en-US
search-icon

Mobile Connect 4.0 Android User Guide

Settings, Bookmarks, and Files

This section describes the configurable elements that are accessed from the Settings screen in Mobile Connect, including connection settings, URL control, bookmarks, and files bookmarks.

Topics:

Related topics:

Settings Overview

SonicWall Mobile Connect provides several settings for connection and logging options. The Settings screen also provides Support information that includes a User Guide, device and connection information, and an option to email the log files to SonicWall Support.

Settings screen

The available settings and selections are described below:

Settings Section

The following options are controlled from the Settings section of the Settings screen:

Connect on Launch - Sets Mobile Connect to automatically initiate a connection to the last-used profile when the application is launched.
Automatic Reconnect - Sets Mobile Connect to automatically attempt to reconnect if the connection is lost. The SSL VPN connection can be disrupted when your device’s connection transitions to a different network type (for example, from wireless to cellular). This setting lets applications rely on a sustained VPN connection. There is no limit on the amount of time it takes to reconnect.
URL Control - Allows other mobile applications to pass action requests using special URLs to Mobile Connect. These action requests can create VPN connection entries and connect or disconnect VPN connections. For example, another application can launch Mobile Connect, access internal resources as needed, and then disconnect by using the mobileconnect:// or sonicwallmobileconnect:// URL scheme.

Additional information about URL Control is provided in URL Control Syntax and Parameters.

Fingerprint Authentication - Set Mobile Connect to prompt for Fingerprint Authentication during username/password authentication. Requires connection to servers that have a configured Fingerprint Authentication policy.
* 
NOTE: This setting only appears on Android devices that have fingerprint sensors running Android 6.0 or newer.
Bookmarks - Displays centrally configured shortcuts, called bookmarks, to VPN resources like web pages, Remote Desktop servers, files, and terminal servers. These bookmarks, which are displayed on the main Connection tab when the VPN is connected, provide one-touch access to frequently used applications.

If using an SMA 100 Series / SRA appliance, pulling down the Connection screen and releasing it refreshes the bookmarks. Mobile Connect supports Remote Desktop options like screen size and enable/disable audio as long as both the server bookmark and third party application support the option.

* 
NOTE: Bookmarks are supported on all supported firmware versions on SonicWall SMA 100 Series / SRA appliances and SonicWall SMA 1000 Series / E-Class SRA appliances, and on Next Generation Firewall appliances running SonicOS 5.9.0.2 and higher. SonicOS only supports bookmarks when using RDP-Java, VNC, Telnet, or SSHv2 on Mobile Connect.

Additional information about bookmarks is provided in Using Bookmarks.

Files - The Delete Cached Files option deletes all cached files that have been downloaded and stored on the device. Note that cached files are encrypted on the device for added security.

Additional information about Files is provided in Using Files.

Logs - Provides the following options:
Debug Logging - Enables full debug log messages of Mobile Connect activity. Leave this setting disabled unless instructed to enable it by SonicWall Support staff.
Clear Logs - Deletes all log files saved on the device.

Related topics:

Support Section

The following selections are available in the Support section of the Settings screen:

User Guide - Displays the SonicWall Mobile Connect User Guide.
Device Information - Displays information about the iOS device, wireless connection, cellular connection, Bluetooth connection, and DNS servers.
Email Logs - Creates an email to send the Mobile Connect log files to SonicWall Support staff. Tap Send to send the email.

Related topics:

Additional Settings for SMA 1000 Series / E-Class SRA

Connections to SonicWall SMA 1000 Series / E-Class SRA appliances have two additional options that are available on the Edit Connection screen.

To view these options:
1
Go to the Connection screen and tap and hold on the Connection line to display the Edit Connection screen.

2
The following options can be configured:
Remember Credentials - Enables saving of user authentication credentials for the VPN connection. This is enabled by default and can be controlled by the SMA 1000 Series / E-Class SRA server setting. This feature requires version 10.7 or higher.
Forget Selections - Mobile Connect remembers the Login Group that you specified when configuring the connections. To change to a different Login Group, tap Forget Selections. The next time you connect to the server, you will be prompted to select a new Login Group.
* 
NOTE: If this option is not displayed, you are connecting to either a SonicWall firewall or SMA 100 Series / SRA appliance.

