Developer Documentation
ADC NITRO APIs
Current Release 13.1 13

vpnparameter

May 23, 2024
Contributed by: 
C

Configuration for VPN parameter resource.

Properties

(click to see Operations )

Name Data Type Permissions Description
httpport <Integer[]> Read-write Destination port numbers other than port 80, added as a comma-separated list. Traffic to these ports is processed as HTTP traffic, which allows functionality, such as HTTP authorization and single sign-on to a web application to work.

Minimum value = 1
winsip Read-write WINS server IP address to add to Citrix Gateway for name resolution.

Minimum length = 1
dnsvservername Read-write Name of the DNS virtual server for the user session.

Minimum length = 1
splitdns Read-write Route the DNS requests to the local DNS server configured on the user device, or Citrix Gateway (remote), or both.

Possible values = LOCAL, REMOTE, BOTH
icauseraccounting Read-write The name of the radiusPolicy to use for RADIUS user accounting info on the session.
sesstimeout Read-write Number of minutes after which the session times out.

Default value: 30

Minimum value = 1

Maximum value = 65535
clientsecurity Read-write Specify the client security check for the user device to permit a Citrix Gateway session. The web address or IP address is not included in the expression for the client security check.
clientsecuritygroup Read-write The client security group that will be assigned on failure of the client security check. Users can in general be organized into Groups. In this case, the Client Security Group may have a more restrictive security policy.

Minimum length = 1
clientsecuritymessage Read-write The client security message that will be displayed on failure of the client security check.

Minimum length = 1

Maximum length = 127
clientsecuritylog Read-write Specifies whether or not to display all failed Client Security scans to the end user.

Default value: OFF

Possible values = ON, OFF
smartgroup Read-write This is the default group that is chosen when the authentication succeeds in addition to extracted groups.

Minimum length = 1

Maximum length = 64
splittunnel Read-write Send, through the tunnel, traffic only for intranet applications that are defined in Citrix Gateway. Route all other traffic directly to the Internet. The OFF setting routes all traffic through Citrix Gateway. With the REVERSE setting, intranet applications define the network traffic that is not intercepted. All network traffic directed to internal IP addresses bypasses the VPN tunnel, while other traffic goes through Citrix Gateway. Reverse split tunneling can be used to log all non-local LAN traffic. For example, if users have a home network and are logged on through the Citrix Gateway Plug-in, network traffic destined to a printer or another device within the home network is not intercepted.

Default value: OFF

Possible values = ON, OFF, REVERSE
locallanaccess Read-write Set local LAN access. If split tunneling is OFF, and you set local LAN access to ON, the local client can route traffic to its local interface. When the local area network switch is specified, this combination of switches is useful. The client can allow local LAN access to devices that commonly have non-routable addresses, such as local printers or local file servers.

Default value: OFF

Possible values = ON, OFF, FORCED
rfc1918 Read-write As defined in the local area network, allow only the following local area network addresses to bypass the VPN tunnel when the local LAN access feature is enabled
  • 10...*,
  • 172.16..,
  • 192.168... Default value: OFF Possible values = ON, OFF
    		•
    spoofiip Read-write Indicate whether or not the application requires IP spoofing, which routes the connection to the intranet application through the virtual adapter.

    Default value: ON

    Possible values = ON, OFF
    killconnections Read-write Specify whether the Citrix Gateway Plug-in should disconnect all preexisting connections, such as the connections existing before the user logged on to Citrix Gateway, and prevent new incoming connections on the Citrix Gateway Plug-in for Windows and MAC when the user is connected to Citrix Gateway and split tunneling is disabled.

    Default value: OFF

    Possible values = ON, OFF
    transparentinterception Read-write Allow access to network resources by using a single IP address and subnet mask or a range of IP addresses. The OFF setting sets the mode to proxy, in which you configure destination and source IP addresses and port numbers. If you are using the Citrix Gateway Plug-in for Windows, set this parameter to ON, in which the mode is set to transparent. If you are using the Citrix Gateway Plug-in for Java, set this parameter to OFF.

