Netskope Help

Create an On-Demand VPN Profile

You need to know the VPN Server Name and PAC URL shown in the VPN Configuration section of the Netskope UI (Settings > Security Cloud Platform > Netskope Client > MDM Distribution) to complete these steps.

To create an on-demand VPN profile:

  1. Go to Devices > Configuration Profiles > Create Profile. Enter and select these parameters

  2. In the Basics tab of the VPN panel, provide a name for the profile and click Next.

    • Name: Enter a unique name.

    • Platform: iOS

    • Profile type: VPN

  3. In the Configuration settings panel, specify the following VPN settings.:

    • Select Connection type as Cisco (IPSec).

    • In the Base VPN section, enter and select these parameters

      • Connection Name: Enter a name that users will recognize when the profile is installed on their device.

      • VPN Server address: Enter the VPN Server Name from the VPN Configuration section in the Netskope tenant WebUI.

      • Authentication Method: Certificates.

      • Authentication Certificate: Click Select a client authentication certificate, select the SCEP certificate profile you previously created, and then click OK.

      • Split Tunneling: Disabled

    • In the Automatic VPN section, enter and select these parameters:

      • For Type of automatic VPN, select On-demand VPN.

      • For On-demand rules, click Add to enter and select these parameters in the Add Row panel:

        • I want to do the following: Evaluate each connection attempt.

        • Choose whether to connect: Connect if needed.

        • When users try to access these domains: Add the domains for on-demand VPN, like, and so on (separated by a comma). After entering the URLs, click Add. When this URL is unreachable, force-connect the VPN.

        • When domains resolve using any of these DNS servers: Enter the domains to resolve with DNS servers. (Optional)

    • In the Proxy section, enter the location for PAC URL from the VPN configuration section in the Netskope tenant WebUI.

  4. In the Assignment tab, select the target audience.

  5. In the Review + Create tab, verify the settings and click Create.