Zero Trust Device Only mode iOS Will not disconnect

Related to

WARP

What is the issue you’re encountering

Device Only Mode does not swap with connection. I have a client rule for iOS devices, on a managed network to only use Device Information only. When on the local wifi this kicks in, BUT when off the wifi such as LTE the connection remains in device only mode even though the lower default policy should set to wull warp. I also have a rule that is the same for MacOS and works fine. No matter what I do the iOS connection remains as device info only until I change the policy and reinstall the CF One App. My goal is to avoid all tunnel and DNS while on the internal network.

What steps have you taken to resolve the issue?

reinstalled app, manually toggle, disabled wifi, etc

What are the steps to reproduce the issue?

Create device policy above default with OS = ioS and managed network included
install ONE app
connect on wifi with managed network
disable wifi to force default policy
status won’t change on iOS but does on MacOS.

you can see here in a phone video it simply won’t actually disconnect manually or with change in network.

this only seems to get “stuck” in Device Info only mode not any other mode.

The MacOS client works fine, and the managed network TLS is working fine as a fresh install picks up device info only based on the rule it just never will disconnect from that. Not quite sure why it’s getting stuck connected.