Last active
May 1, 2024 18:03
-
-
Save thomaswitt/2f847199863a103dfcf004fec3c538d0 to your computer and use it in GitHub Desktop.
An OnDemand VPN iOS profile for iPad and iPhone that automatically connects you to different VPNs (e.g. Meraki, FRITZ!Box and Streisand) | Blog-Entry: https://thomas-witt.com/auto-connect-your-ios-device-to-a-vpn-when-joining-an-unknown-wifi-d1df8100c4ba
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
<plist version="1.0"> | |
<dict> | |
<key>PayloadContent</key> | |
<array> | |
<!-- Home: Manual --> | |
<dict> | |
<key>UserDefinedName</key> | |
<string>Home: Manual</string> | |
<key>PayloadDisplayName</key> | |
<string>Home: Manual</string> | |
<key>PayloadIdentifier</key> | |
<string>com.thomas-witt.vpn.homemanual</string> | |
<key>PayloadUUID</key> | |
<string>D58846D4-51B5-437E-9147-199C811ABA1C</string> | |
<key>VPNType</key> | |
<string>IPSec</string> | |
<key>IPSec</key> | |
<dict> | |
<key>RemoteAddress</key> | |
<string>CHANGEME_my-fritz-box.anydns.info</string> | |
<key>AuthenticationMethod</key> | |
<string>SharedSecret</string> | |
<key>XAuthName</key> | |
<string>CHANGEME_USERNAME</string> | |
<key>XAuthPassword</key> | |
<string>CHANGEME_PASSWORD</string> | |
<key>XAuthEnabled</key> | |
<integer>1</integer> | |
<key>LocalIdentifier</key> | |
<string>CHANGEME_USERNAME</string> | |
<key>LocalIdentifierType</key> | |
<string>KeyID</string> | |
<key>SharedSecret</key> | |
<string>CHANGEME_SHAREDSECRET</string> | |
</dict> | |
<key>OverridePrimary</key> | |
<true/> | |
<key>IPv4</key> | |
<dict> | |
<key>OverridePrimary</key> | |
<integer>1</integer> | |
</dict> | |
<key>PayloadType</key> | |
<string>com.apple.vpn.managed</string> | |
<key>PayloadVersion</key> | |
<integer>1</integer> | |
</dict> | |
<!-- Home: WiFi --> | |
<dict> | |
<key>UserDefinedName</key> | |
<string>Home: WiFi</string> | |
<key>PayloadDisplayName</key> | |
<string>Home: WiFi</string> | |
<key>PayloadIdentifier</key> | |
<string>com.thomas-witt.vpn.homewifi</string> | |
<key>PayloadUUID</key> | |
<string>85284094-A9F5-47D7-A1CD-6F831B2FFAC0</string> | |
<key>VPNType</key> | |
<string>IPSec</string> | |
<key>IPSec</key> | |
<dict> | |
<key>RemoteAddress</key> | |
<string>CHANGEME_my-fritz-box.anydns.info</string> | |
<key>AuthenticationMethod</key> | |
<string>SharedSecret</string> | |
<key>XAuthName</key> | |
<string>CHANGEME_USERNAME</string> | |
<key>XAuthPassword</key> | |
<string>CHANGEME_PASSWORD</string> | |
<key>XAuthEnabled</key> | |
<integer>1</integer> | |
<key>LocalIdentifier</key> | |
<string>CHANGEME_USERNAME</string> | |
<key>LocalIdentifierType</key> | |
<string>KeyID</string> | |
<key>SharedSecret</key> | |
<string>CHANGEME_SHAREDSECRET</string> | |
</dict> | |
<key>OnDemandEnabled</key> | |
<integer>1</integer> | |
<key>OnDemandRules</key> | |
<array> | |
<dict> | |
<key>InterfaceTypeMatch</key> | |
<string>WiFi</string> | |
<key>SSIDMatch</key> | |
<array> | |
<string>CHANGEME_HomeNetwork5</string> | |
<string>CHANGEME_HomeNetwork</string> | |
<string>CHANGEME_CompanyNetwork5</string> | |
<string>CHANGEME_CompanyNetwork</string> | |
