Deploy the TMWS Mobile VPN service to mobile devices in your organization to forward web traffic from these devices to TMWS.
Go to Administration > SERVICE DEPLOYMENT > Mobile VPN to deploy Mobile VPN through either the TMWS Mobile VPN setup files or the TMWS Agent app. For details, see Mobile VPN.
Mobile VPN supports the iOS/iPadOS and Android platforms. With Mobile VPN, each mobile user connects to TMWS and establishes an IPSec-based VPN tunnel to send and receive web traffic. Mobile VPN uses certificate-based authentication coupled with the mobile user's user name and password to authenticate the user when establishing the VPN tunnel.
The mobile devices are IPSec clients of the TMWS Mobile VPN Server. For IPsec clients, TMWS secures IP communications by authenticating the user when establishing the tunnel and encrypting each IP packet of a communication session.
For mobile users leaving an organization, all that is needed to disable the Mobile VPN service for them is to disable their authentication credentials (either in Active Directory or in the hosted environment). There is no need for you to proactively uninstall the profile or certificates as the user authentication will prevent the user from using TMWS.
TMWS provides another approach to forward web traffic from mobile devices in your organization to TMWS: use Microsoft Intune and Apple Business Manager (ABM) to configure iOS or iPadOS mobile devices in batches for centralized mobile device management. For details, see Configuring iOS/iPadOS Devices Through Mobile Device Management.