Enforcing (Wireguard) VPN on Android
TL;DR: I need to enforce a VPN connection on Android devices, possibly using MDM.
I have been trying to reinvent the wheel for the last year or so but it seems like I'm not a very good engineer as my wheel is still square and doesn't roll...
My FW Gold runs a VPN server. I want my mobile devices to connect with that VPN server, ideally using Wireguard. However, I don't want the mobile device user to be able to disconnect the VPN connection (parents will see where I am going with this...) This seems impossible though using the standard software, hence I've been looking for business solutions.
BYOD (Bring Your Own Device) is a common thing nowadays where companies allow employees to use their private phones for business as long as the phone fulfills certain criteria. These and company devices are often managed using some MDM (Mobile Device Management) software. I was hoping to find a solution through MDM where I could force a users phone to use a VPN connection, just like company phones or BYOD phones are sometimes required to. However, I cannot find a solution that works. Most MDM solutions don't seem to work, e.g. because they are not compatible with all Android versions (we don't have Samsung phones for everybody, so no KNOX), because they only support Cisco software, etc. etc. None supports Wireguard (or at least I couldn't find any) and other protocols are also not always supported.
Bottom line: I want to enforce a persistent VPN connection on my user (read: kids) devices, ideally using Wireguard. I won't shy away from using a professional MDM solution to do so and pay for it, but cannot find any.
Anybody any ideas at all?
-
Sorry for the late reply. Vacation got in the way :-)
I am looking at controlling the kids :-D But since on the consumer side there is indeed nothing available to my knowledge, I am looking for a pro solution. But also there I am struggling to find anything.
Is there anything you know of that does what I need?
Basically it is kind of irrelevant if it's for controlling kids, employees, or whoever. As long as it can keep a persistent VPN connection to my FW Gold and the user cannot disable it.
Help would be much appreciated!
-
I don't know one, either. As far as I understand, the MDM/EMM solution is always enterprise-focused; and they are just impossible to setup. Example https://support.apple.com/en-ca/guide/deployment/depceaf9c713/web
-
I am looking for a similar option for use with an iPhone. I have used Bark, but the Bark VPN must be used and can readily be turned off on an iPhone. I would prefer to drop Bark, and use Firewalla in the way Stefan proposes -- with the forced use of the Firewalla VPN. Any advice appreciated.
Please sign in to leave a comment.
Comments
5 comments