Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
An OnDemand VPN iOS profile for iPad and iPhone that automatically connects you to different VPNs (e.g. Meraki, FRITZ!Box and Streisand) | Blog-Entry: https://thomas-witt.com/auto-connect-your-ios-device-to-a-vpn-when-joining-an-unknown-wifi-d1df8100c4ba
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<!-- Home: Manual -->
<dict>
<key>UserDefinedName</key>
<string>Home: Manual</string>
<key>PayloadDisplayName</key>
<string>Home: Manual</string>
<key>PayloadIdentifier</key>
<string>com.thomas-witt.vpn.homemanual</string>
<key>PayloadUUID</key>
<string>D58846D4-51B5-437E-9147-199C811ABA1C</string>
<key>VPNType</key>
<string>IPSec</string>
<key>IPSec</key>
<dict>
<key>RemoteAddress</key>
<string>CHANGEME_my-fritz-box.anydns.info</string>
<key>AuthenticationMethod</key>
<string>SharedSecret</string>
<key>XAuthName</key>
<string>CHANGEME_USERNAME</string>
<key>XAuthPassword</key>
<string>CHANGEME_PASSWORD</string>
<key>XAuthEnabled</key>
<integer>1</integer>
<key>LocalIdentifier</key>
<string>CHANGEME_USERNAME</string>
<key>LocalIdentifierType</key>
<string>KeyID</string>
<key>SharedSecret</key>
<string>CHANGEME_SHAREDSECRET</string>
</dict>
<key>OverridePrimary</key>
<true/>
<key>IPv4</key>
<dict>
<key>OverridePrimary</key>
<integer>1</integer>
</dict>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
<!-- Home: WiFi -->
<dict>
<key>UserDefinedName</key>
<string>Home: WiFi</string>
<key>PayloadDisplayName</key>
<string>Home: WiFi</string>
<key>PayloadIdentifier</key>
<string>com.thomas-witt.vpn.homewifi</string>
<key>PayloadUUID</key>
<string>85284094-A9F5-47D7-A1CD-6F831B2FFAC0</string>
<key>VPNType</key>
<string>IPSec</string>
<key>IPSec</key>
<dict>
<key>RemoteAddress</key>
<string>CHANGEME_my-fritz-box.anydns.info</string>
<key>AuthenticationMethod</key>
<string>SharedSecret</string>
<key>XAuthName</key>
<string>CHANGEME_USERNAME</string>
<key>XAuthPassword</key>
<string>CHANGEME_PASSWORD</string>
<key>XAuthEnabled</key>
<integer>1</integer>
<key>LocalIdentifier</key>
<string>CHANGEME_USERNAME</string>
<key>LocalIdentifierType</key>
<string>KeyID</string>
<key>SharedSecret</key>
<string>CHANGEME_SHAREDSECRET</string>
</dict>
<key>OnDemandEnabled</key>
<integer>1</integer>
<key>OnDemandRules</key>
<array>
<dict>
<key>InterfaceTypeMatch</key>
<string>WiFi</string>
<key>SSIDMatch</key>
<array>
<string>CHANGEME_HomeNetwork5</string>
<string>CHANGEME_HomeNetwork</string>
<string>CHANGEME_CompanyNetwork5</string>
<string>CHANGEME_CompanyNetwork</string>
</array>
<key>Action</key>
<string>Disconnect</string>
</dict>
<dict>
<key>InterfaceTypeMatch</key>
<string>WiFi</string>
<key>Action</key>
<string>Connect</string>
</dict>
<dict>
<!-- VPN Default state -->
<key>Action</key>
<string>Disconnect</string>
</dict>
</array>
<key>OverridePrimary</key>
<true/>
<key>IPv4</key>
<dict>
<key>OverridePrimary</key>
<integer>1</integer>
</dict>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
<!-- Home: Always -->
<dict>
<key>UserDefinedName</key>
<string>Home: Always</string>
<key>PayloadDisplayName</key>
<string>Home: Always</string>
<key>PayloadIdentifier</key>