    Default value: OFF

    Possible values = ON, OFF
    windowsclienttype
    defaultauthorizationaction
    		Read-write
    Read-write    		 The Windows client type. Choose between two types of Windows Client a) Application Agent - which always runs in the task bar as a standalone application and also has a supporting service which runs permanently when installed b) Activex Control - ActiveX control run by Microsoft Internet Explorer. Default value: AGENT Possible values = AGENT, PLUGIN
    Specify the network resources that users have access to when they log on to the internal network. The default setting for authorization is to deny access to all network resources. Citrix recommends using the default global setting and then creating authorization policies to define the network resources users can access. If you set the default authorization policy to DENY, you must explicitly authorize access to any network resource, which improves security.

    Default value: DENY

    Possible values = ALLOW, DENY
    authorizationgroup Read-write Comma-separated list of groups in which the user is placed when none of the groups that the user is a part of is configured on Citrix Gateway. The authorization policy can be bound to these groups to control access to the resources.

    Minimum length = 1
    clientidletimeout Read-write Time, in minutes, after which to time out the user session if Citrix Gateway does not detect mouse or keyboard activity.

    Minimum value = 1

    Maximum value = 9999
    proxy Read-write Set options to apply proxy for accessing the internal resources. Available settings function as follows
  • BROWSER - Proxy settings are configured only in Internet Explorer and Firefox browsers.
  • NS - Proxy settings are configured on the Citrix ADC.
  • OFF - Proxy settings are not configured. Possible values = BROWSER, NS, OFF
    		•
    allprotocolproxy Read-write IP address of the proxy server to use for all protocols supported by Citrix Gateway.

    Minimum length = 1
    httpproxy Read-write IP address of the proxy server to be used for HTTP access for all subsequent connections to the internal network.

    Minimum length = 1
    ftpproxy Read-write IP address of the proxy server to be used for FTP access for all subsequent connections to the internal network.

    Minimum length = 1
    socksproxy Read-write IP address of the proxy server to be used for SOCKS access for all subsequent connections to the internal network.

    Minimum length = 1
    gopherproxy Read-write IP address of the proxy server to be used for GOPHER access for all subsequent connections to the internal network.

    Minimum length = 1
    sslproxy Read-write IP address of the proxy server to be used for SSL access for all subsequent connections to the internal network.

    Minimum length = 1
    proxyexception Read-write Proxy exception string that will be configured in the browser for bypassing the previously configured proxies. Allowed only if proxy type is Browser.

    Minimum length = 1
    proxylocalbypass Read-write Bypass proxy server for local addresses option in Internet Explorer and Firefox proxy server settings.

    Default value: DISABLED

    Possible values = ENABLED, DISABLED
    clientcleanupprompt Read-write Prompt for client-side cache clean-up when a client-initiated session closes.

    Default value: ON

    Possible values = ON, OFF
    forcecleanup <String[]> Read-write Force cache clean-up when the user closes a session. You can specify all, none, or any combination of the client-side items.

    Possible values = none, all, cookie, addressbar, plugin, filesystemapplication, application, applicationdata, clientcertificate, autocomplete, cache
    clientoptions <String[]> Read-write Display only the configured menu options when you select the “Configure Citrix Gateway” option in the Citrix Gateway Plug-in’s system tray icon for Windows.

    Possible values = none, all, services, filetransfer, configuration
    clientconfiguration <String[]> Read-write Allow users to change client Debug logging level in Configuration tab of the Citrix Gateway Plug-in for Windows.

    Possible values = none, trace
    sso Read-write Set single sign-on (SSO) for the session. When the user accesses a server, the user’s logon credentials are passed to the server for authentication.

    NOTE : This configuration does not honor the following authentication types for security reason. BASIC, DIGEST, and NTLM (without Negotiate NTLM2 Key or Negotiate Sign Flag). Use VPN TrafficAction to configure SSO for these authentication types.

