Jamf deploy Custom SSL VPN


I have recently changed jobs and my new employer currently uses SoftEther VPN Server. This is configured as an OpenVPN compatible SSL VPN. Therefore as is common with real OpenVPN Mac users are using TunnelBlick as the VPN client.

At this point the VPN configuration is not being deployed centrally and this is what I hope to achieve using Jamf.

I have seen some articles suggesting that this can be done using the OpenVPN Connect client on iOS to connect to an OpenVPN server and remember SoftEther VPN is a compatible server so I feel I should at least be able to get this working for iOS, however what about Macs?

As mentioned the standard Mac client is TunnelBlick. (Yes if you pay for OpenVPN as a commercial product you can get a Mac client but that is not available separately unlike the iOS client.)

As far as I can see TunnelBlick is merely a third-party GUI wrapper to the same OpenVPN command line tool anyway. Would TunnelBlick use its own Custom SSL identifier or the same as OpenVPN i.e. net.openvpn.connect.app?

Anyone managed to push from Jamf settings to a Mac and have this work for TunnelBlick?

Ideally this would use certificates and even better if these can be SCEP generated and included in the same profile.

PS. Ironically this week Apple announced the further castration of Server.app and listed various suggestion for replacements for those soon to be lost functions. For VPN one of the suggestions was SoftEther VPN.