We use Netmotion VPN, which works fine on Android legacy devices but when the same solution is pushed out to a newly enrolled Android Enterprise device, the VPN app continually prompts for the certificate to be “ALLOWED” after every restart and sometimes after periods of non-activity.
Legacy devices require the cert to be allowed on first connection only, then it remains allowed and doesn’t prompt to be re-allowed again.
Nothing has changed form the VPN config perspective. The only difference is a device enrolled as enterprise as opposed to legacy.
Netmotion believe it may be something to do with Airwatch not having access to the VPN cache in order to save the cert there. Meaning every time the VPN checks for the cert, its unable to see it in its own cache, so prompts for it to be selected again.