MS Defender prompting sign-in on iOS Devices

MS Defender is deployed with VPN Tunnel access on iOS device. Tunnel is set to On-Demand VPN. These devices are added to Azure and managed by Intune.


Launching a managed app that requires VPN access does not automatically enable Tunnel. Instead, users are prompted that they need to sign-in to Defender. Launching MS Defender does not resolve the prompt, but launching Comp Portal does.


There is no prompt to sign-in to Defender unless trying to access a company application. That means before launching ANY company application, the user should validate Comp Portal and MS Defender first, then try to access the resource. This process is extremely inefficient.


Why is it that in certain instances MS Defender cannot implement the VPN “on-demand”?

Similar Posts