terminated or retained after user logs off.

UserEnforcement 

Second control of the logoff behavior. When the VPN connection has been retained after user logged off. Controls what user can log in and keep the VPN connection. Options are same user only and any user.

DeviceLockRequired 

This preference indicates whether or not a Windows Mobile device must be configured with a password or PIN prior to establishing a VPN connection. This configuration is only valid on Windows Mobile devices that use the Microsoft Default Local Authentication Provider (LAP).

DeviceLockMaximumTimeoutMinutes 

When set to a non-negative number, this preference specifies the maximum number of minutes a device can be inactive before device lock takes into effect. (WM5/WM5AKU2+)

DeviceLockMinimumPasswordLength 

When set to a non-negative number, this preference specifies that any PIN/password used for device lock must be equal to or longer than the specified value, in characters. This setting must be pushed down to the mobile device by syncing with an Exchange server before it can be enforced. (WM5AKU2+)

DeviceLockPasswordComplexity 

This preference checks whether or not the password belongs to one of three subtypes: alpha, pin, strong

EnableAutomaticServerSelection 

Automatic server selection will automatically select the optimal secure gateway for the endpoint

AutoServerSelectionImprovement 

During a reconnection attempt after a system resume, this setting specifies the minimum estimated performance improvement required to justify transitioning a user to a new server This value represents percentage in 0..100

AutoServerSelectionSuspendTime 

During a reconnection attempt after a system resume, this specifies the minimum time a user must have been suspended in order to justify a new server selection calculation. Unit is hours

AuthenticationTimeout 

Time, in seconds, that the client waits for authentication to be completed.

SafeWordSofTokenIntegration 

This preference will enable the administrator and possibly the end user to enable SafeWord SofToken integration. Options are Enabled (true) and Disabled (false - default).

AllowIPsecOverSSL 

if 'true' then tunneling of IPSEC over SSL is made possible with help from the ASA.

ClearSmartcardPin 

This preference controls whether the smartcard pin will be cleared on a successful connection

IPProtocolSupport 

This preference controls which protocol(s) will be allowed for the connection

CaptivePortalRemediationBrowserFailover 

This preference is applicable to enhanced captive portal remediation and specifies whether the user is allowed to opt for an external browser for remediation, as opposed to the AnyConnect browser.

AllowManualHostInput 

This preference specifies whether the user is allowed to type a new hostname in the VPN edit box.

BlockUntrustedServers 

This preference specifies whether the user wants to allow for connections to secure gateways with certificate errors.

PublicProxyServerAddress 

This preference specifies the public proxy server address to be used. This number is in the format ServerAddr:ServerPort (ex. 101.89.85.444:8080) or just the FQDN.

CertificatePinning 

This preference specifies whether Certificate Pinning check should be performed during server certificate verification.

