We deployed a Configuration Profile with a VPN payload ever since we started using Jamf Pro to M1 Macbook Airs running MacOS 12.5 at the time the CP was deployed.  Everything worked fine. Recently, we needed to add a new M2 Macbook Pro running MacOS 13.6 and suddenly the VPN profile would not work and only display "An unexpected error occurred". What's weird is that if we create a new Configuration Profile with the EXACT same payload settings and deploy it AFTER the entire provisioning process is complete, then that new Configuration Profile allows the user to connect to the VPN. Thinking it may just be a fluke, we re-provisioned the Macbook and assigned the new CP to it and it still breaks with the same error message. And once again, if I create either a new CP in Jamf Pro or manually create the VPN under Settings, it works just fine.

I've been trying to locate the log file for the VPN but there is no /var/log/ppp and I've also tried to use Console to look at logs but can't find anything.

Any suggestions where we could start looking?

We did have an issue with the new Macbook Pro when deploying SCEP and Wi-Fi where it needed to be the last step in the whole provisioning process otherwise it won't work. Is it possible this is a similar issue and it now wants the VPN profile to be configured AFTER the user logs in?

BTW, we're connecting using IPSec to a Fortigate (we're not using the Forticlient as we're trying to avoid having to install additional apps).