After reviewing WWDC video (WWDC 2015 - Session 717 - OS X, iOS) and looking at other ways to understand the problem, there is still lack of guidance and/or missing tool to create the proper tags to create per-App VPN.
Despite it being less than ideal, the VPN Server is using PPTP . I will eventually have a suite of custom enterprise apps that will all use the VPN connection.
So.....I will need to setup the VPN and the vpn.managed.applayer.
We have a MDM solution to push the config files and the options in it are more numerous than to the Apple Configurator 2. In fact, there is a section for "App Configuration" and I have tried to add the Per-App Payload but it is not being recognized by the iOS Device(s).
I have also reveiwed the configuration file in the video...the schema is differnt than that of the ones gernated by the Apple tools.
Here is my effort XML is is incorrect. Can anyone provide a sample that works with the tools?
(I hope Eskimo can help here)
============================================================
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadIdentifier</key>
<string>com.apple.mdm.XXXXXX.XXXX</string>
<key>PayloadRemovalDisallowed</key>
<false/>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>XXXXXXXXXXXXXXXXX</string>
<key>PayloadOrganization</key>
<string>MyCompany</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PayloadDisplayName</key>
<string>Config</string>
<key>PayloadDescription</key>
<string>Mobile Configuration</string>
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PayloadIdentifier</key>
<string>com.apple.mdm.XXXXXX</string>
<key>PayloadUUID</key>
<string>XXXXXXXXXXXX</string>
<key>PayloadEnabled</key>
<true/>
<key>PayloadDisplayName</key>
<string>VPN</string>
<key>VPNType</key>
<string>PPTP</string>
<key>PPP</key>
<dict>
<key>OnDemandEnabled</key>
<integer>1</integer>
<key>CCPEnabled</key>
<integer>1</integer>
<key>CCPMPPE40Enabled</key>
<integer>1</integer>
<key>CCPMPPE128Enabled</key>
<integer>1</integer>
<key>CommRemoteAddress</key>
<string>8.8.8.8</string>
<key>AuthName</key>
<string>username</string>
<key>OnDemandMode</key>
<string>Agressive</string>
<key>OnDemandMatchDomainsAlways</key>
<array/>
<key>OnDemandMatchDomainsNever</key>
<array/>
<key>OnDemandMatchDomainsOnRetry</key>
<array>
<string>*curexomed.local</string>
</array>
<key>AuthenticationMethod</key>
<string>Password</string>
<key>AuthPassword</key>
<string>pasword/string>
</dict>
<key>IPSec</key>
<dict>
<key>OnDemandEnabled</key>
<integer>0</integer>
</dict>
<key>Proxies</key>
<dict/>
<key>AlwaysOn</key>
<dict>
<key>TunnelConfigurations</key>
<array>
<dict>
<key>ProtocolType</key>
<string>IKEv2</string>
<key>Interfaces</key>
<array>
<string>Cellular</string>
</array>
<key>AuthenticationMethod</key>
<string>SharedSecret</string>
<key>DeadPeerDetectionRate</key>
<string>Medium</string>
<key>CertificateType</key>
<string>RSA</string>
</dict>
<dict>
<key>ProtocolType</key>
<string>IKEv2</string>
<key>Interfaces</key>
<array>
<string>WiFi</string>
</array>
<key>AuthenticationMethod</key>
<string>SharedSecret</string>
<key>DeadPeerDetectionRate</key>
<string>Medium</string>
<key>CertificateType</key>
<string>RSA</string>
</dict>
</array>
</dict>
<key>UserDefinedName</key>
<string>Caompany VPN</string>
<key>IPv4</key>
<dict>
<key>OverridePrimary</key>
<integer>1</integer>
</dict>
</dict>
</array>
</dict>
</plist>