How to Set Up Per-App VPN using Configuration Manager

  • Article

 

~ Karan Rustagi

With the release of iOS 7, Apple introduced the Per-App VPN feature which caters to both IT Professional and end user experiences. With this feature, IT Professionals can specify which managed apps can use VPN on an Intune managed iOS device. It also makes the connection experience seamless for the user by abstracting the steps taken to connect to a VPN server when accessing corporate documents.

The blog post here teaches you how to set up Per-App VPN for your enterprise using Microsoft Intune (cloud only) but if you want to do this using Configuration Manager please continue reading.

Step 1

a. Create a VPN profile and select ‘Per App VPN (iOS 7 and later)’.

image

Step 2

a. Under Software library – Applications create an iOS application.

image

b. Select VPN profile created in Step 1.a under App-Per VPN.

image

On the iOS Device

  • Make sure you’re running iOS 7 or later

  • Must have the appropriate 3rd party app installed:

    • Juniper

    • Checkpoint

    • F5

    • SonicWall

  • Make sure you have a zero-touch experience:

    • User taps on the 3rd party VPN app

    • Taps on Connect

    • VPN successfully connects without any extra prompts.

      • User must not be asked to trust the VPN server (i.e., User must not see the Dynamic Trust dialog box)

      • User must not enter any credentials

      • User must be connected to VPN upon tapping the connect button