en-US
search-icon

Mobile Connect 4.0 iOS User Guide

Settings, Bookmarks, and Files

This section describes the configurable elements that are accessed from the Settings screen in Mobile Connect, including connection settings, URL control, bookmarks, and files bookmarks.

Topics:

Related topics:

Settings Overview

SonicWall Mobile Connect provides several settings for connection and logging options. The Settings screen also provides Support information that includes a User Guide, device connection, and server information.

Settings screen

The available settings and selections are described below:

Settings Section

The following options are controlled from the Settings section of the Settings screen:

Connect on Launch - Sets Mobile Connect to automatically initiate a connection to the last-used profile when the application is launched.
Automatic Reconnect - Sets Mobile Connect to automatically attempt to reconnect if the connection is lost. The SSL VPN connection can be disrupted when your device’s connection transitions to a different network type (for example, from wireless to cellular). This setting lets applications rely on a sustained VPN connection. There is no limit on the amount of time it takes to reconnect.
URL Control - Allows other mobile applications to pass action requests using special URLs to Mobile Connect. These action requests can create VPN connection entries and connect or disconnect VPN connections. For example, another application can launch Mobile Connect, access internal resources as needed, and then disconnect by using the mobileconnect:// or sonicwallmobileconnect:// URL scheme.

Additional information about URL Control is provided in URL Control Syntax and Parameters.

Touch ID - Set Mobile Connect to prompt for Touch ID during username/password authentication. Requires connection to servers that have a configured Touch ID policy.
Bookmarks - Displays centrally configured shortcuts, called bookmarks, to VPN resources such as URLs, Outlook Web Access, and iOS applications. These bookmarks, which are displayed on the main Connection tab when the VPN is connected, provide one-touch access to frequently used applications.

If using an SMA 100 Series / SRA appliance, pulling down the Connection screen and releasing it refreshes the bookmarks. Mobile Connect supports Remote Desktop options like screen size and enable/disable audio as long as both the server bookmark and third-party iOS application support the option.

* 
NOTE: Bookmarks are supported on SonicWall SMA 100 Series / SRA appliances only when running version 7.5 or higher and on Next Generation Firewall appliances running SonicOS 5.9.0.2 and higher.

Additional information about bookmarks is provided in Using Bookmarks.

Files - Deletes all cached files that have been downloaded and stored on the device. Note that cached files are encrypted on the device for added security.
* 
NOTE: Files are supported on SonicWall SMA 100 Series / SRA appliances only when running 7.5 or higher and not supported on appliances running SonicOS.

Additional information about Files is provided in Using Files.

Logs - Serves two purposes:
Enables full debug log messages of Mobile Connect activity. Leave this section disabled unless instructed to enable it by SonicWall Support staff.
Deletes all log files that have been saved on the device.

Additional Settings for SMA 1000 Series / E-Class SRA

Two additional options can be modified for connections to SonicWall SMA 1000 Series / E-Class SRA appliances.

To view these options:
1
Go to the Connection tab and tap the Connection line to display the list of connections.
2
Tap the information indicator to the left of the connection you want to modify.

The Edit Connection screen displays.

The following options can be configured:

Remember Credentials - Enables saving of user authentication credentials for the VPN connection. This is enabled by default and can be controlled by the SonicWall SMA 1000 Series / E-Class SRA server configuration.
Forget this Login Group - Mobile Connect remembers the Login Group that you specified when configuring the connection. To change to a different Login Group, tap Forget this Login Group. The next time you connect to the server, you are prompted to select a new Login Group.
* 
NOTE: If these options are not displayed, then you are connecting to either a SonicWall firewall or SMA 100 Series / SRA appliance.

Related topics:

Support Section

The following selections are available in the Support section of the Settings screen:

User Guide - Displays the SonicWall Mobile Connect User Guide.
Device Information - Displays information about the iOS device, wireless connection, cellular connection, Bluetooth connection, and DNS servers.
Email Logs - Creates an email to send the Mobile Connect log files to SonicWall Support staff. Tap Send to send the email.

Related topics:

URL Control Syntax and Parameters

This section provides the full set of URL parameters for the URL Control feature. URL Control currently supports the addprofile, connect, and disconnect commands. Callback URLs are also supported.

Topics:

Using the addprofile Command

The addprofile command requires either the name or server parameter, and accommodates both. All other parameters are optional. When the URL is opened in Mobile Connect, all of the parameters included in the URL are saved in the connection entry associated with that name and server.