</array> | |
<key>Action</key> | |
<string>Disconnect</string> | |
</dict> | |
<dict> | |
<key>InterfaceTypeMatch</key> | |
<string>WiFi</string> | |
<key>Action</key> | |
<string>Connect</string> | |
</dict> | |
<dict> | |
<!-- VPN Default state --> | |
<key>Action</key> | |
<string>Disconnect</string> | |
</dict> | |
</array> | |
<key>OverridePrimary</key> | |
<true/> | |
<key>IPv4</key> | |
<dict> | |
<key>OverridePrimary</key> | |
<integer>1</integer> | |
</dict> | |
<key>PayloadType</key> | |
<string>com.apple.vpn.managed</string> | |
<key>PayloadVersion</key> | |
<integer>1</integer> | |
</dict> | |
<!-- Home: Always --> | |
<dict> | |
<key>UserDefinedName</key> | |
<string>Home: Always</string> | |
<key>PayloadDisplayName</key> | |
<string>Home: Always</string> | |
<key>PayloadIdentifier</key> | |
<string>com.thomas-witt.vpn.homealways</string> | |
<key>PayloadUUID</key> | |
<string>C58019ED-9BC1-429F-A457-99FD6D91A0D6</string> | |
<key>VPNType</key> | |
<string>IPSec</string> | |
<key>IPSec</key> | |
<dict> | |
<key>RemoteAddress</key> | |
<string>CHANGEME_my-fritz-box.anydns.info</string> | |
<key>AuthenticationMethod</key> | |
<string>SharedSecret</string> | |
<key>XAuthName</key> | |
<string>CHANGEME_USERNAME</string> | |
<key>XAuthPassword</key> | |
<string>CHANGEME_PASSWORD</string> | |
<key>XAuthEnabled</key> | |
<integer>1</integer> | |
<key>LocalIdentifier</key> | |
<string>CHANGEME_USERNAME</string> | |
<key>LocalIdentifierType</key> | |
<string>KeyID</string> | |
<key>SharedSecret</key> | |
<string>CHANGEME_SHAREDSECRET</string> | |
</dict> | |
<key>OnDemandEnabled</key> | |
<integer>1</integer> | |
<key>OnDemandRules</key> | |
<array> | |
<dict> | |
<!-- VPN Default state --> | |
<key>Action</key> | |
<string>Connect</string> | |
</dict> | |
</array> | |
<key>OverridePrimary</key> | |
<true/> | |
<key>IPv4</key> | |
<dict> | |
<key>OverridePrimary</key> | |
<integer>1</integer> | |
</dict> | |
<key>PayloadType</key> | |
<string>com.apple.vpn.managed</string> | |
<key>PayloadVersion</key> | |
<integer>1</integer> | |
</dict> | |
<!-- ====================================================================================== --> | |
<!-- Company (Meraki): Manual --> | |
<dict> | |
<key>UserDefinedName</key> | |
<string>Company: Manual</string> | |
<key>PayloadDisplayName</key> | |
<string>Company: Manual</string> | |
<key>PayloadIdentifier</key> | |
<string>com.thomas-witt.vpn.companymanual</string> | |
<key>PayloadUUID</key> | |
<string>EE68308C-FB8C-4209-9F5A-629755244190</string> | |
<key>VPNType</key> | |
<string>L2TP</string> | |
<key>IPSec</key> | |
<dict> | |
<key>AuthenticationMethod</key> | |
<string>SharedSecret</string> | |
<key>LocalIdentifierType</key> | |
<string>KeyID</string> | |
<key>SharedSecret</key> | |
<string>CHANGEME_SHAREDSECRET</string> | |
</dict> | |
<key>PPP</key> | |
<dict> | |
<key>AuthName</key> | |
<string>CHANGEME_USERNAME</string> | |
<key>AuthPassword</key> | |
<string>CHANGEME_PASSWORD</string> | |
<key>CommRemoteAddress</key> | |
<string>CHANGEME_router.company.com</string> | |
</dict> | |