284{
285 ServiceDisable, /**< This preference disable the VPN service.
286 If more than one profile exists and any one
287 profile has VPN enabled, then it will be
288 enabled. False is the default. */
289 CertificateStoreOverride,/**< This preference will trigger an alternate
290 authentication sequence in the API. The
291 preference is only settable by an
292 administrator. */
293 CertificateStore, /**< This preference indicates which Windows certificate
294 store AnyConnect should look in for client certificates.
295 The options are All, Machine and User with a default of All.
296 The preference is only settable by an administrator. */
297 CertificateStoreMac, /**< This preference indicates which macOS keychain
298 AnyConnect should look in for client certificates.
299 The options are All, System and Login with a default of All.
300 The preference is only settable by an administrator. */
301 CertificateStoreLinux, /**< This preference indicates which Linux certificate
302 store AnyConnect should look in for client certificates.
303 The options are All, Machine and User with a default of All.
304 The preference is only settable by an administrator. */
305 ShowPreConnectMessage, /**< The ShowPreConnectMessage preference gives the
306 administrator the ability to display an AnyConnect
307 startup banner message. The message will appear
308 only once per AnyConnect program start. The
309 preference is only settable by an
310 administrator. */
311 AutoConnectOnStart, /**< This preference allows the user to select
312 whether to establish a connection automatically
313 on startup or not. */
314 MinimizeOnConnect, /**< This preference allows the user to select if
315 the GUI should minimize when the connection is
316 established */
317 LocalLanAccess, /**< This preference will provide a mechanism where
318 the user can disable access to their Local LAN. */
319 DisableCaptivePortalDetection, /**<This preference will provide a mechanism where
320 the user can disable captive portal detection.*/
321 AutoReconnect, /**< First control of the reconnect behavior. If the
322 client becomes disconnected for any reason, a
323 reconnect attempt is made. */
324 AutoReconnectBehavior, /**< Second control of the reconnect behavior. When
325 coming out of suspend/hibernate/standby mode.
326 Options are disconnect on suspend and reconnect
327 after suspend. */
328 SuspendOnConnectedStandby, /**< This setting allows to control whether the VPN tunnel
329 is suspended when the system enters the Connected Standby
330 mode. It applies only to Windows 8 and above. */
331 UseStartBeforeLogon, /**< This preference allows an administrator to
332 control the use of the Start Before Logon
333 feature. The preference can be set to true (on)
334 or false (off). */
335 AutoUpdate, /**< Once the Downloader has loaded the profile, it
336 can check the AutoUpdate preference to see if
337 updates are either disabled or enabled */
338 RSASecurIDIntegration, /**< This preference will enable the administrator
339 and possibly end user to select the preferred
340 method of managing their SDI PIN and PASSCODE
341 interactions. Options are Automatic (default),
342 SoftwareTokens and HardwareTokens. */
343 WindowsLogonEnforcement,/**< This preference allows an administrator to
344 control if more than one user may be logged into
345 the client PC during the VPN connection (Windows
346 only). */
347 WindowsVPNEstablishment,/**< This preference allows an administrator to
348 control whether or not remote users may initiate
349 a VPN connection (Windows only). */
350 LinuxLogonEnforcement, /**< This preference allows an administrator to
351 control if more than one user may be logged into
352 the client PC during the VPN connection (Linux
353 only). */
354 LinuxVPNEstablishment, /**< This preference allows an administrator to
355 control whether or not remote users may initiate
356 a VPN connection (Linux only). */
357 ProxySettings, /**< This preference allows an administrator to
358 control how user's proxy setups are handled.*/
359 AllowLocalProxyConnections, /**< This preference allows the administrator to control
360 whether to allow establishing a connection through
361 a local proxy. */
362 PPPExclusion, /**< This preference allows an administrator to control
363 the policy used to exclude routes to
364 PPP servers when connecting over L2TP or PPTP.
365 Options are Automatic (default), Disable,
366 and Override. */
367 PPPExclusionServerIP, /**< When PPPExclusion is set to Manual,
368 the value of this preference allows an
369 end user to specify the address of a
370 PPP server that should be excluded
371 from tunnel traffic. */
372 AutomaticVPNPolicy, /**< This preference allows an administrator to
373 define a policy to automatically manage when a
374 VPN connection should be started or stopped. */
375 TrustedNetworkPolicy, /**< This preference allows an administrator to
376 define a policy for users in trusted networks.
377 The options are: Disconnect or DoNothing. */
378 UntrustedNetworkPolicy, /**< This preference allows an administrator to
379 define a policy for users in untrusted networks.
380 The options are: Connect or DoNothing. */
381 BypassConnectUponSessionTimeout, /**< This preference allows an administrator
382 the ability to instruct the client to bypass the
383 automatic connection retry after a VPN session timeout. */
384 TrustedDNSDomains, /**< This preference defines a list of comma
385 separated DNS suffixes that a network interface