Syntax:

mobileconnect://addprofile[/]?name=ConnectionName&server=ServerAddress
[&Parameter1=Value&Parameter2=Value...]

 

addprofile command parameters

Command parameter

Description

name

The unique name of the VPN connection entry that is created and appears in the Mobile Connect Connections list. Mobile Connect accepts the name only if it is unique. Letters are case sensitive.

server

The domain name or IP address of the SonicWall appliance to which you wish to connect. For example: vpn.example.com

username

Optional: The username used in the VPN connection.

password

Optional: The password used in the VPN connection.

realm

Optional: The realm used in the VPN connection profile. Applies to SMA 1000 Series / E-Class SRA connections only.

domain

Optional: The domain used in the VPN connection profile. Applies to SMA 100 Series / SRA and Firewall connections only.

sessionid

Optional: The session ID or Team ID used for authentication.

connect

Optional: If presented and the value is non-null, the connection is initiated if the profile was successfully added.

callbackurl

Optional: The callback URL to be opened by Mobile Connect after the addprofile command has been processed. See Using the callbackurl Command Parameter for full details of the callback URL syntax and options.

Examples:

Following are examples of the addprofile command:

mobileconnect://addprofile/?name=Example&server=vpn.example.com

sonicwallmobileconnect://addprofile/?name=Example&server=vpn.example.com

mobileconnect://addprofile?name=Example%202&server=vpn.example.com

mobileconnect://addprofile?name=vpn.example.com

mobileconnect://addprofile?server=vpn2.example.com

mobileconnect://addprofile?name=SRA%20Connection&server=sslvpn.example.com
&username=test&password=password&domain=LocalDomain&connect=1

mobileconnect://addprofile?name=EX%20Connection&server=workplace.example.com
&username=test&password=password&realm=Corp&connect=1

* 
NOTE: All appropriate characters in values of parameters used in URLs are required to be URL encoded. For instance, to match a space, enter %20.

Related topics:

Using the connect Command

The connect command is used to easily establish VPN connections. Connection information can be embedded in the URLs and they can be provided to users for easy setup and configuration. In addition, a callback URL can be provided that Mobile Connect opens after the connection attempt is completed, making it possible for other applications to initiate VPN connections in a seamless manner.

Syntax:

mobileconnect://connect[/]?[name=ConnectionName|server=ServerAddress]
[&
Parameter1=Value&Parameter2=Value...]

 

connect command parameters

Command parameter

Description

name

The unique name of the VPN connection entry that is created and appear in the Mobile Connect Connections list. Mobile Connect accepts the name only if it is unique. Letters are case sensitive.

server

The domain name or IP address of the SonicWall appliance in which you wish to connect. For example: vpn.example.com

username

Optional: The username used in the VPN connection.

password

Optional: The password used in the VPN connection.

realm

Optional: The realm used in the VPN connection profile. Applies to SMA 1000 Series / E-Class SRA connections only.

domain

Optional: The domain used in the VPN connection profile. Applies to SMA 100 Series / SRA and Firewall connections only.

sessionid

Optional: The session ID or Team ID used for authentication.

connect

Optional: If presented and the value is non-null, the connection is initiated if the profile was successfully added.

callbackurl

Optional: The callback URL is opened by Mobile Connect after the connect command has been processed. See Using the callbackurl Command Parameter for full details of callbackurl syntax and options.

Examples:

Following are examples of the connect command:

mobileconnect://connect/?name=Example

sonicwallmobileconnect://connect/?name=Example

mobileconnect://connect?name=Example

mobileconnect://connect?server=vpn.example.com

mobileconnect://connect?name=Example%202&server=vpn.example.com

mobileconnect://connect?name=SRA%20Connection&server=sslvpn.example.com
&username=test&password=password&domain=LocalDomain

mobileconnect://connect?name=EX%20Connection&server=workplace.example.com
&username=test&password=password&realm=Corp

Related topics:

Using the disconnect Command

The disconnect command is used to disconnect an active connection. In addition, a callback URL can be provided that Mobile Connect opens after the connection is disconnected that makes it possible to return to the calling application. If there is no active VPN connection, the disconnect command is ignored.

