Configuring Per-App VPN on Your UEM Solution

Jamf Connect Documentation
Solution
Application
Jamf Connect
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

Follow these steps to activate Jamf Connect's Zero Trust Network Access with Per-App VPN on your target end user iOS and iPadOS devices.

Note:

The following steps are for Jamf Pro. They will be similar for other UEM and MDM solutions.

  1. In Jamf Pro, click Devices at the top of the sidebar.
  2. Click Configuration Profiles in the sidebar.
  3. Click + New to create a new configuration profile.
    1. On the left-side of the Options menu, select "VPN".
    2. Click Configure.
  4. Enter a memorable Connection Name, for example "Zero Trust Network Access Per-App VPN".
  5. Set the VPN Type to "Per-App VPN".
  6. (Optional) Select the Automatically start Per-App VPN connection checkbox.
  7. Under Safari Domains, define the domains that are allowed to use this Per-App VPN in the Safari app.
    Note:

    This configuration does not apply to other browsers.

  8. For Per-App VPN Connection Type, select "Custom SSL".
  9. For Identifier, enter com.jamf.trust
  10. For Server, enter open.jamf.trust.app

    This is a placeholder hostname that will be rewritten by the Jamf Trust app during activation.

  11. For Provider Bundle Identifier, enter com.jamf.trust.ne-access.
  12. Create key-value pairs in the Custom Data section as follows:

    • Key: ProfileId

    • Value: com.jamf.trust.bootstrap

  13. If prompted for User Authentication, select "Password".

    If required to enter a username and/or password, you can use fake values. These are overwritten during activation and are ignored by Jamf Trust.

  14. For the Provider Type, select "Packet-tunnel".

    To ensure consistent behavior on end-user devices, Jamf recommends that you select the Prohibit users from disabling on-demand VPN settings checkbox.

  15. Click Save.