386 in a trusted network might have. */
387 TrustedDNSServers, /**< This preference defines a list of comma
388 separated DNS servers that a network interface
389 in a trusted network might have. */
390 TrustedHttpsServerList, /**< This preference defines a list of comma separated
391 https servers reachable only via a trusted network.*/
392 DisableUntrustedInterfaces, /**< This preference disables interface without trusted
393 server connectivity while in trusted network
394 when there are multiple network interfaces. */
395 AlwaysOn, /**< This preference governs VPN reestablishment after
396 interruptions */
397 ConnectFailurePolicy, /**< This preference gives the network administrator
398 the ability to dictate the network access allowed
399 by the client endpoint device following a VPN
400 connection establishment failure. It is a component
401 of Always On */
402 AllowCaptivePortalRemediation, /**< This preference gives the network administrator
403 the ability to dictate the network access
404 allowed by the client endpoint device following
405 a VPN connection establishment failure it is a
406 component of Always On */
407 CaptivePortalRemediationTimeout, /**< This preference allows the network administrator
408 the ability to impose a time limit for captive portal
409 remediation when the ConnectFailurePolicy value is Closed
410 It is a component of Always On */
411 ApplyLastVPNLocalResourceRules, /**< This preference gives the network administrator
412 the ability to allow split routes and firewall rules
413 to be applied following a VPN connection establishment
414 failure when the ConnectFailurePolicy value is Closed
415 It is a component of Always On */
416 AllowVPNDisconnect, /**< During Always On, this specifies that the user is allowed to
417 disconnect the VPN session. */
418 SuppressConnectionRetries, /**< During Always On, this preference gives the network administrator
419 the ability to suppress the VPN connection retry attempts */
420 AllowedHosts, /**< During Always On, user has access to the specified hosts
421 when VPN is disconnected. */
422 EnableScripting, /**< This preference allows an administrator to
423 enable scripting (on connect or on
424 disconnect). */
425 TerminateScriptOnNextEvent, /**< This preference dictates whether or not
426 AnyConnect will terminate a running script
427 process if a transition to another
428 scriptable event occurs. */
429 EnablePostSBLOnConnectScript, /**< This preference is used to control whether
430 or not the OnConnect script will be launched
431 from the desktop GUI when a tunnel has been
432 established via SBL. */
433 AutomaticCertSelection, /**< This preference dictates whether or not to disable
434 the default automatic certificate selection for user
435 certificates. If disabled, a certificate selection dialog is
436 displayed. This only applies if the GUI is enabled
437 and not SBL. This only applies to Windows (not WinMobile). */
438 RetainVpnOnLogoff, /**< First control of the logoff behavior. This preference allows
439 an administrator to control if the VPN is terminated or retained
440 after user logs off.*/
441 UserEnforcement, /**< Second control of the logoff behavior. When the VPN connection has
442 been retained after user logged off. Controls what user can log in
443 and keep the VPN connection. Options are same user only and any user. */
444 DeviceLockRequired, /**< This preference indicates whether or not
445 a Windows Mobile device must be configured
446 with a password or PIN prior to establishing
447 a VPN connection. This configuration is
448 only valid on Windows Mobile devices that
449 use the Microsoft Default Local
450 Authentication Provider (LAP). */
451 DeviceLockMaximumTimeoutMinutes, /**< When set to a non-negative number,
452 this preference specifies the maximum
453 number of minutes a device can be
454 inactive before device lock takes
455 into effect. (WM5/WM5AKU2+) */
456 DeviceLockMinimumPasswordLength, /**< When set to a non-negative number,
457 this preference specifies that any
458 PIN/password used for device lock
459 must be equal to or longer than
460 the specified value, in characters.
461 This setting must be pushed down to
462 the mobile device by syncing with
463 an Exchange server before it can be
464 enforced. (WM5AKU2+) */
465 DeviceLockPasswordComplexity, /**< This preference checks whether or
466 not the password belongs to one of
467 three subtypes: alpha, pin, strong */
468 EnableAutomaticServerSelection, /**< Automatic server selection will
469 automatically select the optimal
470 secure gateway for the endpoint */
471 AutoServerSelectionImprovement, /**< During a reconnection attempt after
472 a system resume, this setting
473 specifies the minimum estimated
474 performance improvement required to
475 justify transitioning a user to a new server
476 This value represents percentage in 0..100 */
477 AutoServerSelectionSuspendTime, /**< During a reconnection attempt after
478 a system resume, this specifies the
479 minimum time a user must have been
480 suspended in order to justify a new
481 server selection calculation. Unit is hours */
482 AuthenticationTimeout, /**< Time, in seconds, that the client waits
483 for authentication to be completed.*/
484 SafeWordSofTokenIntegration, /**< This preference will enable the administrator and possibly
485 the end user to enable SafeWord SofToken integration.
486 Options are Enabled (true) and Disabled (false - default). */
487 AllowIPsecOverSSL, /**< if 'true' then tunneling of IPSEC over SSL