Syntax:

mobileconnect://disconnect[/]

mobileconnect://disconnect[/]?[callbackurl=CallBackURL]

 

disconnect command parameters

Command parameter

Description

callbackurl

Optional: The URL defined for callbackurl is opened by Mobile Connect after the disconnect command has been processed. See Using the callbackurl Command Parameter for full details of callbackurl syntax and options.

Examples:

Following are examples of the disconnect command:

mobileconnect://disconnect

mobileconnect://disconnect/

sonicwallmobileconnect://disconnect

mobileconnect://disconnect?callbackurl=customapp%3A%2F%2Fhost%3Fstatus%3D%24STATUS
%24%26login_group%3D%24LOGIN_GROUP%26error_code%3D%24ERROR_CODE%24

sonicwallmobileconnect://disconnect?callbackurl=customapp%3A%2F%2Fhost%3Fstatus%3D
%24STATUS%24%26login_group%3D%24LOGIN_GROUP%26error_code%3D%24ERROR_CODE%24

Related topics:

Using the callbackurl Command Parameter

callbackurl is an optional query string argument for each of the connect/disconnect/addprofile commands. If a callback URL is included in a command, then that URL will be launched by Mobile Connect once the command has been completed. While invoking Mobile Connect using a URL, a third-party application can use the callbackurl parameter to include a URL to be launched by Mobile Connect.

The callbackurl value can contain special tokens that are evaluated and dynamically replaced by Mobile Connect to provide additional status and connection information back to the application that is opened by the callback URL. Tokens are evaluated in place, in the same order that the tokens were specified.

To ensure that it functions properly, the base callbackurl URL value format should be RFC 1808 compliant and should be able to be launched independently of Mobile Connect. For example, it should launch through a web page or iOS web clip.

URL syntax:

<scheme>://<net_loc>/<path>;<params>?<query>#<fragment>

* 
NOTE: The URL value of callbackurl must be properly URL encoded to ensure that Mobile Connect can process the callback URL correctly. All appropriate characters in values of parameters used in URLs are required to be URL encoded. For instance, to match a space, enter %20.

Any number of dynamic tokens from Dynamic tokens supported by callbackurl can be specified in the <query> element of the URL. These can be used by administrators when configuring the callback URLs on a web site or in an email to their users, such as to auto-configure a VPN profile. The dynamic tokens are useful because they allow Mobile Connect to provide information to the website or app that is being launched when the callback URL is opened.

Dynamic tokens supported by callbackurl

Dynamic token

Description

$ERROR_CODE$

The numerical value of the error from the failed connection attempt.

$ERROR_MESSAGE$

The string value of the error message from the failed connection attempt.

$LOGIN_GROUP$

The string value of the authentication login group or realm. Applies to SMA 1000 Series / E-Class SRA connections only.

$COMMUNITY$

The string value of authentication community. Applies to SMA 1000 Series / E-Class SRA connections only.

$ZONE$

The string value of EPC (End Point Control) zone. Applies to SMA 1000 Series / E-Class SRA connections only.

$TUNNEL_IP$

The string value of the Mobile Connect IPv4 client address.

$TUNNEL_MODE$

One of split, split-nonlocal, redirectall, or redirectall-nonlocal, depending on the tunnel mode. Applies to SonicWall SMA 1000 Series / E-Class SRA connections only.

$ESP_ENABLED$

One of yes or no, depending on if ESP (Encapsulating Security Payload) is enabled. Applies to SonicWall SMA 1000 Series / E-Class SRA connections only.

ESP is a protocol used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality.

Examples:

Following are examples using callbackurl:

Callback URL (1):

customapp://host?status=$STATUS$&login_group=$LOGIN_GROUP&error_code=
$ERROR_CODE$

Corresponding full URL with URL encoded callbackurl value:

mobileconnect://connect?sessionid=<teamid>&callbackurl=customapp%3A%2F%2Fhost
%3Fstatus%3D%24STATUS%24%26login_group%3D%24LOGIN_GROUP%26error_code%3D%24
ERROR_CODE%24

Callback URL (2):

myapp://callback?status=$STATUS$&login_group=$LOGIN_GROUP&error_code=
$ERROR_CODE$

Corresponding full URL with URL encoded callbackurl value:

mobileconnect://connect?sessionid=<teamid>&callbackurl=myapp%3A%2F%2Fcallback
%3Fstatus%3D%24STATUS%24%26login_group%3D%24LOGIN_GROUP%26error_code%3D%24
ERROR_CODE%24

Callback URL (3):

http://server/example%20file.html

Corresponding full URL with URL encoded callbackurl value:

mobileconnect://connect?callbackurl=http%3A%2F%2Fserver%2Fexample%20file.html

Related topics:

Using Bookmarks

Topics:

Showing and Filtering Bookmarks

The Mobile Connect Connection screen displays the configured bookmarks. The list of bookmarks can be filtered by tapping the Showing: <bookmark type> row that is displayed when there are more than five bookmarks. This lets you filter long lists of bookmarks by type. Select the type of bookmarks to display or select All to display all bookmarks.

