- Jamf Nation Community
- Products
- Jamf Pro
- Config Profile -> VPN payload -> "On Demand Rules ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Config Profile -> VPN payload -> "On Demand Rules Configuration XML" ?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-09-2020 03:10 PM
Can anybody point me towards some useful documentation on how to take advantage of this? Would love to figure out how to get a VPN config to auto-connect when the user tries to hit particular web sites or is joined to particular networks...
Labels:
- Labels:
-
Configuration profiles
Reply
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-11-2020 09:58 AM
Anybody?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-30-2020 01:21 AM
Also interested in this !
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-14-2020 06:49 AM
Same here. It's nice to have the possiblity to add things in a field, but not so nice if nothing is documented…
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-14-2020 07:00 AM
Same here, also interested in this.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-04-2020 07:59 AM
Since the thread is like a first hit when „googling” this and is still unanswered, here's my findings:
This checkbox and text field correspond to OnDemandEnabled and OnDemandRules keys of the VPN Payload you can find documented in Apple's Configuration Profile Reference (currently on page 93 — subject to change over time). The expected value of the later should be an array of dictionaries (hence Jamf Pro's XML requirement) and accepted values are documented in „On Demand Rules Dictionary Keys” section on pages 95–97.
Still, available documentation is a bit vague and the exact structure of the expected XML is not exactly clear from it. However within #ios channel of MacAdmins' Slack I've found two examples that are accepted by Jamf Pro and should provide you all with just enough information to build your own XMLs to suit your individual needs:
- Connect VPN unless on specific WiFi:
<array> <dict> <key>Action</key> <string>Ignore</string> <key>SSIDMatch</key> <array> <string>SpecificSSID</string> </array> </dict> <dict> <key>Action</key> <string>Connect</string> </dict> </array> - Connect if unable to resolve internal domains on connection attempt:
<array> <dict> <key>Action</key> <string>EvaluateConnection</string> <key>ActionParameters</key> <array> <dict> <key>Domains</key> <array> <string>..local</string> <string>intranet.*.com</string> </array> <key>DomainAction</key> <string>ConnectIfNeeded</string> </dict> </array> </dict> </array>
Surprisingly, Profile Manager and Apple Configurator 2 both still use deprecated keys of OnDemandMatchDomains* 🤔.
Reply