Related topics:

URL Control Syntax and Parameters

This section provides the full set of URL parameters for the URL Control feature. URL Control currently supports the addprofile, connect, and disconnect commands. Callback URLs are also supported.

Topics:

Related topics:

Using the addprofile Command

The addprofile command requires either the name or server parameter, and accommodates both. All other parameters are optional. When the URL is opened in Mobile Connect, all of the parameters included in the URL are saved in the connection entry associated with that name and server.

Syntax:

mobileconnect://addprofile[/]?name=ConnectionName&server=ServerAddress
[&Parameter1=Value&Parameter2=Value...]

 

addprofile command parameters

Command parameter

Description

name

The unique name of the VPN connection entry that is created and appears in the Mobile Connect Connections list. Mobile Connect accepts the name only if it is unique. Letters are case sensitive.

server

The domain name or IP address of the SonicWall appliance to which you wish to connect. For example: vpn.example.com

username

Optional: The username used in the VPN connection.

password

Optional: The password used in the VPN connection.

realm

Optional: The realm used in the VPN connection profile. Applies to SMA 1000 Series / E-Class SRA connections only.

domain

Optional: The domain used in the VPN connection profile. Applies to SMA 100 Series / SRA and Firewall connections only.

sessionid

Optional: The session ID or Team ID used for authentication.

connect

Optional: If presented and the value is non-null, the connection is initiated if the profile was successfully added.

callbackurl

Optional: The callback URL to be opened by Mobile Connect after the addprofile command has been processed. See Using the callbackurl Command Parameter for full details of the callback URL syntax and options.

Examples:

Following are examples of the addprofile command:

mobileconnect://addprofile/?name=Example&server=vpn.example.com

sonicwallmobileconnect://addprofile/?name=Example&server=vpn.example.com

mobileconnect://addprofile?name=Example%202&server=vpn.example.com

mobileconnect://addprofile?name=vpn.example.com

mobileconnect://addprofile?server=vpn2.example.com

mobileconnect://addprofile?name=SRA%20Connection&server=sslvpn.example.com
&username=test&password=password&domain=LocalDomain&connect=1

mobileconnect://addprofile?name=EX%20Connection&server=workplace.example.com
&username=test&password=password&realm=Corp&connect=1

* 
NOTE: All appropriate characters in values of parameters used in URLs are required to be URL encoded. For instance, to match a space, enter %20.

Related topics:

Using the connect Command

The connect command is used to easily establish VPN connections. Connection information can be embedded in the URLs and they can be provided to users for easy setup and configuration. In addition, a callback URL can be provided that Mobile Connect opens after the connection attempt is completed, making it possible for other applications to initiate VPN connections in a seamless manner.

Syntax:

mobileconnect://connect[/]?[name=ConnectionName|server=ServerAddress]
[&
Parameter1=Value&Parameter2=Value...]

 

connect command parameters

Command parameter

Description

name

The unique name of the VPN connection entry that is created and appear in the Mobile Connect Connections list. Mobile Connect accepts the name only if it is unique. Letters are case sensitive.

server

The domain name or IP address of the SonicWall appliance in which you wish to connect. For example: vpn.example.com

username

Optional: The username used in the VPN connection.

password

Optional: The password used in the VPN connection.

realm

Optional: The realm used in the VPN connection profile. Applies to SMA 1000 Series / E-Class SRA connections only.

domain

Optional: The domain used in the VPN connection profile. Applies to SMA 100 Series / SRA and Firewall connections only.

sessionid

Optional: The session ID or Team ID used for authentication.

connect

Optional: If presented and the value is non-null, the connection is initiated if the profile was successfully added.

callbackurl

Optional: The callback URL is opened by Mobile Connect after the connect command has been processed. See Using the callbackurl Command Parameter for full details of callbackurl syntax and options.

Examples:

Following are examples of the connect command:

mobileconnect://connect/?name=Example

sonicwallmobileconnect://connect/?name=Example

mobileconnect://connect?name=Example

mobileconnect://connect?server=vpn.example.com

mobileconnect://connect?name=Example%202&server=vpn.example.com

mobileconnect://connect?name=SRA%20Connection&server=sslvpn.example.com
&username=test&password=password&domain=LocalDomain

mobileconnect://connect?name=EX%20Connection&server=workplace.example.com
&username=test&password=password&realm=Corp

Related topics:

Using the disconnect Command

The disconnect command is used to disconnect an active connection. In addition, a callback URL can be provided that Mobile Connect opens after the connection is disconnected that makes it possible to return to the calling application. If there is no active VPN connection, the disconnect command is ignored.

