Specify Gateway options on Android Enterprise devices in your Microsoft Intune environment

For Android devices, you can specify which apps send data through the Gateway tunnel using the Gateway policy. In Microsoft Intune, you can configure settings that affect Gateway.

You can use the configuration profile to specify whether Gateway is always enabled on devices and whether users can change VPN configurations in the profile on the device. For more information on the configuration profile settings, see Android Enterprise device settings to configure VPN

  1. In the Microsoft Intune admin center, create a configuration profile. Set these settings:
    • Platform: Android Enterprise
    • Profile type: Device restrictions
  2. Set these rules for the configuration profile.

    Setting

    Description

    Always-on VPN

    Enable

    VPN Client

    Custom

    Package ID

    com.blackberry.protect

    LockDown mode

    Not configured. If this option is selected, the Aurora Protect Mobile app might not activate.
  3. Assign the configuration profile to users.
  4. Assign the Aurora Protect Mobile app to users.