Jamf Nation Community

Nevermind. I found the function in the restrictions on the JSS.

There is a restriction so that new VPNs can't be configured, but is there a way to check to see if some script kiddie has already done it and is using it? Or does pushing that config profile out disable any currently configured as well?

@WhippsT @thejenbot We have found that the restriction you are speaking of does not allow users to configure manual VPNs, but it still allows apps to function. I saw this criterion a few months back and I am searching based on this. Seems to be working great!

anonymous
betternet
private
proxy
tunnel
unblocker
vpn

I don't remember the topic I found these in, but whoever listed them - it has worked wonders.

Hi @jared_f @WhippsT @thejenbot

Please consider upvoting this feature request: https://www.jamf.com/jamf-nation/feature-requests/2880/show-current-vpn-status

Reporting on applications with the word "vpn, betternet" etc. only reports that the VPN app was installed, but doesn't report on whether a VPN is actually configured. Users can manually configure the VPN via settings, VPN - without an application - and these VPN users are now invisible to your report. It's quite a major loophole for our student safeguarding.

I've already tried blocking manual creation of VPNs via a configuration profile - it stops creation of new, but if they were already in place, it leaves them alone! Given the report was only looking at app installs, not VPNs configured, the report was essentially useless - we were targeting some students who didn't have a VPN but did have an app, and missing some students who did have a VPN but no app!