+7HI all,
With iOS is it possible to allow the MDM traffic outside of an always on VPN? This is to enable us to disable the VPN if that part of our infrastructure goes down (which does happen).
There are options to make the VPN per app or exclude specific Bundle IDs. Either forcing all apps to use a VPN or excluding the Bundle ID's of the iOS management components (if they exist) seems like promising approachs.
Regards
Graeme
+10Is there a reason you cannot run the MDM server in a DMZ? Or for better security you could cluster the servers and keep the main server inside the LAN and the cluster server in the DMZ. Then use split DNS tunneling for access?
+7Thanks for the suggestion however we already run the MDM in a DMZ with a split DNS. If the iPad cannot connect to the always on VPN it wont allow any network traffic, including to either face of the MDM server. Since the network traffic is blocked it cant get any command to remove the profile.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.