jtjenkins

Q: Removing VPN Profile, can't access internet

Well here's a new one. So I have a VPN profile that is being pushed to my device via a Mobile Device Management app. It's supposed to push the profile every 5 minutes- 30 minutes to keep the device on the VPN (so you don't toggle it off).

 

I've tried seemingly everything to do with this profile, and one of two cases happen that completely breaks things:

 

1. The profile is pushed out twice. It's an IPSEC app with certificates and a username/password (all set in the profile). But when it's pushed a second time, the network stops working on the device until you toggle "Connect on Demand" to off, and the certificate for the VPN shows it's like half installed or something.

2. The profile is removed (after much messing with the settings), and the device's network is completely down. Nothing I can do (Airplane mode, toggling the wifi, etc.), can get it to come back on, and I have to do a full restart of the device.

 

What we're trying to do is force the device to always be connected to the VPN without being supervised during working hours, then removing it after work. Due to the above bugs, neither part of that works, and our workers would have to turn the VPN on and off themselves.

 

Anyone seen this before and know a way around this without supervising the device? These are personal devices so we really can't supervise them since I believe that wipes the device.

iPhone 6, iOS 9, All devices

Posted on Sep 18, 2015 1:49 PM

Close

Q: Removing VPN Profile, can't access internet

  • All replies
  • Helpful answers

  • by sharpest,

    sharpest sharpest Sep 20, 2015 5:45 PM in response to jtjenkins
    Level 1 (35 points)
    Sep 20, 2015 5:45 PM in response to jtjenkins

    This would come down to looking at the support provided by the MDM solution.  If "they" say what you are trying to do is possible, it should be documented.  If nothing else, the MDM provider should be able to help you view the logs to see why this is not working, assuming it should work as you've stated.