Syntax:

mobileconnect://disconnect[/]

mobileconnect://disconnect[/]?[callbackurl=CallBackURL]

 

disconnect command parameters

Command parameter

Description

callbackurl

Optional: The URL defined for callbackurl is opened by Mobile Connect after the disconnect command has been processed. See Using the callbackurl Command Parameter for full details of callbackurl syntax and options.

Examples:

Following are examples of the disconnect command:

mobileconnect://disconnect

mobileconnect://disconnect/

sonicwallmobileconnect://disconnect

mobileconnect://disconnect?callbackurl=customapp%3A%2F%2Fhost%3Fstatus%3D%24STATUS
%24%26login_group%3D%24LOGIN_GROUP%26error_code%3D%24ERROR_CODE%24

sonicwallmobileconnect://disconnect?callbackurl=customapp%3A%2F%2Fhost%3Fstatus%3D
%24STATUS%24%26login_group%3D%24LOGIN_GROUP%26error_code%3D%24ERROR_CODE%24

Related topics:

Using the callbackurl Command Parameter

callbackurl is an optional query string argument for each of the connect/disconnect/addprofile commands. If a callback URL is included in a command, then that URL will be launched by Mobile Connect once the command has been completed. While invoking Mobile Connect using a URL, a third-party application can use the callbackurl parameter to include a URL to be launched by Mobile Connect.

The callbackurl value can contain special tokens that are evaluated and dynamically replaced by Mobile Connect to provide additional status and connection information back to the application that is opened by the callback URL. Tokens are evaluated in place, in the same order that the tokens were specified.

To ensure that it functions properly, the base callbackurl URL value format should be RFC 1808 compliant and should be able to be launched independently of Mobile Connect. For example, it should launch through a web page.

URL syntax:

<scheme>://<net_loc>/<path>;<params>?<query>#<fragment>

* 
NOTE: The URL value of callbackurl must be properly URL encoded to ensure that Mobile Connect can process the callback URL correctly. All appropriate characters in values of parameters used in URLs are required to be URL encoded. For instance, to match a space, enter %20.

Any number of dynamic tokens from Dynamic tokens supported by callbackurl can be specified in the <query> element of the URL. These can be used by administrators when configuring the callback URLs on a web site or in an email to their users, such as to auto-configure a VPN profile. The dynamic tokens are useful because they allow Mobile Connect to provide information to the website or app that is being launched when the callback URL is opened.

Dynamic tokens supported by callbackurl

Dynamic token

Description

$ERROR_CODE$

The numerical value of the error from the failed connection attempt.

$ERROR_MESSAGE$

The string value of the error message from the failed connection attempt.

$LOGIN_GROUP$

The string value of the authentication login group or realm. Applies to SMA 1000 Series / E-Class SRA connections only.

$COMMUNITY$

The string value of authentication community. Applies to SMA 1000 Series / E-Class SRA connections only.

$ZONE$

The string value of EPC (End Point Control) zone. Applies to SMA 1000 Series / E-Class SRA connections only.

$TUNNEL_IP$

The string value of the Mobile Connect IPv4 client address.

$TUNNEL_MODE$

One of split, split-nonlocal, redirectall, or redirectall-nonlocal, depending on the tunnel mode. Applies to SonicWall SMA 1000 Series / E-Class SRA connections only.

$ESP_ENABLED$

One of yes or no, depending on if ESP (Encapsulating Security Payload) is enabled. Applies to SonicWall SMA 1000 Series / E-Class SRA connections only.

ESP is a protocol used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality.