Showing bookmarks

Selecting a bookmark for an application that is not installed prompts you to install the application. Applications referenced by bookmarks also can be installed at any time using the Settings > Bookmarks screen.

In addition to installing applications for bookmarks, the Settings > Bookmarks screen is also used to select and install applications for bookmarks that support multiple third-party applications. For example, you might select Safari and Google Chrome for a Web bookmark.

Web bookmark with multiple apps

Related topics:

Supported Bookmark Types

This section describes the types of bookmarks and associated applications that are supported by Mobile Connect.

* 
NOTE: In Mobile Connect iOS 4.0, only Web and Desktop bookmarks are supported on the SonicWall SMA 1000 Series / E-Class SRA appliances.

Topics:

Desktop Bookmarks

Desktop bookmarks have a name that appears on the user portal, and an internal type.

Several types of desktop bookmarks are supported:

RDP Bookmarks

RDP bookmark portal names and internal types

Portal name

Internal type

Terminal Services (RDP – ActiveX)

RDP5ActiveX

Terminal Services (RDP – Java)

RDP5Java

Terminal Services (RDP – HTML5)

RDP5HTML5

* 
NOTE: RDP (HTML5) bookmarks are launched within Mobile Connect and do not launch a third-party app.

RDP bookmark types attempt to launch with the associated RDP application, as configured in the Settings screen. See RDP applications and versions.

RDP applications and versions

Application

iOS version

Microsoft Remote Desktop

8.1.16

Parallels 2X Client RDP/Remote Desktop

15.0.3683

Remote RDP Lite

Remote RDP

Remote RDP Enterprise

Additional details such as screen resolution should be provided to the client. However, support for passing such parameters varies based on the application. For example:

Parallels 2X Client does not accept screen resolution settings on iOS
VNC Bookmarks

VNC bookmark portal names and internal types

Portal name

Internal type

Virtual Network Computing (VNC)

VNC

Virtual Network Computing (VNC – HTML5)

VNCHTML5

* 
NOTE: VNC (HTML5) bookmarks are launched within Mobile Connect and do not launch a third-party app.

VNC bookmark types attempt to launch with the associated VNC application as configured in the Settings screen.

VNC applications and versions

Application

iOS version

Wyse PocketCloud Pro

android-vnc-viewer

Remoter VNC

4.8.03

Additional details such as screen resolution should be provided to the client. However, support for passing such parameters varies based on the application.

Citrix Bookmarks

Citrix bookmark portal names and internal types

Portal name

Internal type

Citrix Portal (Citrix)

Citrix

Citrix Portal (Citrix)

Citrix_https

Citrix bookmark types attempt to launch with the associated Citrix application.

Citrix application and version

Application

iOS version

Citrix Receiver

6.1.4

Additional details such as screen resolution should be provided to the client. However, support for passing such parameters varies based on the application.

Related topics:

Web Bookmarks

Web bookmarks have a name that appears on the user portal, and an internal type.

Web bookmark portal names and internal types

Portal name

Internal type

Web (HTTP)

HTTP

Secure Web (HTTPS)

HTTPS

External Web Site

URL

External Web Site

URL_https

These bookmarks launch in an associated web browser and the provided “Name or IP Address” (HostID) is passed as the parameter to display in the browser.

Browser types and versions

Browser type

iOS version

Any browser

Safari

Yes

Google Chrome

47.0.2526.107

Related topics:

Mobile Connect Bookmarks

Mobile Connect bookmarks have a name that appears on the user portal, and an internal type.

Mobile Connect bookmark portal names and internal types

Portal name

Internal type

Mobile Connect

MC

The Mobile Connect bookmark type relies fully on the OS to determine and launch the proper application. The bookmark is expected to be properly configured for launch. The Mobile Connect application attempts to launch it as is. (For example, telnet://server).