    Default value: OFF

    Possible values = ON, OFF
    ssocredential Read-write Specify whether to use the primary or secondary authentication credentials for single sign-on to the server.

    Default value: PRIMARY

    Possible values = PRIMARY, SECONDARY
    windowsautologon Read-write Enable or disable the Windows Auto Logon for the session. If a VPN session is established after this setting is enabled, the user is automatically logged on by using Windows credentials after the system is restarted.

    Default value: OFF

    Possible values = ON, OFF
    usemip Read-write Enable or disable the use of a unique IP address alias, or a mapped IP address, as the client IP address for each client session. Allow Citrix Gateway to use the mapped IP address as an intranet IP address when all other IP addresses are not available.

    When IP pooling is configured and the mapped IP is used as an intranet IP address, the mapped IP address is used when an intranet IP address cannot be assigned.

    Default value: NS

    Possible values = NS, OFF
    useiip Read-write Define IP address pool options. Available settings function as follows
  • SPILLOVER - When an address pool is configured and the mapped IP is used as an intranet IP address, the mapped IP address is used when an intranet IP address cannot be assigned.
  • NOSPILLOVER - When intranet IP addresses are enabled and the mapped IP address is not used, the Transfer Login page appears for users who have used all available intranet IP addresses.
  • OFF - Address pool is not configured. Default value: NOSPILLOVER Possible values = NOSPILLOVER, SPILLOVER, OFF
    		•
    clientdebug Read-write Set the trace level on Citrix Gateway. Technical support technicians use these debug logs for in-depth debugging and troubleshooting purposes. Available settings function as follows
  • DEBUG - Detailed debug messages are collected and written into the specified file.
  • STATS - Application audit level error messages and debug statistic counters are written into the specified file.
  • EVENTS - Application audit-level error messages are written into the specified file.
  • OFF - Only critical events are logged into the Windows Application Log. Default value: OFF Possible values = debug, stats, events, OFF
    		•
    loginscript Read-write Path to the logon script that is run when a session is established. Separate multiple scripts by using comma. A “$” in the path signifies that the word following the “$” is an environment variable.

    Minimum length = 1
    logoutscript Read-write Path to the logout script. Separate multiple scripts by using comma. A “$” in the path signifies that the word following the “$” is an environment variable.

    Minimum length = 1
    homepage Read-write Web address of the home page that appears when users log on. Otherwise, users receive the default home page for Citrix Gateway, which is the Access Interface.
    icaproxy Read-write Enable ICA proxy to configure secure Internet access to servers running Citrix XenApp or XenDesktop by using Citrix Receiver instead of the Citrix Gateway Plug-in.

    Default value: OFF

    Possible values = ON, OFF
    wihome Read-write Web address of the Web Interface server, such as http:///Citrix/XenApp, or Receiver for Web, which enumerates the virtualized resources, such as XenApp, XenDesktop, and cloud applications. This web address is used as the home page in ICA proxy mode.

    If Client Choices is ON, you must configure this setting. Because the user can choose between FullClient and ICAProxy, the user may see a different home page. An Internet web site may appear if the user gets the FullClient option, or a Web Interface site if the user gets the ICAProxy option. If the setting is not configured, the XenApp option does not appear as a client choice.
    wihomeaddresstype Read-write Type of the wihome address(IPV4/V6).

    Possible values = IPV4, IPV6
    citrixreceiverhome Read-write Web address for the Citrix Receiver home page. Configure Citrix Gateway so that when users log on to the appliance, the Citrix Gateway Plug-in opens a web browser that allows single sign-on to the Citrix Receiver home page.
    wiportalmode Read-write Layout on the Access Interface. The COMPACT value indicates the use of small icons.

    Possible values = NORMAL, COMPACT
    clientchoices Read-write Provide users with multiple logon options. With client choices, users have the option of logging on by using the Citrix Gateway Plug-in for Windows, Citrix Gateway Plug-in for Java, the Web Interface, or clientless access from one location. Depending on how Citrix Gateway is configured, users are presented with up to three icons for logon choices. The most common are the Citrix Gateway Plug-in for Windows, Web Interface, and clientless access.

