Per App VPN: NetMotion

SOTI MobiControl's iOS Per App VPN feature enables you to specify apps which must communicate over a per-app VPN connection. You can specify whether the per-app VPN will automatically start when the app initiates network communications.

General

VPN Name Enter a name for this VPN connection. The name cannot contain spaces or special characters.
VPN Server Hostname/IP Address Enter the hostname or IP address for your VPN server.
Domain Enter the domain that authenticates your VPN connection
Username Enter a username.

You can use the following macros to specify usernames: %ENROLLEDUSER_UPN%, %ENROLLEDUSER_DOMAIN%, %ENROLLEDUSER_USERNAME%.

Target Domain Enter the target domain.
Port Enter the port number of your mobility server port, if changed from the default (5008).

This option is only available when the Target Domain field has been completed.

Profile Name Enter a unique name for this profile. Necessary if you plan to create several VPN profiles with the same server address.
Auto Start VPN When enabled, the VPN connects automatically, even before any of the managed applications are initiated.

Proxy

Proxy Select a proxy to be used with this VPN configuration.

None: Do not use a proxy. Do not fill out any of the fields in this section.

Manual: Manually fill in the fields with the settings for your proxy.

Automatic: Enter a URL that contains information for this proxy.

URL Enter a URL with the settings for your Proxy

Only applicable on Automatic proxy setups.

Proxy Server Enter the hostname or IP address of your proxy server.

Only applicable on Manual proxy setups.

Username Enter a username that authenticates the proxy connection.

Only applicable when setting up a Manual proxy connection.

Password Enter a password that authenticates the proxy connection.

Only applicable when setting up a Manual proxy connection.

Authentication

Authentication Select the authentication method that this VPN connection will use:

Password: a static password is used for authentication.

Certificate:

Password used to authenticate the connection Enter a secure password that will be used to authenticate the connection.

This option only applicable when Password is selected as the authentication type.

Identity Certificate Select an identity certificate from the drop-down list. This certificate will be used to authenticate the VPN server.

This option only applicable when Certificate is selected as the authentication type.

Validate Server When enabled, the connection is only established once the authentication's server certificate is validated by the client.

This option only applicable when Certificate is selected as the authentication type.

Server Suffix Enter a suffix for the server. A connection will only be established if the server name ends with this value.

This option only applicable when Password is selected as the authentication type.

Enable VPN on Demand When enabled, the VPN automatically connects to or blocks certain domains or hostnames specified in the VPN on Demand Actions below.

VPN On Demand Actions

To add multiple VPN On Demand Actions, enter the settings for your first action and a new empty row appears.

Integrated Parameter Name Create a name for the integrated parameter.
Action Set an action for the integrated parameter name:

Always Establish: a VPN connection is always established for this domain or hostname.

Never Establish: a VPN connection is never established for this domain or hostname.

Establish if needed: a VPN connection is established for this domain or hostname if a VPN connection is required.

Managed Applications

Click Search application to enter an app name and search the App Store for the applications you want this VPN to apply to. If you have several apps that you would like to use the VPN, you can upload a .csv file by clicking Import file. Each row in the .csv file must contain the following information: <App ID>, <App Name>