Apps removed from PerAppVPN configuration after App Update

Question

MohamedJaffer24 OP

Created Mar ’22

Replies 1

Boosts 0

Views 1.3k

Participants 3

We are an MDM Solution . We are offering Per-App-VPN Configurations to Users.

Currently we are experiencing an issue with it. While Applying per-app vpn configuration to the Device, It works fine and the Respective App is in VPN Network. Till now everything works as expected.

Also I can see my device name in the Device Settings (Settings -> VPN Management -> Per App VPN Configurations)

When a New App Update for that app is Pushed to the device. App Starts update and also the App is not anymore configured to the Vpn Configurations .

I can reproduce this locally everytime i try.

Have Attached a Payload for reference

Payload Sent:

> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadVersion</key>
	<integer>1</integer>
	<key>PayloadUUID</key>
	<string>33885c2b-7d69-405d-9e5f-94d579357647</string>
	<key>PayloadType</key>
	<string>Configuration</string>
	<key>PayloadOrganization</key>
	<string>MDM</string>
	<key>PayloadIdentifier</key>
	<string>com.mdm.54119da4-ed12-46d2-bc8c-bfc73c945bde.perapppvpn</string>
	<key>PayloadDisplayName</key>
	<string>perapppvpn</string>
	<key>PayloadRemovalDisallowed</key>
	<true/>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>PayloadUUID</key>
			<string>4b806a39-dd71-4a81-a08f-5cb78f07352c</string>
			<key>PayloadType</key>
			<string>com.apple.vpn.managed.applayer</string>
			<key>PayloadOrganization</key>
			<string>MDM</string>
			<key>PayloadIdentifier</key>
			<string>4b806a39-dd71-4a81-a08f-5cb78f07352c</string>
			<key>PayloadDisplayName</key>
			<string>Per-App VPN Profile Configuration</string>
			<key>UserDefinedName</key>
			<string>Per-App VPN Configuration</string>
			<key>Proxies</key>
			<dict>
			</dict>
			<key>VPN</key>
			<dict>
				<key>RemoteAddress</key>
				<string>**********</string>
				<key>AuthenticationMethod</key>
				<string>Password</string>
				<key>ProviderType</key>
				<string>packet-tunnel</string>
				<key>OnDemandMatchAppEnabled</key>
				<true/>
			</dict>
			<key>VendorConfig</key>
			<dict>
			</dict>
			<key>IPv4</key>
			<dict>
				<key>OverridePrimary</key>
				<integer>1</integer>
			</dict>
			<key>VPNSubType</key>
			<string>*********</string>
			<key>VPNType</key>
			<string>VPN</string>
			<key>VPNUUID</key>
			<string>8dc013a1-a525-4b45-8913-bbc40cd60985</string>
		</dict>
	</array>
</dict>
</plist>|

Answered by Device Management Engineer in 706719022

Please confirm that the subsequent InstallApplicationCommand being issued to update the application also contains the VPNUUID key in the Attributes dictionary, as described here: https://developer.apple.com/documentation/devicemanagement/installapplicationcommand/command/attributes

Boost

Answer 1

Device Management Engineer OP

Apple

Mar ’22

Accepted Answer

Please confirm that the subsequent InstallApplicationCommand being issued to update the application also contains the VPNUUID key in the Attributes dictionary, as described here: https://developer.apple.com/documentation/devicemanagement/installapplicationcommand/command/attributes

1