    Default value: OFF

    Possible values = ON, OFF
    epaclienttype Read-write Choose between two types of End point Windows Client

    a) Application Agent - which always runs in the task bar as a standalone application and also has a supporting service which runs permanently when installed

    b) Activex Control - ActiveX control run by Microsoft Internet Explorer.

    Possible values = AGENT, PLUGIN
    iipdnssuffix Read-write An intranet IP DNS suffix. When a user logs on to Citrix Gateway and is assigned an IP address, a DNS record for the user name and IP address combination is added to the Citrix Gateway DNS cache. You can configure a DNS suffix to append to the user name when the DNS record is added to the cache. You can reach to the host from where the user is logged on by using the user’s name, which can be easier to remember than an IP address. When the user logs off from Citrix Gateway, the record is removed from the DNS cache.

    Minimum length = 1
    forcedtimeout Read-write Force a disconnection from the Citrix Gateway Plug-in with Citrix Gateway after a specified number of minutes. If the session closes, the user must log on again.

    Minimum value = 1

    Maximum value = 65535
    forcedtimeoutwarning Read-write Number of minutes to warn a user before the user session is disconnected.

    Minimum value = 1

    Maximum value = 255
    ntdomain Read-write Single sign-on domain to use for single sign-on to applications in the internal network. This setting can be overwritten by the domain that users specify at the time of logon or by the domain that the authentication server returns.

    Minimum length = 1

    Maximum length = 32
    clientlessvpnmode Read-write Enable clientless access for web, XenApp or XenDesktop, and FileShare resources without installing the Citrix Gateway Plug-in. Available settings function as follows
  • ON - Allow only clientless access.
  • OFF - Allow clientless access after users log on with the Citrix Gateway Plug-in.
  • DISABLED - Do not allow clientless access. Default value: OFF Possible values = ON, OFF, DISABLED
    		•
    clientlessmodeurlencoding Read-write When clientless access is enabled, you can choose to encode the addresses of internal web applications or to leave the address as clear text. Available settings function as follows
  • OPAQUE - Use standard encoding mechanisms to make the domain and protocol part of the resource unclear to users.
  • TRANSPARENT - Do not encode the web address and make it visible to users.
  • ENCRYPT - Allow the domain and protocol to be encrypted using a session key. When the web address is encrypted, the URL is different for each user session for the same web resource. If users bookmark the encoded web address, save it in the web browser and then log off, they cannot connect to the web address when they log on and use the bookmark. If users save the encrypted bookmark in the Access Interface during their session, the bookmark works each time the user logs on. Default value: OPAQUE Possible values = TRANSPARENT, OPAQUE, ENCRYPT
    		•
    clientlesspersistentcookie Read-write State of persistent cookies in clientless access mode. Persistent cookies are required for accessing certain features of SharePoint, such as opening and editing Microsoft Word, Excel, and PowerPoint documents hosted on the SharePoint server. A persistent cookie remains on the user device and is sent with each HTTP request. Citrix Gateway encrypts the persistent cookie before sending it to the plug-in on the user device, and refreshes the cookie periodically as long as the session exists. The cookie becomes stale if the session ends. Available settings function as follows
  • ALLOW - Enable persistent cookies. Users can open and edit Microsoft documents stored in SharePoint.
  • DENY - Disable persistent cookies. Users cannot open and edit Microsoft documents stored in SharePoint.
  • PROMPT - Prompt users to allow or deny persistent cookies during the session. Persistent cookies are not required for clientless access if users do not connect to SharePoint. Default value: DENY Possible values = ALLOW, DENY, PROMPT
    		•
    emailhome Read-write Web address for the web-based email, such as Outlook Web Access.
    allowedlogingroups Read-write Specify groups that have permission to log on to Citrix Gateway. Users who do not belong to this group or groups are denied access even if they have valid credentials.

