To resolve this issue, please change the MDM configuration to support Layer 3 (L3) Per App VPN.
L3 Per App VPN does support sending and receiving UDP traffic over the Per App VPN tunnel. To support L3 Per App VPN, the following requirement must be met:
- Endpoint is running iOS 9.0 and above
- Endpoint has installed the latest Pulse Mobile for iOS client
- Configure Pulse Workspace policy with Use L3 VPN set to true.
Note: MobileIron does support L3 Per App VPN. For other MDM vendors, please check with the vendor if packet-tunnel is supported for ProviderType in the VPN profile.