Configure VPN Policy Profile (Android Enterprise)
The VPN Policy allows administrators to centrally configure secure access to corporate networks using the SureAccess VPN solution. This policy defines connection parameters, network routing rules, web filtering, and application access controls to ensure secure communication between the managed device and the enterprise network.
To remotely configure the VPN Configuration profile on the enrolled device(s), follow these steps:
Navigate to SureMDM Web Console > Profiles > Android > Add > Primary Profile > VPN > Configure.
Enter a Profile Name.
In the VPN Configuration screen, enter the following details and click Save.
| Setting | Description |
|---|---|
| Enable SureAccess | Check this option to activate the SureAccess VPN configuration on the device. |
| Connection Name | Enter a unique name for the VPN connection that will be displayed on the device. |
| Always On | Check this option to keep the VPN connection persistent at all times. This ensures that all device traffic routes through the VPN automatically, providing continuous security. |
| Tunnelled CIDR List | Select from the pre-configured CIDR ranges (e.g., 192.168.1.0/24) that are permitted to be accessed via the secure VPN tunnel. |
| Tunnelled FQDN List | Select from the pre-configured Fully Qualified Domain Names (FQDNs) (e.g., erp.company.com) that should be routed through the secure VPN tunnel. |
| Blocked FQDN List | Select from the pre-configured FQDNs to explicitly deny access through the secure tunnel. |
| Enable Web Filtering | Check this option to block user access to websites based on selected content categories. |
| Blocked Category List | Choose the categories of websites (e.g., Social Media, Gaming) that will be blocked when Enable Web Filtering is active. |
| App Access Mode | Select either Allow Specific Apps or Block Specific Apps to control which applications can use the VPN tunnel. |
| Allowed Applications List | (App Access Mode: Allow Specific Apps) Select the applications allowed to operate within the SureAccess VPN. Applications other than the specified ones will be blocked. |
| Blocked Applications List | (App Access Mode: Block Specific Apps) Select the applications blocked from operating within the SureAccess VPN. Applications other than the specified ones will be allowed. |
| Enable Authentication | Check this option to enforce user authentication during the initial SureAccess setup process on the device. Uncheck to bypass authentication. |
The newly created profile will be listed in the Profiles section.
Go back to the Home tab and select the device(s).
Click Apply to launch the Apply Job/Profile To Device prompt.
In the Apply Job/Profile To Device prompt, select the created profile and click Apply.