    Minimum length = 1

    Maximum length = 511
    encryptcsecexp Read-write Enable encryption of client security expressions.

    Default value: ENABLED

    Possible values = ENABLED, DISABLED
    apptokentimeout Read-write The timeout value in seconds for tokens to access XenMobile applications.

    Default value: 100

    Minimum value = 1

    Maximum value = 255
    mdxtokentimeout Read-write Validity of MDX Token in minutes. This token is used for mdx services to access backend and valid HEAD and GET request.

    Default value: 10

    Minimum value = 1

    Maximum value = 1440
    uitheme Read-write Set VPN UI Theme to Green-Bubble, Caxton or Custom; default is Caxton.

    Possible values = DEFAULT, GREENBUBBLE, CUSTOM
    securebrowse Read-write Allow users to connect through Citrix Gateway to network resources from iOS and Android mobile devices with Citrix Receiver. Users do not need to establish a full VPN tunnel to access resources in the secure network.

    Default value: ENABLED

    Possible values = ENABLED, DISABLED
    storefronturl Read-write Web address for StoreFront to be used in this session for enumeration of resources from XenApp or XenDesktop.

    Minimum length = 1

    Maximum length = 255
    kcdaccount Read-write The KCD account details to be used in SSO.
    clientversions Read-write checkversion api.

    Minimum length = 1

    Maximum length = 100
    rdpclientprofilename Read-write Name of the RDP profile associated with the vserver.

    Minimum length = 1

    Maximum length = 127
    windowspluginupgrade Read-write Option to set plugin upgrade behaviour for Win.

    Default value: Always

    Possible values = Always, Essential, Never
    macpluginupgrade Read-write Option to set plugin upgrade behaviour for Mac.

    Default value: Always

    Possible values = Always, Essential, Never
    linuxpluginupgrade Read-write Option to set plugin upgrade behaviour for Linux.

    Default value: Always

    Possible values = Always, Essential, Never
    iconwithreceiver Read-write Option to decide whether to show plugin icon along with receiver icon.

    Default value: OFF

    Possible values = ON, OFF
    userdomains Read-write List of user domains specified as comma seperated value.
    icasessiontimeout Read-write Enable or disable ica session timeout. If enabled and in case AAA session gets terminated, ICA connections associated with that will also get terminated.

    Default value: OFF

    Possible values = ON, OFF
    httptrackconnproxy Read-write Enable or disable HTTP tracking for packets proxied via vpn vserver using GSLB connection proxy feature.

    Default value: OFF

    Possible values = ON, OFF
    alwaysonprofilename Read-write Name of the AlwaysON profile. The builtin profile named none can be used to explicitly disable AlwaysON.

    Minimum length = 1

    Maximum length = 127
    autoproxyurl Read-write URL to auto proxy config file.
    advancedclientlessvpnmode Read-write Option to enable/disable Advanced ClientlessVpnMode. Additionaly, it can be set to STRICT to block Classic ClientlessVpnMode while in AdvancedClientlessMode.

    Default value: DISABLED

    Possible values = ENABLED, DISABLED, STRICT
    pcoipprofilename Read-write Name of the PCOIP profile.

    Minimum length = 1

    Maximum length = 127
    backendserversni Read-write enables sni extension for backend server handshakes.

    Default value: DISABLED

    Possible values = ENABLED, DISABLED
    backendcertvalidation Read-write enables backend server certificate validation.

    Default value: DISABLED

    Possible values = ENABLED, DISABLED
    fqdnspoofedip Read-write Spoofed IP address range that can be used by client for FQDN based split tunneling.

    Minimum length = 1
    netmask Read-write The netmask for the spoofed ip address.

    Minimum length = 1
    samesite Read-write SameSite attribute value for Cookies generated in VPN context. This attribute value will be appended only for the cookies which are specified in the builtin patset ns_cookies_samesite.

    Possible values = None, LAX, STRICT
    maxiipperuser Read-write Maximum number of Intranet IP that can be assigned to a user from AAA group, VPN vserver or VPN global pool. This setting is not applicable for AAA user level Intranet IP configuration.