<key>OverridePrimary</key> | |
<true/> | |
<key>IPv4</key> | |
<dict> | |
<key>OverridePrimary</key> | |
<integer>1</integer> | |
</dict> | |
<key>PayloadType</key> | |
<string>com.apple.vpn.managed</string> | |
<key>PayloadVersion</key> | |
<integer>1</integer> | |
</dict> | |
<!-- Company (Meraki): WiFi --> | |
<dict> | |
<key>UserDefinedName</key> | |
<string>Company: WiFi</string> | |
<key>PayloadDisplayName</key> | |
<string>Company: WiFi</string> | |
<key>PayloadIdentifier</key> | |
<string>com.thomas-witt.vpn.companywifi</string> | |
<key>PayloadUUID</key> | |
<string>21549F1D-0662-4111-8230-0F8BFD706090</string> | |
<key>VPNType</key> | |
<string>L2TP</string> | |
<key>IPSec</key> | |
<dict> | |
<key>AuthenticationMethod</key> | |
<string>SharedSecret</string> | |
<key>LocalIdentifierType</key> | |
<string>KeyID</string> | |
<key>SharedSecret</key> | |
<string>CHANGEME_SHAREDSECRET</string> | |
</dict> | |
<key>PPP</key> | |
<dict> | |
<key>AuthName</key> | |
<string>CHANGEME_USERNAME</string> | |
<key>AuthPassword</key> | |
<string>CHANGEME_PASSWORD</string> | |
<key>CommRemoteAddress</key> | |
<string>CHANGEME_router.company.com</string> | |
</dict> | |
<key>OnDemandEnabled</key> | |
<integer>1</integer> | |
<key>OnDemandRules</key> | |
<array> | |
<dict> | |
<key>InterfaceTypeMatch</key> | |
<string>WiFi</string> | |
<key>SSIDMatch</key> | |
<array> | |
<string>CHANGEME_HomeNetwork5</string> | |
<string>CHANGEME_HomeNetwork</string> | |
<string>CHANGEME_CompanyNetwork5</string> | |
<string>CHANGEME_CompanyNetwork</string> | |
</array> | |
<key>Action</key> | |
<string>Disconnect</string> | |
</dict> | |
<dict> | |
<key>InterfaceTypeMatch</key> | |
<string>WiFi</string> | |
<key>Action</key> | |
<string>Connect</string> | |
</dict> | |
<dict> | |
<!-- VPN Default state --> | |
<key>Action</key> | |
<string>Disconnect</string> | |
</dict> | |
</array> | |
<key>OverridePrimary</key> | |
<true/> | |
<key>IPv4</key> | |
<dict> | |
<key>OverridePrimary</key> | |
<integer>1</integer> | |
</dict> | |
<key>PayloadType</key> | |
<string>com.apple.vpn.managed</string> | |
<key>PayloadVersion</key> | |
<integer>1</integer> | |
</dict> | |
<!-- Company (Meraki): Always --> | |
<dict> | |
<key>UserDefinedName</key> | |
<string>Company: Always</string> | |
<key>PayloadDisplayName</key> | |
<string>Company: Always</string> | |
<key>PayloadIdentifier</key> | |
<string>com.thomas-witt.vpn.companyalways</string> | |
<key>PayloadUUID</key> | |
<string>6011F604-73E7-4473-8811-FDBB3AE8FBE5</string> | |
<key>VPNType</key> | |
<string>L2TP</string> | |
<key>IPSec</key> | |
<dict> | |
<key>AuthenticationMethod</key> | |
<string>SharedSecret</string> | |
<key>LocalIdentifierType</key> | |
<string>KeyID</string> | |
<key>SharedSecret</key> | |
<string>CHANGEME_SHAREDSECRET</string> | |
</dict> | |
<key>PPP</key> | |
<dict> | |
<key>AuthName</key> | |
<string>CHANGEME_USERNAME</string> | |
<key>AuthPassword</key> | |
<string>CHANGEME_PASSWORD</string> | |
<key>CommRemoteAddress</key> | |
<string>CHANGEME_router.company.com</string> | |
</dict> | |
<key>OnDemandEnabled</key> | |