488 is made possible with help from the ASA.
489 */
490 ClearSmartcardPin, /**< This preference controls whether the smartcard pin
491 will be cleared on a successful connection*/
492 IPProtocolSupport, /**< This preference controls which protocol(s) will be
493 allowed for the connection*/
494 CaptivePortalRemediationBrowserFailover, /**< This preference is applicable to enhanced captive portal
495 remediation and specifies whether the user is allowed to
496 opt for an external browser for remediation, as opposed to
497 the AnyConnect browser. */
498 AllowManualHostInput, /**< This preference specifies whether the user
499 is allowed to type a new hostname in the VPN
500 edit box. */
501 BlockUntrustedServers, /**< This preference specifies whether the user wants
502 to allow for connections to secure gateways with
503 certificate errors. */
504 PublicProxyServerAddress, /**< This preference specifies the public proxy server
505 address to be used. This number is in the format
506 ServerAddr:ServerPort (ex. 101.89.85.444:8080)
507 or just the FQDN. */
508 CertificatePinning, /**< This preference specifies whether Certificate Pinning
509 check should be performed during server certificate
510 verification. */
511 UnknownPreference
512};
TrustedDNSServers
@ TrustedDNSServers
Definition api.h:387
AutoReconnectBehavior
@ AutoReconnectBehavior
Definition api.h:324
AllowedHosts
@ AllowedHosts
Definition api.h:420
CaptivePortalRemediationTimeout
@ CaptivePortalRemediationTimeout
Definition api.h:407
WindowsLogonEnforcement
@ WindowsLogonEnforcement
Definition api.h:343
AllowCaptivePortalRemediation
@ AllowCaptivePortalRemediation
Definition api.h:402
PPPExclusionServerIP
@ PPPExclusionServerIP
Definition api.h:367
CaptivePortalRemediationBrowserFailover
@ CaptivePortalRemediationBrowserFailover
Definition api.h:494
AutoServerSelectionImprovement
@ AutoServerSelectionImprovement
Definition api.h:471
SuppressConnectionRetries
@ SuppressConnectionRetries
Definition api.h:418
AlwaysOn
@ AlwaysOn
Definition api.h:395
AutoUpdate
@ AutoUpdate
Definition api.h:335
DisableUntrustedInterfaces
@ DisableUntrustedInterfaces
Definition api.h:392
AutoReconnect
@ AutoReconnect
Definition api.h:321
AllowManualHostInput
@ AllowManualHostInput
Definition api.h:498
ConnectFailurePolicy
@ ConnectFailurePolicy
Definition api.h:397
TrustedHttpsServerList
@ TrustedHttpsServerList
Definition api.h:390
UseStartBeforeLogon
@ UseStartBeforeLogon
Definition api.h:331
DisableCaptivePortalDetection
@ DisableCaptivePortalDetection
Definition api.h:319
CertificateStoreOverride
@ CertificateStoreOverride
Definition api.h:289
TrustedDNSDomains
@ TrustedDNSDomains
Definition api.h:384
ProxySettings
@ ProxySettings
Definition api.h:357
PPPExclusion
@ PPPExclusion
Definition api.h:362
ShowPreConnectMessage
@ ShowPreConnectMessage
Definition api.h:305
DeviceLockRequired
@ DeviceLockRequired
Definition api.h:444
PublicProxyServerAddress
@ PublicProxyServerAddress
Definition api.h:504
ApplyLastVPNLocalResourceRules
@ ApplyLastVPNLocalResourceRules
Definition api.h:411
CertificateStore
@ CertificateStore
Definition api.h:293
UserEnforcement
@ UserEnforcement
Definition api.h:441
WindowsVPNEstablishment
@ WindowsVPNEstablishment
Definition api.h:347
SuspendOnConnectedStandby
@ SuspendOnConnectedStandby
Definition api.h:328
DeviceLockMaximumTimeoutMinutes
@ DeviceLockMaximumTimeoutMinutes
Definition api.h:451
AutoConnectOnStart
@ AutoConnectOnStart
Definition api.h:311
LinuxLogonEnforcement
@ LinuxLogonEnforcement
Definition api.h:350
LinuxVPNEstablishment
@ LinuxVPNEstablishment
Definition api.h:354
AutomaticCertSelection
@ AutomaticCertSelection
Definition api.h:433
AllowIPsecOverSSL
@ AllowIPsecOverSSL
Definition api.h:487
TerminateScriptOnNextEvent
@ TerminateScriptOnNextEvent
Definition api.h:425
AuthenticationTimeout
@ AuthenticationTimeout
Definition api.h:482
AutomaticVPNPolicy
@ AutomaticVPNPolicy
Definition api.h:372
BypassConnectUponSessionTimeout
@ BypassConnectUponSessionTimeout
Definition api.h:381
EnableScripting
@ EnableScripting
Definition api.h:422
AutoServerSelectionSuspendTime
@ AutoServerSelectionSuspendTime
Definition api.h:477
RSASecurIDIntegration
@ RSASecurIDIntegration
Definition api.h:338
EnableAutomaticServerSelection
@ EnableAutomaticServerSelection
Definition api.h:468
IPProtocolSupport
@ IPProtocolSupport
Definition api.h:492
RetainVpnOnLogoff
@ RetainVpnOnLogoff
Definition api.h:438
LocalLanAccess
@ LocalLanAccess
Definition api.h:317
AllowVPNDisconnect
@ AllowVPNDisconnect
Definition api.h:416
ServiceDisable
@ ServiceDisable
Definition api.h:285
EnablePostSBLOnConnectScript
@ EnablePostSBLOnConnectScript
Definition api.h:429
CertificatePinning
@ CertificatePinning
Definition api.h:508
UntrustedNetworkPolicy
@ UntrustedNetworkPolicy
Definition api.h:378
DeviceLockMinimumPasswordLength
@ DeviceLockMinimumPasswordLength
Definition api.h:456
BlockUntrustedServers
@ BlockUntrustedServers
Definition api.h:501
MinimizeOnConnect
@ MinimizeOnConnect
Definition api.h:314
CertificateStoreLinux
@ CertificateStoreLinux
Definition api.h:301
AllowLocalProxyConnections
@ AllowLocalProxyConnections
Definition api.h:359
CertificateStoreMac
@ CertificateStoreMac
Definition api.h:297
DeviceLockPasswordComplexity
@ DeviceLockPasswordComplexity
Definition api.h:465
SafeWordSofTokenIntegration
@ SafeWordSofTokenIntegration
Definition api.h:484
TrustedNetworkPolicy
@ TrustedNetworkPolicy
Definition api.h:375
ClearSmartcardPin
@ ClearSmartcardPin
Definition api.h:490