    Default value: 1

    Minimum value = 1

    Maximum value = 10
    name Read-only The VPN name.
    clientidletimeoutwarning Read-only The time after which the client gets a timeout warning, in minutes.
    vpnsessionpolicybindtype Read-only Indicates current bind type (Classic/Advanced) for VPN session policy across all bind entities.

    Default value: Advanced Policy

    Possible values = Classic Policy, Advanced Policy
    vpnsessionpolicycount Read-only Count of VPN session policies across all bind entities.

    Operations

    (click to see Properties )

    • UPDATE
    • UNSET
    • GET (ALL)

    Some options that you can use for each operations:

    • Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the 'warning' query parameter as 'yes'. For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:

      http:// <netscaler-ip-address> /nitro/v1/config/login?warning=yes

      If any, the warnings are displayed in the response payload with the HTTP code '209 X-NITRO-WARNING'.

    • Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

      To do this, you must specify the username and password in the request header of the NITRO request as follows:

      X-NITRO-USER: <username>

      X-NITRO-PASS: <password>

      Note: In such cases, make sure that the request header DOES not include the following:

      Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

    *Note: * Mandatory parameters are marked in red and placeholder content is marked in green

    update

    URL: http:// <netscaler-ip-address> /nitro/v1/config/vpnparameter HTTP Method: PUT

    Request Headers:

    Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

    Content-Type:application/json

    Request Payload: 

    {"vpnparameter":{
"httpport":<Integer[]_value>,
"winsip":<String_value>,
"dnsvservername":<String_value>,
"splitdns":<String_value>,
"icauseraccounting":<String_value>,
"sesstimeout":<Double_value>,
"clientsecurity":<String_value>,
"clientsecuritygroup":<String_value>,
"clientsecuritymessage":<String_value>,
"clientsecuritylog":<String_value>,
"smartgroup":<String_value>,
"splittunnel":<String_value>,
"locallanaccess":<String_value>,
"rfc1918":<String_value>,
"spoofiip":<String_value>,
"killconnections":<String_value>,
"transparentinterception":<String_value>,
"windowsclienttype":<String_value>,
"defaultauthorizationaction":<String_value>,
"authorizationgroup":<String_value>,
"clientidletimeout":<Double_value>,
"proxy":<String_value>,
"allprotocolproxy":<String_value>,
"httpproxy":<String_value>,
"ftpproxy":<String_value>,
"socksproxy":<String_value>,
"gopherproxy":<String_value>,
"sslproxy":<String_value>,
"proxyexception":<String_value>,
"proxylocalbypass":<String_value>,
"clientcleanupprompt":<String_value>,
"forcecleanup":<String[]_value>,
"clientoptions":<String[]_value>,
"clientconfiguration":<String[]_value>,
"sso":<String_value>,
"ssocredential":<String_value>,
"windowsautologon":<String_value>,
"usemip":<String_value>,
"useiip":<String_value>,
"clientdebug":<String_value>,
"loginscript":<String_value>,
"logoutscript":<String_value>,
"homepage":<String_value>,
"icaproxy":<String_value>,
"wihome":<String_value>,
"wihomeaddresstype":<String_value>,
"citrixreceiverhome":<String_value>,
"wiportalmode":<String_value>,
"clientchoices":<String_value>,
"epaclienttype":<String_value>,
"iipdnssuffix":<String_value>,
"forcedtimeout":<Double_value>,
"forcedtimeoutwarning":<Double_value>,
"ntdomain":<String_value>,
"clientlessvpnmode":<String_value>,
"clientlessmodeurlencoding":<String_value>,
"clientlesspersistentcookie":<String_value>,
"emailhome":<String_value>,
"allowedlogingroups":<String_value>,
"encryptcsecexp":<String_value>,
"apptokentimeout":<Double_value>,
"mdxtokentimeout":<Double_value>,
"uitheme":<String_value>,
"securebrowse":<String_value>,
"storefronturl":<String_value>,
"kcdaccount":<String_value>,
"clientversions":<String_value>,
"rdpclientprofilename":<String_value>,
"windowspluginupgrade":<String_value>,
"macpluginupgrade":<String_value>,
"linuxpluginupgrade":<String_value>,
"iconwithreceiver":<String_value>,
"userdomains":<String_value>,
"icasessiontimeout":<String_value>,
"httptrackconnproxy":<String_value>,
"alwaysonprofilename":<String_value>,
"autoproxyurl":<String_value>,
"advancedclientlessvpnmode":<String_value>,
"pcoipprofilename":<String_value>,
"backendserversni":<String_value>,
"backendcertvalidation":<String_value>,
"fqdnspoofedip":<String_value>,
"netmask":<String_value>,
"samesite":<String_value>,
"maxiipperuser":<Double_value>
}}

