Manual Chapter : MDM Deployment
back-action Overview: F5 Access for macOS Installation

Updated Date: 06/22/2026

MDM Deployment

If you are deploying VPN profiles via MDM, please follow the deployment steps outlined below.

  1. Deploy F5Access.pkg using your MDM solution.

    Refer to your vendor-specific documentation for details:

    1. Microsoft Intune

    2. IBM MaaS360

    3. AirWatch/Workspace ONE

    4. Jamf

  2. Push the System Extensions through the MDM profile.

    The following system extensions must be allowed:

    • PacketTunnel: com.f5.access.macos.PacketTunnel
    • DNSProxy: com.f5.access.macos.DNSProxy

  3. Configure the VPN profile.

    In the VPN configuration, set the “Provider Designated Requirement” as shown below:

    
                    identifier "com.f5.access.macos.PacketTunnel" and anchor apple generic and 
                    ((cert leaf[field.1.2.840.113635.100.6.1.9] exists) or 
                    (certificate 1[field.1.2.840.113635.100.6.2.6] exists and 
                    certificate leaf[field.1.2.840.113635.100.6.1.13] exists and 
                    certificate leaf[subject.OU] = "57P38MF5GS"))