Related topics:

Terminal Bookmarks

Terminal bookmarks have a name that appears on the user portal, and an internal type.

Terminal bookmark portal names and internal types

Portal name

Internal type

Telnet

Telnet

Telnet (HTML5)

TelnetHTML5

Secure Shell Version 1 (SSHv1)

SSH

Secure Shell Version 2 (SSHv2)

SSHv2

Secure Shell Version 2 (HTML5)

SSHv2HTML5

* 
NOTE: The Telnet (HTML5) & SSH (HTML5) bookmarks are launched within Mobile Connect and do not launch a third-party app.

The applications and versions are:

Terminal applications and versions

Application

iOS version

ServerAuditor

2.2.2

vSSH

1.11

vSSH Lite

1.11

Related topics:

Using Files

Mobile Connect 4.0 supports secure mobile access to files through File bookmarks. File bookmarks allow secure access to files by first checking and enforcing the server configured file policy, and then securely downloading and displaying the file within the Mobile Connect application.

Server configured policies include control over whether a file can be printed, copied to the clipboard, opened in a third-party application, or securely cached on the iOS device. File bookmarks can also be created to folders or file share root directories to allow directory navigation.

* 
NOTE: In Mobile Connect for iOS 4.0, File bookmarks are supported only on the SonicWall SMA 100 Series / SRA appliances with SRA 7.5 or later firmware. Support for File bookmarks in SMA 1000 Series / E-Class SRA and Next Generation Firewall appliances is expected in a future release.

When File bookmarks are configured for the user on the server appliance, they appear in the list of bookmarks after the VPN is established and can be filtered by selecting the Showing: Files row that is displayed when there are more than five bookmarks. See Showing Files bookmarks.

Showing Files bookmarks

Selecting a File bookmark queries the server and enforces any file policies configured on the server for that File bookmark. If the file is not already cached on the device, the file is securely downloaded from the SMA 100 Series / SRA appliance. After the file is downloaded, it is displayed within the Mobile Connect application. See Downloading a file using a File bookmark.

Downloading a file using a File bookmark

Selecting a File bookmark to a folder or directory allows directory browsing, including download and viewing of any file in the folder. Each attempt to browse a file folder or view a file queries the server to enforce access policies. See Browsing folders and viewing files.

Browsing folders and viewing files

For information about supported file types and other actions you can take on files, see Files Features.

Related topics:

Files Features

A number of file types are supported with features allowing you to perform many important functions with the files you access via Files bookmarks.

See the following:

Supported File Types

Mobile Connect supports the file types natively supported by Apple iOS, as shown in Supported file types.

Supported file types

File type

File extension

Images

.jpg, .jpeg, .tif, .tiff, .png

Music

.mp3, .m4a, .wav

Movies

.mov, .mp4

Microsoft Word documents

.doc, .docx

Microsoft Excel spreadsheets

.xls, .xlsx

Microsoft PowerPoint presentations

.ppt, .pptx

Adobe PDF

.pdf

Keynote presentations

.key

Pages documents

.pages

Numbers spreadsheets

.numbers

Web pages

.htm, .html

Text and Rich-text files

.txt, .rtf

Related topics:

Unsupported File Types

If a file type is not supported, an Unsupported file message is displayed identifying that the file might not be viewable unless another application is installed that can view the file. Tap Try Anyway to try opening the file with another application that might be registered to handle that file type. See Trying to open an unsupported file.

Trying to open an unsupported file

Related topics:

File Policies and Actions

On iOS, policies can be configured on the server to control the actions you can take with a file, including:

Print
Copy to the clipboard
Open in a third-party application
Securely cached on the device

If a file has an Allow policy (Allow Print, Allow Copy, or Allow Open In) enabled, a Share button is displayed in the top right of the navigation bar when the file is viewed.

Share button

See the following sections:

Allow All Actions

When all file policies are allowed by the server, tapping the Share button displays the icons for all actions you can take with a file.

All action buttons

Allow Print

If the file has the Allow Print policy enabled, tapping Share displays the Print button.

Print button

Allow Copy

If the file has the Allow Copy policy enabled, tapping the Share button displays the Copy button.

Copy button

Allow Open in an Application

If the file has the Allow Open in policy enabled, tapping the Share button displays the Open in button and icons for other applications that can open the file.

Tapping the Open in button displays a list of applications that can open the file.

Open in button and apps

Related topics: