A Virtual Private Network (VPN) provides devices with a secure and encrypted tunnel to access internal resources such as email, files, and content. VPN profiles enable each device to function as if it were connected through the on-site network.

Depending on the connection type and authentication method, use look-up values to auto-fill user name info to streamline the login process.

Note:

The VPN profile applies for both the Work Profile and Work Managed Device mode types.

To create a VPN profile:

  1. Navigate to Devices > Profiles & Resources > Profiles > Add > Add Profile > Android.

  2. Configure the General profile settings as appropriate.

  3. Select VPN to edit the profile.

  4. Configure VPN settings. The table below defines all settings that can be configured based on the VPN client.

    Setting

    Description

    Connection Info

    Connection Type

    Choose the protocol used to facilitate VPN sessions.

    Connection Name

    Enter the assigned to the connection created by the profile.

    Server

    Enter the name or address of the used for VPN connections.

    Account

    Enter the user account for authenticating the connection.

    Always On VPN

    Enable to force all traffic from work apps to be tunneled through VPN.

    Set Active

    Enable to turn VPN on after the profile applies to the device.

    Per-App VPN Rules

    Enable Per App VPN which allows you to configure VPN traffic rules based on specific applications. This text box only displays for supported VPN vendors.

    Authentication

    User Authentication

    Choose the method required to authenticate the VPN session.

    Password

    Provide the credentials required for end-user VPN access.

    Client Certificate

    Use the drop-down to select the client certificate. These are configured in the Credentials profiles.

    Certificate Revocation

    Enable to turn on certificate revocation.

    Anyconnect Profile

    Enter the AnyConnect profile name.

    FIPS Mode

    Enable to turn on FIPS Mode.

    Strict Mode

    Enable to turn on Strict Mode.

    Vendor Configurations

    Vendor Keys

    Create custom keys to go into the vendor config dictionary.

    Key

    Enter the specific key provided by the vendor.

    Value

    Enter the VPN value for each key.

  5. Select Save & Publish.

Note:

 Cisco AnyConnectand Juniper Junos Pulse connections require specific applications to be installed on each device before the VPN profile is deployed. These applications can be included as a Recommended App from the App Catalog for easy access.