Is there any way you can see if you can rule out the VPN by accessing the 10.6.1 Enterprise setup through and internal WiFi Connection? If you have the same issue in the internal network, then it would be easier to debug the web traffic via a program like fiddler and you can compare the web traffic to Collector signing on to ArcGIS Enterprise 10.5.1.
Hi Paul, Same here. I upgraded a customer AE base deployment test environment from 10.5.1 to 10.6.1 and it broke the authentication for ONLY the Collector for ArcGIS (IOS) using a Per-App VPN solution (airwatch). Explorer for ArcGIS still working fine as well as connecting Collector to another AE base deployment still running 10.5.1.
We also have the same issue. I am a System Administrator in our company. I also manage our MDM solution. I believe that this issue with Collector has to do with another iOS VPN issue. There is an issue that so called iOS Web Clips fail to open/launch in fullscreen mode when using VPN/Tunnel Safari Domain rules. My guess is that Collector uses the fullscreen Web Clip in the background. For our situation i have created a workaround. I configured a non-fullscreen Web Clip which points to our company Portal for ArcGIS. This Web Clip is automatically created on our iPads. Users open the Web Clip which opens Safari. They logon to the ArcGis portal and after that they open the Collector app. Because of the SSO configuration they are automatically are logged into Collector.
We have the situation where Survey123 doesn't authenticate via F5 VPN with iPhone managed by Microsoft Intune.
Collector and Explorer don't have problems.
What would Survey123 be doing different?