◆ PreferenceScope

enum PreferenceScope

Indicates the scope of the preferences contained in a PreferenceInfo object

Enumerator
User 

Indicates that the preferences were set by a user

Global 

Indicates that the preferences are global

UserAndGlobal 

Indicates that we have both user and global preferences

522{
523 User, /**< Indicates that the preferences were set by a user */
524 Global, /**< Indicates that the preferences are global */
525 UserAndGlobal /**< Indicates that we have both user and global preferences */
526};
Global
@ Global
Definition api.h:524
UserAndGlobal
@ UserAndGlobal
Definition api.h:525
User
@ User
Definition api.h:523

◆ PromptType

enum PromptType

Indicates the prompt or credential type.

Enumerator
Prompt_Input 

label and value.

Prompt_Password 

label and value, indicates user response should be masked.

Prompt_Banner 

value (the banner) with no label set.

Prompt_Combo 

list with choices options.

Prompt_Header 

label intended as header and with value.

Prompt_Hidden 

hidden value, should be ignored and left unchanged in response.

Prompt_CheckBox 

label and value (contrained to true or false)

Prompt_SSO 

single sign-on authentication token prompt

258 { Prompt_Input, /**< label and value. */
259 Prompt_Password, /**< label and value, indicates user
260 response should be masked. */
261 Prompt_Banner, /**< value (the banner) with no label set. */
262 Prompt_Combo, /**< list with choices options. */
263 Prompt_Header, /**< label intended as header and with
264 value. */
265 Prompt_Hidden, /**< hidden value, should be ignored and
266 left unchanged in response. */
267 Prompt_CheckBox, /**< label and value (contrained to true or false) */
268 Prompt_SSO /**< single sign-on authentication token prompt */
269};
Prompt_Input
@ Prompt_Input
Definition api.h:258
Prompt_Hidden
@ Prompt_Hidden
Definition api.h:265
Prompt_CheckBox
@ Prompt_CheckBox
Definition api.h:267
Prompt_Header
@ Prompt_Header
Definition api.h:263
Prompt_SSO
@ Prompt_SSO
Definition api.h:268
Prompt_Combo
@ Prompt_Combo
Definition api.h:262
Prompt_Password
@ Prompt_Password
Definition api.h:259
Prompt_Banner
@ Prompt_Banner
Definition api.h:261

◆ SDITokenType

enum SDITokenType

Identifies the type of token that was used successfully when SDI Authentication is in use.

