Create a VPN profile
You can use
CylanceGATEWAY
to create a zero trust network access (ZTNA) profile that is recognized by devices as a VPN provider. CylanceGATEWAY
trusts nothing and no one by default. For more information on CylanceGATEWAY
, see Integrating BlackBerry UEM with CylanceGATEWAY to create a ZTNA profile.The required profile settings vary for each device type and depend on the VPN connection type and authentication type that you select.
Some devices may be unable to store the xAuth password. For more information, visit support.blackberry.com/community to read 30353.
- If devices use certificate-based authentication for work VPN connections, create a CA certificate profile and assign it to user accounts, user groups, or device groups. To send client certificates to devices, create a user credential, SCEP, or shared certificate profile to associate with the VPN profile.
- ForiOS,iPadOS,macOS, andSamsung Knoxdevices that use a proxy server, create a proxy profile to associate with the VPN profile.(The proxy server forWindows 10devices is configured in the VPN profile.)
- ForSamsung Knoxdevices, add the appropriate VPN client app to the app list and assign it to user accounts, user groups, or device groups. The supported VPN client apps areCisco AnyConnectandJuniper.
- On the menu bar, clickPolicies and Profiles.
- ClickNetworks and connections > VPN.
- Click
. - Type a name and description for the VPN profile. This information is displayed on devices.
- Perform the following actions:
- Click the tab for a device type.
- Configure the appropriate values for each profile setting to match the VPN configuration in your organization's environment. If your organization requires that users provide a username and password to connect to the VPN and the profile is for multiple users, in theUsernamefield, type%UserName%.
- Repeat step 5 for each device type in your organization.
- ClickAdd.