Examples:

Following are examples using callbackurl:

Callback URL (1):

customapp://host?status=$STATUS$&login_group=$LOGIN_GROUP&error_code=
$ERROR_CODE$

Corresponding full URL with URL encoded callbackurl value:

mobileconnect://connect?sessionid=<teamid>&callbackurl=customapp%3A%2F%2Fhost
%3Fstatus%3D%24STATUS%24%26login_group%3D%24LOGIN_GROUP%26error_code%3D%24
ERROR_CODE%24

Callback URL (2):

myapp://callback?status=$STATUS$&login_group=$LOGIN_GROUP&error_code=
$ERROR_CODE$

Corresponding full URL with URL encoded callbackurl value:

mobileconnect://connect?sessionid=<teamid>&callbackurl=myapp%3A%2F%2Fcallback
%3Fstatus%3D%24STATUS%24%26login_group%3D%24LOGIN_GROUP%26error_code%3D%24
ERROR_CODE%24

Callback URL (3):

http://server/example%20file.html

Corresponding full URL with URL encoded callbackurl value:

mobileconnect://connect?callbackurl=http%3A%2F%2Fserver%2Fexample%20file.html

Related topics:

Using Bookmarks

This section describes how to view and filter the list of bookmarks, and provides information about the types of bookmarks and associated applications that are supported by Mobile Connect.

Topics:

Showing and Filtering Bookmarks

The Mobile Connect Connection screen displays the configured bookmarks. When there are more than five bookmarks, the bookmarks are replaced by a Filter screen that groups bookmarks by type. Select the type of bookmarks to display or select All to display all bookmarks.

Showing and filtering bookmarks

* 
NOTE: When connected to a SonicWall Secure Mobile Access appliance with Application Access Control enabled, the Bookmarks list is replaced by a list of trusted apps that can access the corporate network

Selecting a bookmark for an app that is not installed prompts you to install the app. Apps referenced by bookmarks also can be installed at any time using the Settings > Bookmarks screen.

In addition to installing apps for bookmarks, the Settings > Bookmarks screen is also used to select and install apps for bookmarks that support multiple third-party apps. For example, you might select Chrome or Firefox for a Web bookmark.

Bookmark apps

Related topics:

Supported Bookmark Types

This section describes the types of bookmarks and associated applications that are supported by Mobile Connect.

Topics:

Related topics:

Desktop Bookmarks

Desktop bookmarks have a name that appears on the user portal, and an internal type.

Several types of desktop bookmarks are supported:

RDP Bookmarks

RDP bookmark portal names and internal types

Portal name

Internal type

Terminal Services (RDP – ActiveX)

RDP5ActiveX

Terminal Services (RDP – Java)

RDP5Java

Terminal Services (RDP – HTML5)

RDP5HTML5

* 
NOTE: RDP (HTML5) bookmarks are launched within Mobile Connect and do not launch a third-party app.

RDP bookmark types attempt to launch with the associated RDP application, as configured in the Settings screen. See RDP applications and versions.

RDP applications and versions

Application

Android version

Parallels 2X RDP

14.1.3379

Remote RDP Lite

4.3.12

Remote RDP

4.3.15

Remote RDP Enterprise

4.3.15

Microsoft Remote Desktop

8.1.27

Additional details such as screen resolution should be provided to the client. However, support for passing such parameters varies based on the application. For example:

Parallels 2X client does not accept screen resolution settings on Android
VNC Bookmarks

VNC bookmark portal names and internal types

Portal name

Internal type

Virtual Network Computing (VNC)

VNC

Virtual Network Computing (VNC – HTML5)

VNCHTML5

* 
NOTE: VNC (HTML5) bookmarks are launched within Mobile Connect and do not launch a third-party app.

VNC bookmark types attempt to launch with the associated VNC application as configured in the Settings screen.

VNC applications and versions

Application

Android version

VNC Viewer for Android

0.5.0

Additional details such as screen resolution should be provided to the client. However, support for passing such parameters varies based on the application.

Citrix Bookmarks

Citrix bookmark portal names and internal types

Portal name

Internal type

Citrix Portal (Citrix)

Citrix

Citrix Portal (Citrix)

Citrix_https

Citrix bookmark types attempt to launch with the associated Citrix application.

Citrix application and version

Application

Android version

Citrix Receiver

3.8.1

Additional details such as screen resolution should be provided to the client. However, support for passing such parameters varies based on the application.

Related topics:

Web Bookmarks

Web bookmarks have a name that appears on the user portal, and an internal type.

Web bookmark portal names and internal types

Portal name

Internal type

Web (HTTP)

HTTP

Secure Web (HTTPS)

HTTPS

External Web Site

URL

External Web Site

URL_https

These bookmarks launch in an associated web browser and the provided “Name or IP Address” (HostID) is passed as the parameter to display in the browser.

Browser types and versions

Browser type

Android version

Any browser

Yes

Google Chrome

47.0.2526.83

Related topics:

Mobile Connect Bookmarks

Mobile Connect bookmarks have a name that appears on the user portal, and an internal type.

