David Lawson
Oct 22, 2015
8:59 pm

How do I set up a container wide VPN in KNOX?

We've had success setting up a per-app VPN in a KNOX container by having the vpn_route_type set to 1 (per app) and then calling the APIs createVpnProfile() -> addPackagesToVpn() -> setAutoRetryOnConnectionError() -> activateVpnProfile(). What sequence of API calls is necessary to successfully launch a container wide VPN (vpn_route_type set to 0)? activateVpnProfile() does not seem applicable in this case and we cannot figure out how to make the VPN profile active.

Similar topics

No similar topics found.
Kieran McCormick
Oct 29, 2015
8:15 pm

Hi Dave,

The method GenericVpnPolicy.addAllContainerPackagesToVpn() will add all the apps present in the container/apps which are going to be installed inside the container to the vpn connection.

So you only need to use this API to implement a container wide VPN.

ralph shaw
Sep 14, 2017
9:46 am


I see this was opened 2 years ago but I need clarification on something. 

I am able to deploy a profile with [vpn_route_type set to 0] onto my vpn client using GenericVpnPolicy createPolicy API.

I think its set to "keepon" by default but I have to connect it manually.

So are you telling me if I want to have a system vpn there is no way to control connecting/disconnecting it? i.e. there is no API i can use

Thanks, Donal