<!--NeedCopy-->

    Response: HTTP Status Code on Success: 200 OK

    HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

    unset

    URL: http:// <netscaler-ip-address> /nitro/v1/config/vpnparameter? action=unset HTTP Method: POST

    Request Headers:

    Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

    Content-Type:application/json

    Request Payload: 

    {"vpnparameter":{
"httpport":true,
"winsip":true,
"dnsvservername":true,
"splitdns":true,
"icauseraccounting":true,
"sesstimeout":true,
"clientsecurity":true,
"clientsecuritygroup":true,
"smartgroup":true,
"clientsecuritymessage":true,
"clientsecuritylog":true,
"authorizationgroup":true,
"clientidletimeout":true,
"allprotocolproxy":true,
"httpproxy":true,
"ftpproxy":true,
"socksproxy":true,
"gopherproxy":true,
"sslproxy":true,
"proxyexception":true,
"forcecleanup":true,
"clientoptions":true,
"clientconfiguration":true,
"loginscript":true,
"logoutscript":true,
"homepage":true,
"proxy":true,
"wihome":true,
"citrixreceiverhome":true,
"wiportalmode":true,
"iipdnssuffix":true,
"forcedtimeout":true,
"forcedtimeoutwarning":true,
"defaultauthorizationaction":true,
"ntdomain":true,
"clientlessvpnmode":true,
"emailhome":true,
"clientlessmodeurlencoding":true,
"clientlesspersistentcookie":true,
"allowedlogingroups":true,
"apptokentimeout":true,
"mdxtokentimeout":true,
"storefronturl":true,
"uitheme":true,
"kcdaccount":true,
"rdpclientprofilename":true,
"windowspluginupgrade":true,
"macpluginupgrade":true,
"linuxpluginupgrade":true,
"iconwithreceiver":true,
"userdomains":true,
"alwaysonprofilename":true,
"autoproxyurl":true,
"pcoipprofilename":true,
"advancedclientlessvpnmode":true,
"fqdnspoofedip":true,
"splittunnel":true,
"locallanaccess":true,
"rfc1918":true,
"spoofiip":true,
"killconnections":true,
"transparentinterception":true,
"windowsclienttype":true,
"proxylocalbypass":true,
"clientcleanupprompt":true,
"sso":true,
"ssocredential":true,
"windowsautologon":true,
"usemip":true,
"useiip":true,
"clientdebug":true,
"icaproxy":true,
"clientchoices":true,
"epaclienttype":true,
"encryptcsecexp":true,
"securebrowse":true,
"clientversions":true,
"icasessiontimeout":true,
"httptrackconnproxy":true,
"backendserversni":true,
"backendcertvalidation":true,
"netmask":true,
"samesite":true,
"maxiipperuser":true
}}

<!--NeedCopy-->

    Response: HTTP Status Code on Success: 200 OK

    HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

    get (all)

    URL: http:// <netscaler-ip-address> /nitro/v1/config/vpnparameter HTTP Method: GET

    Request Headers:

    Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

    Accept:application/json

    Response: HTTP Status Code on Success: 200 OK

    HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

    Response Header:

