Tobias, So I have tried excluding Microsoft Authenticator from the VPN (with the advanced settings), but I get the same result. On a whim I tried allowing only Chrome to use the VPN. That allowed me to connect, but from Chrome I couldn't get to any internal websites. Plus that really wouldn't be a feasible solution as people are going to want to use many different (and unknown to me) apps on the VPN. Is there another Android subsystem that needs access as well besides the authenticator? The other piece that complicates this is the MFA challenge comes from Azure, so I don't have a simple network list to exclude from the tunnel.
I will keep looking..... Chris. On Mon, Jan 14, 2019 at 5:11 AM Tobias Brunner <[email protected]> wrote: > Hi Chris, > > > So it > > almost seems like the StrongSwan client is blocking traffic while the > > VPN connection is being built (after phase 1). > > It does. If there is an app or IP address that should bypass the VPN, > configure it in the advanced VPN profile settings. > > Regards, > Tobias >