<integer>1</integer> | |
<key>OnDemandRules</key> | |
<array> | |
<dict> | |
<!-- VPN Default state --> | |
<key>Action</key> | |
<string>Connect</string> | |
</dict> | |
</array> | |
<key>OverridePrimary</key> | |
<true/> | |
<key>IPv4</key> | |
<dict> | |
<key>OverridePrimary</key> | |
<integer>1</integer> | |
</dict> | |
<key>PayloadType</key> | |
<string>com.apple.vpn.managed</string> | |
<key>PayloadVersion</key> | |
<integer>1</integer> | |
</dict> | |
<!-- ====================================================================================== --> | |
<!-- AWS Streisand: Manual --> | |
<dict> | |
<key>UserDefinedName</key> | |
<string>AWS: Manual</string> | |
<key>PayloadDisplayName</key> | |
<string>AWS: Manual</string> | |
<key>PayloadIdentifier</key> | |
<string>com.thomas-witt.vpn.awsmanual</string> | |
<key>PayloadUUID</key> | |
<string>16EF541B-CF77-4BF2-871F-CEB688D6BE35</string> | |
<key>VPNType</key> | |
<string>L2TP</string> | |
<key>IPSec</key> | |
<dict> | |
<key>AuthenticationMethod</key> | |
<string>SharedSecret</string> | |
<key>LocalIdentifierType</key> | |
<string>KeyID</string> | |
<key>SharedSecret</key> | |
<data>CHANGEME_SHAREDSECRET</data> | |
</dict> | |
<key>PPP</key> | |
<dict> | |
<key>AuthName</key> | |
<string>streisand</string> | |
<key>AuthPassword</key> | |
<string>CHANGEME_PASSWORD</string> | |
<key>CommRemoteAddress</key> | |
<string>CHANGEME_STREISAND_ELASIC_IP_1.2.3.4</string> | |
</dict> | |
<key>OverridePrimary</key> | |
<true/> | |
<key>IPv4</key> | |
<dict> | |
<key>OverridePrimary</key> | |
<integer>1</integer> | |
</dict> | |
<key>PayloadType</key> | |
<string>com.apple.vpn.managed</string> | |
<key>PayloadVersion</key> | |
<integer>1</integer> | |
</dict> | |
<!-- AWS Streisand: WiFi --> | |
<dict> | |
<key>UserDefinedName</key> | |
<string>AWS: WiFi</string> | |
<key>PayloadDisplayName</key> | |
<string>AWS: WiFi</string> | |
<key>PayloadIdentifier</key> | |
<string>com.thomas-witt.vpn.awswifi</string> | |
<key>PayloadUUID</key> | |
<string>BEC1320F-BC55-45C2-A588-0D9EA9C08B81</string> | |
<key>VPNType</key> | |
<string>L2TP</string> | |
<key>IPSec</key> | |
<dict> | |
<key>AuthenticationMethod</key> | |
<string>SharedSecret</string> | |
<key>LocalIdentifierType</key> | |
<string>KeyID</string> | |
<key>SharedSecret</key> | |
<data>CHANGEME_SHAREDSECRET</data> | |
</dict> | |
<key>PPP</key> | |
<dict> | |
<key>AuthName</key> | |
<string>streisand</string> | |
<key>AuthPassword</key> | |
<string>CHANGEME_PASSWORD</string> | |
<key>CommRemoteAddress</key> | |
<string>CHANGEME_STREISAND_ELASIC_IP_1.2.3.4</string> | |
</dict> | |
<key>OnDemandEnabled</key> | |
<integer>1</integer> | |
<key>OnDemandRules</key> | |
<array> | |
<dict> | |
<key>InterfaceTypeMatch</key> | |
<string>WiFi</string> | |
<key>SSIDMatch</key> | |
<array> | |
<string>CHANGEME_HomeNetwork5</string> | |
<string>CHANGEME_HomeNetwork</string> | |
<string>CHANGEME_CompanyNetwork5</string> | |
<string>CHANGEME_CompanyNetwork</string> | |
</array> | |
<key>Action</key> | |
<string>Disconnect</string> | |
</dict> | |
<dict> | |
