Per App VPN: Custom SSL

SOTI MobiControl's Per App VPN feature enables you to specify apps which must communicate over a per-app VPN connection. You can specify whether the per-app VPN will automatically start when the app initiates network communications.

General

VPN Name Enter the name of the VPN connection.
Custom SSL Identifier Enter the identifier for the custom SSL VPN (reverse DNS format).
VPN Server Hostname / IP Address Enter the server hostname or IP address of the VPN connection.
Domain Enter the domain for authenticating the VPN connection. Supports macros.
Username Enter the username for authenticating the VPN connection. Supports macros.
Auto Start VPN Select this option to automatically start the VPN.
Provider Type Select the provider type.

Domains

Add Safari Domains Click the + button to add Safari domains. Entries must each specify a domain that triggers the VPN connection in Safari. (Requires iOS 7.0 or later.)
Add Calendar Domains Click the + button to add Calendar domains. Entries must each specify a domain that triggers the VPN connection in Calendar. (Requires iOS 13.0 or later.)
Add Contacts Domains Click the + button to add Contacts domains. Entries must each specify a domain that triggers the VPN connection in Contacts. (Requires iOS 13.0 or later.)
Add Mail Domains Click the + button to add Mail domains. Entries must each specify a domain that triggers the VPN connection in Mail. (Requires iOS 13.0 or later.)
Add SMB Domains Click the + button to add SMB domains. Entries must each specify an SMB domain accessible through this VPN connection. (Requires iOS 7.0 or later.)

Proxy

Proxy Configures the proxy used with this configuration. You can select None, Automatic or Manual.
URL If Automatic is selected, enter the address of the proxy here.
Proxy Server If Manual is selected, enter the hostname or IP address of proxy server.
Username Enter the username for authenticating the connection. Supports macros.
Password Enter the password for authenticating the connection.

Authentication

Authentication Select the type of authentication used for this VPN connection. You can select Password or Certificate.
Password If Password is selected as the authentication type, enter the password used for authentication.
Identity Certificate If Certificate is selected as the authentication type, select the certificate used for identity.
Note: For simplicity, you should deploy the certificate to your devices within the same profile as the per-app VPN configuration.
Enable VPN On Demand When enabled, VPN on demand will establish a VPN connection for specified domains and hostnames.
VPN On Demand Actions Click the Add button to enter VPN On Demand actions.
Parameter Name Enter a name for the integrated parameter.
Action Set an action for the integrated parameter name:

Always establish: a VPN connection is always established for this domain or hostname.

Never establish: a VPN connection is never established for this domain or hostname.

Establish if needed: a VPN connection is established for this domain or hostname if a VPN connection is required.

Custom Data

Parameter Name Enter the integrated parameter name provided by the vendor.
Parameter Value Enter the integrated parameter value provided by the vendor.

Managed Applications

Click the Add button to enter an app name and search the App Store for the applications you want this VPN to apply to. If you have several apps for which you would like to use the VPN, you can upload a .csv or .txt file by clicking the Import button. Each row in the .csv or .txt file must contain the following information: app ID, app name.