132{
133 SDITT_NONE,
134 SDITT_HARDWARE,
135 SDITT_SOFTWARE
136};

◆ UserResponseError

enum UserResponseError
665{
666 UserResponseError_None,
667 UserResponseError_Unspecified,
668 UserResponseError_BadServerCert,
669 UserResponseError_SsoNavigation,
670 UserResponseError_SsoGettingCookie,
671 UserResponseError_SsoTimeout,
672 UserResponseError_SsoMissingDependency,
673 UserResponseError_SsoClientCertRequest,
674 UserResponseError_SsoAborted,
675};

◆ VPNError

enum VPNError

Indicates the last error seen by the API in this connection attempt.

Enumerator
VPNSuccess 

No error has occurred.

VPNError_Generic_FatalError 

An error of unknown type has occured

VPNError_Connection_Error 

An unknown connection error has occured, such as bad hostname, bad group, etc.

VPNError_Connection_InvalidGroupURL 

Invalid Group URL specified in the server address

VPNError_Network_Error 

An unknown network error has occured, such as DNS resolution error, unable to open socket, routing error, captive portal, etc.

VPNError_Authentication_Error 

An unknown user authenication error has occured.

VPNError_Authentication_DAP_Terminate 

Access Denied: Your system does not meet policy requirements (DAP).

VPNError_ClientCertificate_UnknownError 

An unknown client certificate error has occured.

VPNError_ClientCertificate_Missing 

A client certificate is required but no client certificate has been found on the system.

VPNError_ClientCertificate_Expired 

The client certificate has expired

VPNError_ClientCertificate_NotYetValid 

The client certificate is not yet valid.

VPNError_ServerCertificate_UnknownError 

An unknown error has occured when validating the server certificate.

VPNError_ServerCertificate_Expired 

The server certificate has expired.

VPNError_ServerCertificate_NotYetValid 

The server certificate is not yet valid.

589{
590 VPNSuccess = 0, /**< No error has occurred. */
591 VPNError_Generic_FatalError = 1, /**< An error of unknown type has
592 occured */
593
594 VPNError_Connection_Error = 100, /**< An unknown connection error has
595 occured, such as bad hostname, bad
596 group, etc. */
597 VPNError_Connection_InvalidGroupURL, /**< Invalid Group URL specified in the
598 server address */
599
600 VPNError_Network_Error = 200, /**< An unknown network error has
601 occured, such as DNS resolution
602 error, unable to open socket,
603 routing error, captive portal,
604 etc. */
605
606 VPNError_Authentication_Error = 300, /**< An unknown user authenication
607 error has occured. */
608
609 VPNError_Authentication_DAP_Terminate, /**< Access Denied: Your system does
610 not meet policy requirements (DAP). */
611
612 VPNError_ClientCertificate_UnknownError = 400, /**< An unknown client
613 certificate error has
614 occured. */
615 VPNError_ClientCertificate_Missing, /**< A client certificate is required
616 but no client certificate has been
617 found on the system. */
618 VPNError_ClientCertificate_Expired, /**< The client certificate has expired */
619 VPNError_ClientCertificate_NotYetValid, /**< The client certificate is not
620 yet valid. */
621
622 VPNError_ServerCertificate_UnknownError = 500, /**< An unknown error has
623 occured when validating
624 the server certificate. */
625 VPNError_ServerCertificate_Expired, /**< The server certificate has
626 expired. */
627 VPNError_ServerCertificate_NotYetValid /**< The server certificate is not
628 yet valid. */
629};
VPNError_Connection_Error
@ VPNError_Connection_Error
Definition api.h:594
VPNError_ClientCertificate_Expired
@ VPNError_ClientCertificate_Expired
Definition api.h:618
VPNError_ClientCertificate_Missing
@ VPNError_ClientCertificate_Missing
Definition api.h:615
VPNError_ServerCertificate_NotYetValid
@ VPNError_ServerCertificate_NotYetValid
Definition api.h:627
VPNError_Generic_FatalError
@ VPNError_Generic_FatalError
Definition api.h:591
VPNError_ClientCertificate_UnknownError
@ VPNError_ClientCertificate_UnknownError
Definition api.h:612
VPNSuccess
@ VPNSuccess
Definition api.h:590
VPNError_ServerCertificate_UnknownError
@ VPNError_ServerCertificate_UnknownError
Definition api.h:622
VPNError_Authentication_Error
@ VPNError_Authentication_Error
Definition api.h:606
VPNError_Connection_InvalidGroupURL
@ VPNError_Connection_InvalidGroupURL
Definition api.h:597
VPNError_ServerCertificate_Expired
@ VPNError_ServerCertificate_Expired
Definition api.h:625
VPNError_ClientCertificate_NotYetValid
@ VPNError_ClientCertificate_NotYetValid
Definition api.h:619
VPNError_Network_Error
@ VPNError_Network_Error
Definition api.h:600
VPNError_Authentication_DAP_Terminate
@ VPNError_Authentication_DAP_Terminate
Definition api.h:609

