3

In an iOS application if you had to access corporate remote services, through VPN, what would be your pattern to ensure you have connectivity and inform the user if that's not the case:

  • check that your network and VPN are working (by checking if some host like google.com and some private enterprise host are reachable) and if that's the case then call the remote service?
  • or call directly the remote service, and if there is a network exception, then check if both a network host and an enterprise host are reachable? (to find-out what's going on and inform the user)
  • or you would do it differently?
Fabien
  • 1,015
  • 2
  • 11
  • 22

1 Answers1

1

Usual approach:

1)User opens VPN client enables VPN connectivity

2)User uses the app.

Alternative approach:

If you are developing an enterprise application then you could possibly start and stop VPN connection right from the app using apple's private api.

Advantages of the approach:

So that all the network connections from the app are routed through VPN and user doesn't have to enable VPN connection every time he uses the app.

Reference:

You could find some hot discussions on this topic in the following threads.

Thread 1

Thread 2

Thread 3

Community
  • 1
  • 1
Durai Amuthan.H
  • 31,670
  • 10
  • 160
  • 241
  • For the 1st item in your usual approach list, is the user enabling VPN connectivity via 'Settings->General->VPN' or can the app do it? – aspergillusOryzae Feb 11 '14 at 21:52
  • 1
    There are VPN client apps available which opens up VPN connection so that every web request is routed through VPN.To name few VPN Client apps Cisco anyconnect and Junos Pulse – Durai Amuthan.H Feb 12 '14 at 12:03
  • It sounds like even with iOS7 (as of 02/12/14) we are still not able to have an app enable the global VPN unless we are invited to use apple's private API? I just wanted to confirm. I am making an app tied to an MDM, and once the MDM pushes a VPN profile to the device I wanted to enable the VPN without having the user do it (or allow them to enable VPN from within my app). Thanks! – aspergillusOryzae Feb 12 '14 at 19:58
  • Yes you are right. But If you use MobileIron MDM then you can look into add on module called AppTunnel which lets you open VPN connection for your app alone not for other apps.To know more visit http://www.mobileiron.com/en/products/appswork/apptunnel or You can create VPN on demand Configuration profile through which you could easily open vpn connection from your app. – Durai Amuthan.H Feb 14 '14 at 20:14
  • I am using AirWatch as my MDM, and after AirWatch pushes a profile to my device, I wanted to turn on the VPN for all apps (as if the user had turned it on through `Settings->General->VPN->On`). My related question is here: [Programmatically verify an MDM profile configuration has been successfully pushed to an iOS device?](http://stackoverflow.com/q/21743291/1337402) I will check and see if AirWatch has anything similar, thanks! – aspergillusOryzae Feb 17 '14 at 20:23
  • Accessing one of the domain of VPN CONNECT ON DEMAND domain list will open the VPN connection for the whole iPad and I sucessfully tried by visiting one of the domain in my safari. – Durai Amuthan.H Feb 19 '14 at 16:22
  • Do you know if using https interferes with that? I added `mydomain.com` as a domain to match VPN ON DEMAND, so VPN gets enabled when I go to `www.mydomain.com` or `https://www.mydomain.com`, but `https://mydomain.com` doesn't enable the VPN. And the first two addresses don't take me to the correct site for which I need VPN turned on. – aspergillusOryzae Feb 21 '14 at 19:41