SRP VPN does not automatically turn off on iOS after initial assessment completes when app is in non-interactive mode


Article ID: 195977


Updated On:


Endpoint Protection Mobile


This happens under very specific circumstances.

1. Non-Interactive App Mode is enabled under Settings>SEP Mobile App>NonInteractive App Mode
2. Sensitive Corporate Resources are configured under Settings>Security>Sensitive Corporate Resources
3. Block access to defined Sensitive Corporate Resources is checked under Settings>Security>Compliance

After enrolling iOS devices with these settings enabled, enrolled iOS devices will have be initially non-compliant and unable to access sensitive corporate resources as the Selected Resources Protection (SRP) VPN will be enabled. After the initial security assessment completes, the device will become compliant, but the SRP VPN will not automatically disengage and allow connections to the Sensitive Corporate Resources. The SRP VPN can be manually disabled.




To workaround this issue, disable non-interactive app mode under Settings>SEP Mobile App>NonInteractive App Mode.

To partially simulate non-interactive mode , push notifications to users can be disabled.