<string>com.thomas-witt.vpn.homealways</string>
<key>PayloadUUID</key>
<string>C58019ED-9BC1-429F-A457-99FD6D91A0D6</string>
<key>VPNType</key>
<string>IPSec</string>
<key>IPSec</key>
<dict>
<key>RemoteAddress</key>
<string>CHANGEME_my-fritz-box.anydns.info</string>
<key>AuthenticationMethod</key>
<string>SharedSecret</string>
<key>XAuthName</key>
<string>CHANGEME_USERNAME</string>
<key>XAuthPassword</key>
<string>CHANGEME_PASSWORD</string>
<key>XAuthEnabled</key>
<integer>1</integer>
<key>LocalIdentifier</key>
<string>CHANGEME_USERNAME</string>
<key>LocalIdentifierType</key>
<string>KeyID</string>
<key>SharedSecret</key>
<string>CHANGEME_SHAREDSECRET</string>
</dict>
<key>OnDemandEnabled</key>
<integer>1</integer>
<key>OnDemandRules</key>
<array>
<dict>
<!-- VPN Default state -->
<key>Action</key>
<string>Connect</string>
</dict>
</array>
<key>OverridePrimary</key>
<true/>
<key>IPv4</key>
<dict>
<key>OverridePrimary</key>
<integer>1</integer>
</dict>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
<!-- ====================================================================================== -->
<!-- Company (Meraki): Manual -->
<dict>
<key>UserDefinedName</key>
<string>Company: Manual</string>
<key>PayloadDisplayName</key>
<string>Company: Manual</string>
<key>PayloadIdentifier</key>
<string>com.thomas-witt.vpn.companymanual</string>
<key>PayloadUUID</key>
<string>EE68308C-FB8C-4209-9F5A-629755244190</string>
<key>VPNType</key>
<string>L2TP</string>
<key>IPSec</key>
<dict>
<key>AuthenticationMethod</key>
<string>SharedSecret</string>
<key>LocalIdentifierType</key>
<string>KeyID</string>
<key>SharedSecret</key>
<string>CHANGEME_SHAREDSECRET</string>
</dict>
<key>PPP</key>
<dict>
<key>AuthName</key>
<string>CHANGEME_USERNAME</string>
<key>AuthPassword</key>
<string>CHANGEME_PASSWORD</string>
<key>CommRemoteAddress</key>
<string>CHANGEME_router.company.com</string>
</dict>
<key>OverridePrimary</key>
<true/>
<key>IPv4</key>
<dict>
<key>OverridePrimary</key>
<integer>1</integer>
</dict>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
<!-- Company (Meraki): WiFi -->
<dict>
<key>UserDefinedName</key>
<string>Company: WiFi</string>
<key>PayloadDisplayName</key>
<string>Company: WiFi</string>
<key>PayloadIdentifier</key>
<string>com.thomas-witt.vpn.companywifi</string>
<key>PayloadUUID</key>
<string>21549F1D-0662-4111-8230-0F8BFD706090</string>
<key>VPNType</key>
<string>L2TP</string>
<key>IPSec</key>
<dict>
<key>AuthenticationMethod</key>
<string>SharedSecret</string>
<key>LocalIdentifierType</key>
<string>KeyID</string>
<key>SharedSecret</key>
<string>CHANGEME_SHAREDSECRET</string>
</dict>
<key>PPP</key>
<dict>
<key>AuthName</key>
<string>CHANGEME_USERNAME</string>
<key>AuthPassword</key>
<string>CHANGEME_PASSWORD</string>
<key>CommRemoteAddress</key>
<string>CHANGEME_router.company.com</string>
</dict>
<key>OnDemandEnabled</key>
<integer>1</integer>
<key>OnDemandRules</key>
<array>
<dict>
<key>InterfaceTypeMatch</key>
<string>WiFi</string>
<key>SSIDMatch</key>
<array>
<string>CHANGEME_HomeNetwork5</string>
<string>CHANGEME_HomeNetwork</string>
<string>CHANGEME_CompanyNetwork5</string>