◆ VPNState

enum VPNState

Provides the current state of the VPN tunnel.

Enumerator
CONNECTED 

VPN is active

DISCONNECTED 

VPN is inactive

CONNECTING 

VPN is being established

DISCONNECTING 

VPN is being terminated

RECONNECTING 

VPN is being re-connected. This state can occur due to network or other temporary problems. The state indicates that the VPN is temporarily unavailable and indicates the connection is being re-established.

PAUSING 

VPN is being paused.

PAUSED 

VPN is paused.

SSOPOLLING 

API is doing auth-poll, VPN is disconnected.

145{
146 CONNECTED = STATE_CONNECTED, /**< VPN is active */
147 DISCONNECTED = STATE_DISCONNECTED, /**< VPN is inactive */
148 CONNECTING = STATE_CONNECTING, /**< VPN is being established */
149 DISCONNECTING = STATE_DISCONNECTING, /**< VPN is being terminated */
150 RECONNECTING = STATE_RECONNECTING, /**< VPN is being re-connected. This state
151 can occur due to network or other
152 temporary problems. The state
153 indicates that the VPN is temporarily
154 unavailable and indicates the
155 connection is being re-established. */
156 PAUSING = STATE_PAUSING, /**< VPN is being paused. */
157 PAUSED = STATE_PAUSED, /**< VPN is paused. */
158 SSOPOLLING = STATE_SSOPOLLING, /**< API is doing auth-poll, VPN is disconnected. */
159 UNKNOWN = ~0
160};
CONNECTING
@ CONNECTING
Definition api.h:148
PAUSING
@ PAUSING
Definition api.h:156
RECONNECTING
@ RECONNECTING
Definition api.h:150
SSOPOLLING
@ SSOPOLLING
Definition api.h:158
CONNECTED
@ CONNECTED
Definition api.h:146
DISCONNECTING
@ DISCONNECTING
Definition api.h:149
DISCONNECTED
@ DISCONNECTED
Definition api.h:147
PAUSED
@ PAUSED
Definition api.h:157

◆ VPNSubState

enum VPNSubState

Provides the current sub-state of the VPN tunnel.