    Content-Type:application/json

    Response Payload: 

    { "vpnparameter": [ {
"name":<String_value>,
"httpport":<Integer[]_value>,
"winsip":<String_value>,
"dnsvservername":<String_value>,
"splitdns":<String_value>,
"icauseraccounting":<String_value>,
"sesstimeout":<Double_value>,
"clientsecurity":<String_value>,
"clientsecuritygroup":<String_value>,
"clientsecuritymessage":<String_value>,
"clientsecuritylog":<String_value>,
"smartgroup":<String_value>,
"splittunnel":<String_value>,
"locallanaccess":<String_value>,
"rfc1918":<String_value>,
"spoofiip":<String_value>,
"killconnections":<String_value>,
"transparentinterception":<String_value>,
"windowsclienttype":<String_value>,
"defaultauthorizationaction":<String_value>,
"authorizationgroup":<String_value>,
"clientidletimeout":<Double_value>,
"clientidletimeoutwarning":<Double_value>,
"proxy":<String_value>,
"allprotocolproxy":<String_value>,
"httpproxy":<String_value>,
"ftpproxy":<String_value>,
"socksproxy":<String_value>,
"gopherproxy":<String_value>,
"sslproxy":<String_value>,
"proxyexception":<String_value>,
"proxylocalbypass":<String_value>,
"clientcleanupprompt":<String_value>,
"forcecleanup":<String[]_value>,
"clientoptions":<String[]_value>,
"clientconfiguration":<String[]_value>,
"sso":<String_value>,
"ssocredential":<String_value>,
"windowsautologon":<String_value>,
"usemip":<String_value>,
"useiip":<String_value>,
"clientdebug":<String_value>,
"loginscript":<String_value>,
"logoutscript":<String_value>,
"homepage":<String_value>,
"icaproxy":<String_value>,
"wihome":<String_value>,
"wihomeaddresstype":<String_value>,
"citrixreceiverhome":<String_value>,
"wiportalmode":<String_value>,
"clientchoices":<String_value>,
"epaclienttype":<String_value>,
"iipdnssuffix":<String_value>,
"forcedtimeout":<Double_value>,
"forcedtimeoutwarning":<Double_value>,
"ntdomain":<String_value>,
"clientlessvpnmode":<String_value>,
"clientlessmodeurlencoding":<String_value>,
"clientlesspersistentcookie":<String_value>,
"emailhome":<String_value>,
"allowedlogingroups":<String_value>,
"encryptcsecexp":<String_value>,
"apptokentimeout":<Double_value>,
"mdxtokentimeout":<Double_value>,
"uitheme":<String_value>,
"securebrowse":<String_value>,
"storefronturl":<String_value>,
"kcdaccount":<String_value>,
"clientversions":<String_value>,
"rdpclientprofilename":<String_value>,
"windowspluginupgrade":<String_value>,
"macpluginupgrade":<String_value>,
"linuxpluginupgrade":<String_value>,
"iconwithreceiver":<String_value>,
"userdomains":<String_value>,
"icasessiontimeout":<String_value>,
"httptrackconnproxy":<String_value>,
"alwaysonprofilename":<String_value>,
"autoproxyurl":<String_value>,
"advancedclientlessvpnmode":<String_value>,
"pcoipprofilename":<String_value>,
"backendserversni":<String_value>,
"backendcertvalidation":<String_value>,
"vpnsessionpolicybindtype":<String_value>,
"vpnsessionpolicycount":<Double_value>,
"fqdnspoofedip":<String_value>,
"netmask":<String_value>,
"samesite":<String_value>,
"maxiipperuser":<Double_value>
}]}

<!--NeedCopy-->
    vpnparameter
    May 23, 2024
    Contributed by: 
    C
    May 23, 2024
    Contributed by: 
    C

    In this article

    Site feedback | Your privacy choices footer linkYour Privacy Choices | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
    © 1999- Cloud Software Group, Inc. All rights reserved.