<string>CHANGEME_CompanyNetwork</string>
</array>
<key>Action</key>
<string>Disconnect</string>
</dict>
<dict>
<key>InterfaceTypeMatch</key>
<string>WiFi</string>
<key>Action</key>
<string>Connect</string>
</dict>
<dict>
<!-- VPN Default state -->
<key>Action</key>
<string>Disconnect</string>
</dict>
</array>
<key>OverridePrimary</key>
<true/>
<key>IPv4</key>
<dict>
<key>OverridePrimary</key>
<integer>1</integer>
</dict>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
<!-- Company (Meraki): Always -->
<dict>
<key>UserDefinedName</key>
<string>Company: Always</string>
<key>PayloadDisplayName</key>
<string>Company: Always</string>
<key>PayloadIdentifier</key>
<string>com.thomas-witt.vpn.companyalways</string>
<key>PayloadUUID</key>
<string>6011F604-73E7-4473-8811-FDBB3AE8FBE5</string>
<key>VPNType</key>
<string>L2TP</string>
<key>IPSec</key>
<dict>
<key>AuthenticationMethod</key>
<string>SharedSecret</string>
<key>LocalIdentifierType</key>
<string>KeyID</string>
<key>SharedSecret</key>
<string>CHANGEME_SHAREDSECRET</string>
</dict>
<key>PPP</key>
<dict>
<key>AuthName</key>
<string>CHANGEME_USERNAME</string>
<key>AuthPassword</key>
<string>CHANGEME_PASSWORD</string>
<key>CommRemoteAddress</key>
<string>CHANGEME_router.company.com</string>
</dict>
<key>OnDemandEnabled</key>
<integer>1</integer>
<key>OnDemandRules</key>
<array>
<dict>
<!-- VPN Default state -->
<key>Action</key>
<string>Connect</string>
</dict>
</array>
<key>OverridePrimary</key>
<true/>
<key>IPv4</key>
<dict>
<key>OverridePrimary</key>
<integer>1</integer>
</dict>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
<!-- ====================================================================================== -->
<!-- AWS Streisand: Manual -->
<dict>
<key>UserDefinedName</key>
<string>AWS: Manual</string>
<key>PayloadDisplayName</key>
<string>AWS: Manual</string>
<key>PayloadIdentifier</key>
<string>com.thomas-witt.vpn.awsmanual</string>
<key>PayloadUUID</key>
<string>16EF541B-CF77-4BF2-871F-CEB688D6BE35</string>
<key>VPNType</key>
<string>L2TP</string>
<key>IPSec</key>
<dict>
<key>AuthenticationMethod</key>
<string>SharedSecret</string>
<key>LocalIdentifierType</key>
<string>KeyID</string>
<key>SharedSecret</key>
<data>CHANGEME_SHAREDSECRET</data>
</dict>
<key>PPP</key>
<dict>
<key>AuthName</key>
<string>streisand</string>
<key>AuthPassword</key>
<string>CHANGEME_PASSWORD</string>
<key>CommRemoteAddress</key>
<string>CHANGEME_STREISAND_ELASIC_IP_1.2.3.4</string>
</dict>
<key>OverridePrimary</key>
<true/>
<key>IPv4</key>
<dict>
<key>OverridePrimary</key>
<integer>1</integer>
</dict>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
<!-- AWS Streisand: WiFi -->
<dict>
<key>UserDefinedName</key>
<string>AWS: WiFi</string>
<key>PayloadDisplayName</key>
<string>AWS: WiFi</string>
<key>PayloadIdentifier</key>
<string>com.thomas-witt.vpn.awswifi</string>
<key>PayloadUUID</key>
<string>BEC1320F-BC55-45C2-A588-0D9EA9C08B81</string>
<key>VPNType</key>
<string>L2TP</string>
<key>IPSec</key>
<dict>
<key>AuthenticationMethod</key>
<string>SharedSecret</string>
<key>LocalIdentifierType</key>
<string>KeyID</string>
<key>SharedSecret</key>
<data>CHANGEME_SHAREDSECRET</data>
