Re: Make per-app VPN default but optional

mibir · ‎03-26-2019

Has anyone seen a way to setup the per-app VPN tunnel configuration such that it is the default for an app but not necessarily required? As it stands now it seems that if I send down an app configuration that uses the per-app tunnel it is essentially required. We have apps that work on both corporate wifi and VPN so ideally we'd like to be in a situation where the app tries to use per-app VPN and if it's not available for any reason (Tunnel hosts are down, they forgot to install the VMWare Tunnel app, etc) and are on a network that would normally work for the app they are still able to connect.

LukeDC · ‎03-26-2019

Always been an all or none for me. You could possibly get tricky and send the traffic through an F5 or something and filter traffic based on origin. So if the origin is within your network it would just proceed on. Then if it's from a public network, the rout it onward to the VPND tunnel (per-app). Not sure if it would work, but it's a thought.

mibir · ‎03-27-2019

Interesting idea. I'll need to weigh if it's worth it to even go this route honestly. Being able to pop open an app and have it work is neat but honestly between the behavior on Android feeling a bit clunky (iOS seems silky smooth I'll admit) and folks needing to download an additional app it may make more sense to simply ask people to be on-network or use our traditional VPN service they are used to in effort to avoid confusion.

All

Make per-app VPN default but optional

Application Management