EnableEAP Property of the IFPCVpnNetworkL2tpPptpSettings Interface

The EnableEAP property gets or sets a Boolean value that indicates whether the Extensible Authentication Protocol (EAP) can be used for outgoing authentication.

HRESULT put_EnableEAP(
HRESULT get_EnableEAP(



Pointer to a Boolean variable that is set on return to VARIANT_TRUE if EAP can be used for outgoing authentication, or to VARIANT_FALSE if EAP cannot be used for outgoing authentication.


Boolean value that specifies whether EAP can be used for outgoing authentication.

Return Value

These property methods return S_OK if the call is successful; otherwise, they return an error code.

[Visual Basic]
Property EnableEAP As Boolean

Property Value

Boolean value that indicates whether EAP can be used for outgoing authentication.


This property is read/write. Its default value is False (VARIANT_FALSE in C++).

EAP can be used to provide an added layer of security to Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling Protocol (L2TP) VPN connections. EAP enables this functionality through certification authority (CA) and smart card technologies, which provide mutual authentication of the client and the server. To use EAP with a VPN, the server must be configured to accept EAP authentication as a valid authentication method and it must have a user certificate (X.509). The client must be configured to use EAP, and either have a smart card (with a smart card certificate installed) or a user certificate.

EAP cannot be enabled together with any of the other authentication protocols.


Client Requires Windows Vista or Windows XP.
Server Requires Windows Server 2008.
Version Requires Forefront Threat Management Gateway (TMG).

Declared in Msfpccom.idl.


Requires Msfpccom.dll.

See Also


Send comments about this topic to Microsoft

Build date: 11/30/2009

© 2008 Microsoft Corporation. All rights reserved.