Hello,
My question is about VPN configurations on iOS, other than Workspace ONE Tunnel. In our case, using Pulse Secure VPN.
To explain the context : We have an on-demand VPN configuration, but we must go to a per-app VPN configuration for the VPN to work with a phishing VPN solution.
On-demand VPN is working correctly : When users calls an internal resource, the VPN is mounting automatically.
With per-app VPN :

• Things are working correctly with Safari only : Everything outside the VPN, and only internal resources inside the VPN (internal domain declared as "Safari Domains" in the VPN configuration).
• Things are not working correctly with Workspace ONE Web : Everything is going inside the VPN (when VPN configuration is associated with the app, of course).

I spent many hours trying different configurations in the VPN profile, and never find a way to get the expected behavior.
I also tried to check with the support, but haven't had a satisfying answer (they told me to user WS1 Tunnel, for which we don't have licences and don't have plans to buy some).
Perhaps somebody had the same problematic ? And hopefully have an answer (perhaps it's impossible with WS1 browser) ?
Moreover, can somebody explain me some of the options in VPN configuration ? And the way to correctly configure them ? Like "Associated Domains" and "Excluded Domains". And also the "new on-demand keys" (I think I've quite understood how it works, but haven't managed to make it working correctly : Whatever the configuration, the VPN seems to connect automatically).
Thank you for your answers.
Aurélien