Creating a Wildcard Access Policy for Per-App VPN

Jamf Connect Documentation
Solution
Application
Jamf Connect
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

To ensure that Jamf Connect allows all traffic from the apps configured with Per-App VPN, Jamf recommends creating a wildcard access policy. Apps send data along multiple hostnames. Rather than manually finding and listing each hostname used by a given app, you can create a wildcard access policy to capture all hostnames used by the app.

Requirements

Configure Per-App Networking for iOS and iPadOS target devices. For more information, see Setting Up Per-App Networking for Mobile Devices in the Jamf Pro Documentation.

  1. In the Jamf Security Cloud portal, go to Policies > Access > Access policy > Create policy > Custom app > Define app.
  2. In the General pane, name your policy and click Next.
  3. In the Traffic matching pane, type " *" (asterisk) under Application hostnames and click Add.
  4. Click Next.
  5. In the Device groups pane, choose the device groups that need access to the app, including BYOD device groups if applicable, and click Next.
  6. In the Security pane, click Next.
  7. In the Routing pane, choose Encrypt and route via ZTNA, and click Next.
  8. In the Review pane, click Save and create app.