iOS in-app VPN Palo Alto Firewall

New Contributor

Does anyone use a Palo Alto appliance for their VPN configuration?

We are attempting to set up an in-app VPN that would launch automatically when app is open.

Healthcare environment
Apple Business Manager with Volume distribution
Jamf Pro Cloud 10.13
App - Epic Rover, but hoping to use in others eventually.
Firewall and firmware - pa-5050 7.1.9 firmware
Global protect is version 4.1.4
iphone/ipad is wifi+lte
We are trying to avoid VPN'ing the whole device using the palo alto's Global Protect App
(which DOES work at this time)

need to know how to configure palo alto for in-app vpn if different than the existing vpn config.

need to know how to configure the jamf (iOS) vpn config profile which will later be assigned to the epic rover app.

does anything have to be added in the config section of the app or applying the vpn profile to the app is enough when deploying?

any and all insight to this would be highly appreciated...THANKS!

PS: InfoSec is concerned in-app vpn will not trigger MFA/2FA to use RSA or Microsoft Authenticator. any thoughts?