<key>InterfaceTypeMatch</key> | |
<string>WiFi</string> | |
<key>Action</key> | |
<string>Connect</string> | |
</dict> | |
<dict> | |
<!-- VPN Default state --> | |
<key>Action</key> | |
<string>Disconnect</string> | |
</dict> | |
</array> | |
<key>OverridePrimary</key> | |
<true/> | |
<key>IPv4</key> | |
<dict> | |
<key>OverridePrimary</key> | |
<integer>1</integer> | |
</dict> | |
<key>PayloadType</key> | |
<string>com.apple.vpn.managed</string> | |
<key>PayloadVersion</key> | |
<integer>1</integer> | |
</dict> | |
<!-- AWS Streisand: Always --> | |
<dict> | |
<key>UserDefinedName</key> | |
<string>AWS: Always</string> | |
<key>PayloadDisplayName</key> | |
<string>AWS: Always</string> | |
<key>PayloadIdentifier</key> | |
<string>com.thomas-witt.vpn.awsalways</string> | |
<key>PayloadUUID</key> | |
<string>E4676C88-3881-4475-99E0-0EB399137B58</string> | |
<key>VPNType</key> | |
<string>L2TP</string> | |
<key>IPSec</key> | |
<dict> | |
<key>AuthenticationMethod</key> | |
<string>SharedSecret</string> | |
<key>LocalIdentifierType</key> | |
<string>KeyID</string> | |
<key>SharedSecret</key> | |
<data>CHANGEME_SHAREDSECRET</data> | |
</dict> | |
<key>PPP</key> | |
<dict> | |
<key>AuthName</key> | |
<string>streisand</string> | |
<key>AuthPassword</key> | |
<string>CHANGEME_PASSWORD</string> | |
<key>CommRemoteAddress</key> | |
<string>CHANGEME_STREISAND_ELASIC_IP_1.2.3.4</string> | |
</dict> | |
<key>OnDemandEnabled</key> | |
<integer>1</integer> | |
<key>OnDemandRules</key> | |
<array> | |
<dict> | |
<!-- VPN Default state --> | |
<key>Action</key> | |
<string>Connect</string> | |
</dict> | |
</array> | |
<key>OverridePrimary</key> | |
<true/> | |
<key>IPv4</key> | |
<dict> | |
<key>OverridePrimary</key> | |
<integer>1</integer> | |
</dict> | |
<key>PayloadType</key> | |
<string>com.apple.vpn.managed</string> | |
<key>PayloadVersion</key> | |
<integer>1</integer> | |
</dict> | |
</array> | |
<key>PayloadDisplayName</key> | |
<string>VPN Configurations</string> | |
<key>PayloadIdentifier</key> | |
<string>TW.BAB78424-28FB-4654-915D-93D0CB87CC7B</string> | |
<key>PayloadRemovalDisallowed</key> | |
<false/> | |
<key>PayloadType</key> | |
<string>Configuration</string> | |
<key>PayloadUUID</key> | |
<string>A9F4B095-4336-4ECD-A2B2-3D52D778E743</string> | |
<key>PayloadVersion</key> | |
<integer>1</integer> | |
</dict> | |
</plist> | |
If I already have an OpenVPN profile set up on my iPad, is there a way to just have the iPad use that all the time whenever I’m connected, whether I’m on my home Wifi or on a public Wifi? In that case the VPNSubType key should be net.openvpn.connect.app, correct?
👍 Perfect, its working. Can you create mobileconfig for openvpn too?
Thank you. This is just what i needed.
@thomaswitt I have a TailScale App. How do I configure this to use it with that? and change the home settings accordingly?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Awesome gist, I was looking for something to do exactly this. You may want to fix lines 378, 421, and 494. It's not incriminating information, but I thought I would point it out. Thanks again!