Mobile Connect bookmark portal names and internal types

Portal name

Internal type

Mobile Connect

MC

The Mobile Connect bookmark type relies on the operating system to determine and launch the proper application. The bookmark is expected to be properly configured for launch. The Mobile Connect app attempts to launch it as is. (For example, telnet://server).

Related topics:

Terminal Bookmarks

Terminal bookmarks have a name that appears on the user portal, and an internal type.

Terminal bookmark portal names and internal types

Portal name

Internal type

Telnet

Telnet

Telnet (HTML5)

TelnetHTML5

Secure Shell Version 1 (SSHv1)

SSH

Secure Shell Version 2 (SSHv2)

SSHv2

Secure Shell Version 2 (HTML5)

SSHv2HTML5

* 
NOTE: The Telnet (HTML5) & SSH (HTML5) bookmarks are launched within Mobile Connect and do not launch a third-party app.

The applications and versions used are shown in Terminal applications and versions.

Terminal applications and versions

Application

Android version

ConnectBot

1.8.6

JuiceSSH - SSH Client

2.1.12

Proper formatting is required for ConnectBot SSH (server bookmark field requires username@server).

* 
NOTE: Some supported third party apps may not yet be available in the Amazon Appstore.

Related topics:

Using Files

Mobile Connect 4.0 supports secure mobile access to files through File bookmarks. File bookmarks allow secure access to files by first checking and enforcing the server configured file policy, and then securely downloading and displaying the file within the Mobile Connect application.

Granular policy controls can be configured to allow other Android apps to use each file. On Android, policies include control over whether a file may be opened in a third-party application, or securely cached on the Android device. File bookmarks can also be created to folders or file share root directories to allow directory navigation.

* 
NOTE: In SonicWall Mobile Connect for Android 4.0, File bookmarks are supported only on the SonicWall SMA 100 Series / SRA appliances. Support for File bookmarks in SMA 1000 Series / E-Class SRA and Next Generation Firewall appliances is expected in a future release.

When File bookmarks are configured for the user on the server appliance, they appear in the list of bookmarks after the VPN is established and can be filtered by selecting the Showing row that is displayed when there are more than five bookmarks. See Showing Files bookmarks.

Showing Files bookmarks

Tapping a File bookmark queries the server and enforces any file policies configured on the server for that File bookmark. If the file is not already cached on the device, the file is securely downloaded from the SMA 100 Series / SRA appliance. Once the file is downloaded, it is opened in the Android default file viewer app for that file type.

Tapping a File bookmark

Tapping a File bookmark to a folder or directory allows for directory browsing and file download and viewing of any file in the folder. All attempts to browse a file folder or view a file query the server to enforce access policies. On Android, the default file viewer app is automatically launched after a file is downloaded.

Browsing folders and viewing files

For information about supported file types and other actions you can take on files, see File Types and Policies.

Related topics:

File Types and Policies

A number of file types are supported natively on Android and third-party apps can open other file types. Policies on the server control whether a file can be opened with a third-party app.

See the following:

Related topics:

Supported File Types

Mobile Connect supports the file types natively supported by Android, as shown in Supported file types.

Supported file types

File type

File extension

Images

.jpg, .jpeg, .tif, .tiff, .png

Music

.mp3, .m4a, .wav

Movies

.mov, .mp4

Microsoft Word documents

.doc, .docx

Microsoft Excel spreadsheets

.xls, .xlsx

Microsoft PowerPoint presentations

.ppt, .pptx

Adobe PDF

.pdf

Web pages

.htm, .html

Text and Rich-text files

.txt, .rtf

Related topics:

Unsupported File Types

If a file type is not supported, an Unsupported file message is displayed, indicating that the file might not be viewable unless another application is installed that can view the file. Tap Try Anyway to try opening the file with another application that might be registered to handle that file type. See Trying to open an unsupported file.

Trying to open an unsupported file

Related topics:

File Policies

On Android, server-configured policies control whether a file can be opened in a third-party app or securely cached on the device.

For example, if a file has the Allow Open In policy disabled, the file cannot be viewed on an Android device. Mobile Connect launches third-party apps to view all file types, so the Allow Open In policy must be enabled to view a file.

File policy - File not allowed

Related topics: