VPN Configuration Profile
The VPN profile enables administrators to effectively set up enrolled devices, allowing them to establish a secure connection to a wireless network using a VPN. By configuring a VPN profile, administrators gain the ability to remotely manage the network connectivity of enrolled devices.
To configure VPN settings, follow these steps:
Navigate to SureMDM Web Console > Profiles > Windows > Add > VPN > Configure.
Enter a Profile Name.
Configure the following VPN settings and click Save:
| Settings | Description |
|---|---|
| Connection Type | Choose the network connection method from the drop-down menu: - Native - Third Party |
| SureAccess Configuration | |
| Connection Name | Name of the connection to be displayed on the device. |
| Enable SureAccess | Check this option to enable SureAccess |
| Always On | Check this option to keep the VPN connection persistent at all times. This ensures that all device traffic routes through the VPN automatically, providing continuous security. |
| Tunnelled CIDR List | Specify the Classless Inter-Domain Routing (CIDR) ranges allowed to access the VPN. |
| Tunnelled FQDN List | List the Fully Qualified Domain Names (FQDNs) allowed to access the VPN. |
| Blocked FQDN List | Select from the pre-configured FQDNs to explicitly deny access through the secure tunnel. |
| Enable Web Filtering | Check this option to block user access to websites based on selected content categories. |
| Blocked Category List | Choose the categories of websites (e.g., Social Media, Gaming) that will be blocked when Enable Web Filtering is active. |
| Enable Authentication | Check this option to enforce user authentication during the initial SureAccess setup process on the device. Uncheck to bypass authentication. |
| Other VPN Configuration | |
| If Native is selected as Connection Type | Set the following configurations: - Native Protocol Type - Server - Routing Policy Type |
| If Third Party is selected as Connection Type | Set the following configurations: - Plugin Profile Package Family Name - Plugin Profile Server URL List - Plugin Profile Custom Configuration Supported Third-Party VPNs: - Pulse Secure VPN - F5 VPN Client - SonicWALL Mobile Connect - Cisco AnyConnect - Check Point Capsule VPN - GlobalProtect |
| Application Trigger List | Specify a list of applications, separated by commas, that will trigger the VPN connection when launched. If any of the listed applications are opened while the associated VPN profile is active, the VPN profile will automatically route all app connections via VPN. |
| Remember Credentials | Check this option to save credentials for automatic login on future connections. If unchecked, credentials must be entered each time a connection is made. |
| Always On | Check this option to keep the VPN always ON. |
| Lock Down | Check this option to prevent users from stopping or disabling the Secure Client services. |
| DNS Suffix | Specify a list of DNS Suffix for VPN Interface. |
| Trusted Network Detection | Specify one or more trusted networks, separated by commas where the VPN will not connect automatically and protected resources are directly accessible to the device over a connected network. |
| Proxy Auto Config URL | Specifies how the VPN client retrieves proxy settings: If Selected: - Not Configured: No proxy settings are applied - Auto: Enter the Proxy Auto Config URL - Manual: Enter the Proxy Server name where all the devices are connected |
note
The above settings vary depending on the Connection Type chosen.
The newly created profile will be listed in the Profiles section.
- Go back to the Home tab and select the Windows device(s) or group(s).
- Click Apply to launch the Apply Job/Profile To Device prompt.
- Select the profile under All Jobs/Profiles.
- Click Apply in the Apply/Profile To Device prompt.