Virtual private networks (VPNs) provide devices with a secure and encrypted tunnel to access internal resources. VPN profiles enable each device to function as if it were connected through the on-site network.

  1. Navigate to Devices > Profiles & Resources > Profiles and select Add. Select Apple macOS, and then select whether this profile will apply to only the enrollment user on the device ( User Profile), or the entire device ( Device Profile).
  2. Configure the profile's General settings.

    These settings determine how the profile deploys and who receives it. For more information on General settings, see Add General Profile Settings.

  3. Select the VPN payload.
  4. Configure Connection settings, including:

    Settings Description
    Connection Name Enter the name of the connection name to be displayed on the device.
    Connection Type Use the drop-down menu to select the network connection method.
    Server Enter the hostname or IP address of the server to which to connect.
    Account Enter the name of the VPN account.
    Send All Traffic Select this check box to force all traffic through the specified network.
    Per App VPN For macOS v10.9 devices, use Per-App VPN to choose what apps should connect to what networks.
    Connect Automatically Select this check box to allow the VPN to connect automatically to chosen Safari Domains.
    Enable Safari Domains

    Enable this setting to set specific domains or hosts that open the secure VPN connection in the Safari browser. Add domains as needed.

    If you configure a VMware Tunnel Per-App Tunnel network traffic rule for the Safari app for macOS, AirWatch disables this setting. The network traffic rules override any configured Safari Domain rules. For more information, see Network Traffic Rules for Per-App Tunnel.

    App Mapping Enable this setting to allow specific applications to open a secure VPN connection. Add app bundle ID(s) for applications allowed to open a secure VPN connection
  5. Configure Authentication information including:

    Setting Description
    User Authentication Select the radio button to indicate how to authenticate end users through the VPN.
    Shared Secret Enter the Shared Secret key to be provided to authorize end users for VPN access.
  6. Select either Manual or Automatic proxy and the appropriate settings.
  7. Select Save & Publish when you are finished to push the profile to devices.