169{
170 VPNSS_NORMAL = VCSS_NORMAL,
171 VPNSS_INDEFINITE_DELAY = VCSS_INDEFINITE_DELAY,
172 VPNSS_SESSION_EXPIRING = VCSS_SESSION_EXPIRING,
173 VPNSS_MT_DISCONNECTED_DISABLED = VCSS_MT_DISCONNECTED_DISABLED,
174 VPNSS_MT_DISCONNECTED_TRUSTED_NW = VCSS_MT_DISCONNECTED_TRUSTED_NW,
175 VPNSS_MT_DISCONNECTED_USER_TUNNEL_ACTIVE= VCSS_MT_DISCONNECTED_USER_TUNNEL_ACTIVE,
176 VPNSS_MT_DISCONNECTED_LAUNCH_FAILED = VCSS_MT_DISCONNECTED_LAUNCH_FAILED,
177 VPNSS_MT_DISCONNECTED_CONNECT_FAILED = VCSS_MT_DISCONNECTED_CONNECT_FAILED,
178 VPNSS_MT_DISCONNECTED_BAD_VPN_CONFIG = VCSS_MT_DISCONNECTED_BAD_VPN_CONFIG,
179 VPNSS_MT_DISCONNECTED_SW_UP_PENDING = VCSS_MT_DISCONNECTED_SW_UP_PENDING,
180 VPNSS_MTU_ADJUSTMENT_PENDING = VCSS_MTU_ADJUSTMENT_PENDING
181};

◆ WMHint

enum WMHint

WMHint provides a hint for the GUI to either minimize or un-minimize.

Enumerator
MINIMIZE 

hint to minimize GUI

OPEN 

hint to un-minimize GUI

QUIT 

hint that GUI should close.

See also
WMHintReason
REFRESHHOSTNAMES 

hint to refresh the list of secure gateways

REFRESHPREFS 

hint to refresh the preferences

SHOWCONNECTING 

hint to display "connecting" status

CLOSECREDENTIALPOPUP 

hint to close the credentials popup

191{
192 MINIMIZE, /**< hint to minimize GUI */
193 OPEN, /**< hint to un-minimize GUI */
194 QUIT, /**< hint that GUI should close. @see WMHintReason */
195 REFRESHHOSTNAMES,/**< hint to refresh the list of secure gateways */
196 REFRESHPREFS, /**< hint to refresh the preferences */
197 SHOWCONNECTING, /**< hint to display "connecting" status */
198 CLOSECREDENTIALPOPUP, /**< hint to close the credentials popup */
199};
OPEN
@ OPEN
Definition api.h:193
REFRESHHOSTNAMES
@ REFRESHHOSTNAMES
Definition api.h:195
MINIMIZE
@ MINIMIZE
Definition api.h:192
REFRESHPREFS
@ REFRESHPREFS
Definition api.h:196
QUIT
@ QUIT
Definition api.h:194
SHOWCONNECTING
@ SHOWCONNECTING
Definition api.h:197
CLOSECREDENTIALPOPUP
@ CLOSECREDENTIALPOPUP
Definition api.h:198

◆ WMHintReason

enum WMHintReason

WMHintReason provides a reason indicator for the WMHint

Enumerator
SECONDGUISTART 

Indicates a second GUI has been launched. This indicator is used to suggest that the GUI already running be OPENed and that the first one should exit.

PROXYREQUEST 

Proxy credential request can be for web-launch or standalone-initiated connections.

SERVICEFAILURE 

This tag is used when the VPN service is no longer available.

DISCONNECT 

Any disconnect notices should be seen by the user.

SERVICESTOPPED 

This tag will be used in cases where the VPN service has been stopped.

CONNECT 

Tag indicating an action to be taken due to connect, for example a request to minimize the UI.

210{
211 SECONDGUISTART, /**< Indicates a second GUI has been launched. This
212 indicator is used to suggest that the GUI
213 already running be OPENed and that the first one
214 should exit. */
215 PROXYREQUEST, /**< Proxy credential request can be for web-launch or
216 standalone-initiated connections. */
217 SERVICEFAILURE, /**< This tag is used when the VPN service
218 is no longer available. */
219 DISCONNECT, /**< Any disconnect notices should be seen by the user. */
220 SERVICESTOPPED, /**< This tag will be used in cases where the VPN service
221 has been stopped. */
222 CONNECT, /**< Tag indicating an action to be taken due to connect,
223 for example a request to minimize the UI. */
224 REASONUNKNOWN /**< */
225};
CONNECT
@ CONNECT
Definition api.h:222
SERVICEFAILURE
@ SERVICEFAILURE
Definition api.h:217
DISCONNECT
@ DISCONNECT
Definition api.h:219
SECONDGUISTART
@ SECONDGUISTART
Definition api.h:211
SERVICESTOPPED
@ SERVICESTOPPED
Definition api.h:220
PROXYREQUEST
@ PROXYREQUEST
Definition api.h:215