Issues with VPN certificate auth with Airwatch anyone?

We use Netmotion VPN, which works fine on Android legacy devices but when the same solution is pushed out to a newly enrolled Android Enterprise device, the VPN app continually prompts for the certificate to be “ALLOWED” after every restart and sometimes after periods of non-activity.

Legacy devices require the cert to be allowed on first connection only, then it remains allowed and doesn’t prompt to be re-allowed again.

Nothing has changed form the VPN config perspective. The only difference is a device enrolled as enterprise as opposed to legacy.

Netmotion believe it may be something to do with Airwatch not having access to the VPN cache in order to save the cert there. Meaning every time the VPN checks for the cert, its unable to see it in its own cache, so prompts for it to be selected again.

How are these devices enrolled? Work profile or work managed device?

Hi Danni, sorry didnt seem to get any notification of your reply…

They are all Work Managed.

Sounds like it may be to do with permissions. Are you installing an App on the device for VPN? If yes it may be that you need to accept permissions globally for that app.