Hey,
I am trying to configure per-app VPN based on OpenVPN using MDM and want to clarify what is the expected behavior in this case.
My goal is to force a specific app to use the tunnel for ALL connections. For my lab tests I use Google Chrome app. What I have achieved till now is that the per-app VPN profile is successfully deployed, the connection is being established on-demand and my local website (which is not available without VPN) opens in Chrome. However, even though I see VPN icon in status bar using Chrome, it looks like the browser bypasses the tunnel. My VPN network does not have Internet access, so my expectation was that with VPN turned-on I will be able to open only internal websites and all others public resources won't be available. But it looks like the VPN does not block any connection and only makes internal resources being available in addition to the resources available without VPN tunnel.
So the question is whether my understanding of the per-app VPN on iOS is wrong and the behavior I see is expected or my goal is achievable but I misconfigured something.
Thanks!