If the method succeeds, rc is 0 else rc > 0. Values above 0x8000 indicate Warnings.

If the method succeeds, message is NULL else message contains Error/Warning message.

List of authenticationvservers

Name of the authentication virtual server.

The Virtual IP address of the authentication vserver.

The IP address of the authentication server.

Indicates whether or not the certificate is bound or if SSL offload is disabled.

The virtual TCP port of the authentication vserver.

The range of authentication vserver IP addresses. The new range of authentication vservers will have IP addresses consecutively numbered, starting with the primary address specified with the argument.

The authentication vserver's protocol type, Currently the only possible value is SSL.

The type of Virtual Server, e.g. CONTENT based or ADDRESS based.

The current state of the Virtual server, e.g. UP, DOWN, BUSY, etc.

Whether or not this vserver responds to ARPs and whether or not round-robin selection is temporarily in effect.

Virtual server's cache type. The options are: TRANSPARENT, REVERSE and FORWARD.

The cache redirect policy. The valid redirect policies are: l. CACHE - Directs all requests to the cache. 2. POLICY - Applies cache redirection policy to determine whether the request should be directed to the cache or origin. This is the default setting. 3. ORIGIN - Directs all requests to the origin server.

This argument is used only when configuring content switching on the specified virtual server. This is applicable only if both the URL and RULE-based policies have been configured on the same virtual server. It specifies the type of policy (URL or RULE) that takes precedence on the content switching virtual server. The default setting is RULE. l URL - In this case, the incoming request is matched against the URL-based policies before the rule-based policies. l RULE - In this case, the incoming request is matched against the rule-based policies before the URL-based policies. For all URL-based policies, the precedence hierarchy is: 1. Domain and exact URL 2. Domain, prefix and suffix 3. Domain and suffix 4. Domain and prefix 5. Domain only 6. Exact URL 7. Prefix and suffix 8. Suffix only 9. Prefix only 10. Default

The URL where traffic is redirected if the virtual server in system becomes unavailable. WARNING! Make sure that the domain you specify in the URL does not match the domain specified in the -d domainName argument of the addcspolicy method. If the same domain is specified in both arguments, the request will be continuously redirected to the same unavailable virtual server in the system. If so, the user may not get the requested content.

Indicates whether or not authentication is being applied to incoming users to the VPN.

The number of current users logged in to this vserver.

The domain of the authentication cookie set by Authentication vserver
NOTE: This attribute is deprecated.
Authentication Domain Parameter has been deprecated. Please use Authentication Profile for setting domain wide cookies.

The name of the policy, if any, bound to the authentication vserver.
NOTE: This attribute is deprecated.
Replaced by Policy field

The name of the policy, if any, bound to the authentication vserver.

The name of the service, if any, to which the vserver policy is bound.

Weight for this service, if any. This weight is used when the system performs load balancing, giving greater priority to a specific service. It is useful when the services bound to a virtual server are of different capacity.

The name of the default target cache virtual server, if any, to which requests are redirected.

The name of the backup vpn virtual server for this vpn virtual server.

The idle time, if any, in seconds after which the client connection is terminated.

VPN client applications are allocated from a block of Intranet IP addresses. That block may be exhausted after a certain number of connections. This switch specifies the method used to determine whether or not a new connection will spillover, or exhaust, the allocated block of Intranet IP addresses for that application. Possible values are CONNECTION or DYNAMICCONNECTION. CONNECTION means that a static integer value is the hard limit for the spillover threshold. The spillover threshold is described below. DYNAMICCONNECTION means that the spillover threshold is set according to the maximum number of connections defined for the vpn vserver.

VPN client applications are allocated from a block of Intranet IP addresses. That block may be exhausted after a certain number of connections. The value of this option is number of client connections after which the Mapped IP address is used as the client source IP address instead of an address from the allocated block of Intranet IP addresses.

Whether or not cookie-based site persistance is enabled for this VPN vserver. Possible values are 'ConnectionProxy', HTTPRedirect, or NONE

The timeout, if any, for cookie-based site persistance of this VPN vserver.

The priority, if any, of the vpn vserver policy.

Perform delayed clean up of connections on this vserver.

Bindpoint to which the policy is bound.

Tells whether traffic will continue reaching backup vservers even after primary comes UP from DOWN state.

Listenpolicy configured for authentication vserver

Priority of listen policy for authentication vserver

The name of the TCP profile.

Name of the HTTP profile.

Any comments associated with this virtual server.

Log AppFlow flow information.

Virtual Server Type, e.g. Load Balancing, Content Switch, Cache Redirection

Nodegroup devno to which this authentication vsever belongs to

Maximum Number of login Attempts

Number of minutes an account will be locked if user exceeds maximum permissible attempts

Bind the authentication policy to the secondary chain. Provides for multifactor authentication in which a user must authenticate via both a primary authentication method and, afterward, via a secondary authentication method. Because user groups are aggregated across authentication systems, usernames must be the same on all authentication servers. Passwords can be different.

Bind the Authentication policy to a tertiary chain which will be used only for group extraction. The user will not authenticate against this server, and this will only be called if primary and/or secondary authentication has succeeded.

On success invoke label.

Expression specifying the priority of the next policy which will get evaluated if the current policy rule evaluates to TRUE.

Theme for Authentication virtual server Login portal

Name of the certificate key that was bound to the corresponding SSL virtual server as the Certificate Authority for the device certificate

SameSite attribute value for Cookies generated in AAATM context. This attribute value will be appended only for the cookies which are specified in the builtin patset ns_cookies_samesite

The bound Cache policy names.

The priorities of bound Cache policies.

The bindpoints of bound Cache policies.

The next_expr-s of bound CACHE policies.

The bound responder policy names.

The priorities of bound responder policies.

The next_expr-s of bound responder policies.

The bindpoints of bound responder policies.

The bound Rewrite policy names.

The priorities of bound Rewrite policies.

The next_expr-s of bound Rewrite policies.

The bindpoints of bound RW policies.

The next_expr-s of bound CSW policies.