</dict>
<key>PPP</key>
<dict>
<key>AuthName</key>
<string>streisand</string>
<key>AuthPassword</key>
<string>CHANGEME_PASSWORD</string>
<key>CommRemoteAddress</key>
<string>CHANGEME_STREISAND_ELASIC_IP_1.2.3.4</string>
</dict>
<key>OnDemandEnabled</key>
<integer>1</integer>
<key>OnDemandRules</key>
<array>
<dict>
<key>InterfaceTypeMatch</key>
<string>WiFi</string>
<key>SSIDMatch</key>
<array>
<string>CHANGEME_HomeNetwork5</string>
<string>CHANGEME_HomeNetwork</string>
<string>CHANGEME_CompanyNetwork5</string>
<string>CHANGEME_CompanyNetwork</string>
</array>
<key>Action</key>
<string>Disconnect</string>
</dict>
<dict>
<key>InterfaceTypeMatch</key>
<string>WiFi</string>
<key>Action</key>
<string>Connect</string>
</dict>
<dict>
<!-- VPN Default state -->
<key>Action</key>
<string>Disconnect</string>
</dict>
</array>
<key>OverridePrimary</key>
<true/>
<key>IPv4</key>
<dict>
<key>OverridePrimary</key>
<integer>1</integer>
</dict>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
<!-- AWS Streisand: Always -->
<dict>
<key>UserDefinedName</key>
<string>AWS: Always</string>
<key>PayloadDisplayName</key>
<string>AWS: Always</string>
<key>PayloadIdentifier</key>
<string>com.thomas-witt.vpn.awsalways</string>
<key>PayloadUUID</key>
<string>E4676C88-3881-4475-99E0-0EB399137B58</string>
<key>VPNType</key>
<string>L2TP</string>
<key>IPSec</key>
<dict>
<key>AuthenticationMethod</key>
<string>SharedSecret</string>
<key>LocalIdentifierType</key>
<string>KeyID</string>
<key>SharedSecret</key>
<data>CHANGEME_SHAREDSECRET</data>
</dict>
<key>PPP</key>
<dict>
<key>AuthName</key>
<string>streisand</string>
<key>AuthPassword</key>
<string>CHANGEME_PASSWORD</string>
<key>CommRemoteAddress</key>
<string>CHANGEME_STREISAND_ELASIC_IP_1.2.3.4</string>
</dict>
<key>OnDemandEnabled</key>
<integer>1</integer>
<key>OnDemandRules</key>
<array>
<dict>
<!-- VPN Default state -->
<key>Action</key>
<string>Connect</string>
</dict>
</array>
<key>OverridePrimary</key>
<true/>
<key>IPv4</key>
<dict>
<key>OverridePrimary</key>
<integer>1</integer>
</dict>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</array>
<key>PayloadDisplayName</key>
<string>VPN Configurations</string>
<key>PayloadIdentifier</key>
<string>TW.BAB78424-28FB-4654-915D-93D0CB87CC7B</string>
<key>PayloadRemovalDisallowed</key>
<false/>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>A9F4B095-4336-4ECD-A2B2-3D52D778E743</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>
@NoahSaso

This comment has been minimized.

Copy link

NoahSaso commented Nov 7, 2017

Awesome gist, I was looking for something to do exactly this. You may want to fix lines 378, 421, and 494. It's not incriminating information, but I thought I would point it out. Thanks again!

@BhuvaneshBhatt

This comment has been minimized.

Copy link

BhuvaneshBhatt commented Oct 27, 2019

If I already have an OpenVPN profile set up on my iPad, is there a way to just have the iPad use that all the time whenever I’m connected, whether I’m on my home Wifi or on a public Wifi? In that case the VPNSubType key should be net.openvpn.connect.app, correct?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.