en-US
search-icon

Mobile Connect 4.0 OS X User Guide

Introduction to Mobile Connect

SonicWall™ Mobile Connect for OS X is an app for Apple Mac notebooks and desktops running OS X Mavericks (10.9) or newer versions, including macOS Sierra (10.12), that enables secure, mobile connections to private networks protected by SonicWall security appliances.

Topics:

Related topics:

How Mobile Connect Works

Modern business practices increasingly require that users be able to access any network resource (files, internal websites, etc.), anytime, anywhere. At the same time, ensuring the security of these resources is a constant struggle. While most users are aware that they must take care to protect computers from network security risks, this security awareness does not always extend to Mac devices like the MacBook Air and MacBook Pro. And yet, Macs are increasingly subject to security attacks. Furthermore, remote Mac users can often use insecure, untrusted, public WiFi hotspots to connect to the Internet. It is therefore a challenge to provide secure, mobile access while still guarding against the inherent security risks faced by mobile users.

The SonicWall Mobile Connect for OS X app provides secure, mobile access to sensitive network resources. Mobile Connect establishes a Secure Socket Layer Virtual Private Network (SSL VPN) connection to private networks that are protected by SonicWall security appliances. All traffic to and from the private network is securely transmitted over the SSL VPN tunnel.

To get started with SonicWall Mobile Connect:
1
Install SonicWall Mobile Connect from the Mac App Store.
2
Ensure that the Firewall or SMA 100 Series / SRA appliance being used by Mobile Connect is connected to the network.
3
Configure network information (server name, username, password, and so on).
4
Initiate a connection to the network.
5
Mobile Connect establishes a SSL VPN tunnel to the SonicWall security appliance.

You can now access resources on the private network. All traffic to and from the private network is securely transmitted over the SSL VPN tunnel.

New Features in Mobile Connect 4.0

The following enhancements are included in the Mobile Connect 4.0 release.

Client Certificate Only Authentication for SMA 100 Series / SRA connections - Single factor client certificate authentication is supported for connections to SonicWall SMA 100 Series and SRA appliances.

Supported Platforms

The following sections describe the supported platforms and network information for Mobile Connect:

Apple Product Support

SonicWall Mobile Connect for OS X is supported on all Mac models running OS X Mavericks (10.9) or newer, including macOS Sierra (10.12), available as a free upgrade. See the following web site for information on how to upgrade to macOS Sierra: http://www.apple.com/macos/how-to-upgrade/.

The following Mac models are compatible with macOS Sierra:

MacBook (Late 2009 or newer)
MacBook Pro (Mid 2010 or newer)
MacBook Air (Late 2010 or newer)
Mac mini (Mid 2010 or newer)
iMac (Late 2009 or newer)
Mac Pro (Mid 2010 or newer)

SonicWall Appliance Support

SonicWall Mobile Connect is a free app, but requires a concurrent user license on one of the following SonicWall solutions in order to function properly.

SonicWall firewall appliances including the TZ, NSA, E-Class NSA, and SuperMassive 9000 Series running SonicOS 5.8.1.0 or higher
SonicWall Secure Mobile Access 100 Series / SRA appliances running 7.5 or higher
SonicWall Secure Mobile Access 1000 Series / E-Class SRA appliances running 10.7 or higher

Required Network Information

To use Mobile Connect, you need the following information from your network administrator or IT Support:

Server name or address – This is either the IP address or URL of the SSL VPN server to which you are connecting. The SSL VPN server can be any supported SonicWall appliance. See SonicWall Appliance Support.
Username and password – Typically, you are required to enter your username and password, although some connections might not require this.
Domain name – The domain name of the SSL VPN server. Mobile Connect might be able to automatically determine this when it first contacts the server, or there could be multiple domains that can be selected.

DNS Domain Settings on Appliances

Before Mobile Connect users are able to access the private network, the network administrator must configure the DNS Domain on the SonicWall appliance. When the Mobile Connect user accesses a URL on the private network, the configured DNS domain is used to resolve the hostname lookup. For public domains that do not match the configured DNS domain, the DNS server for the WiFi or cellular network is used.

* 
NOTE: The Mobile Connect user does not need to perform any configuration tasks related to DNS. The following information is for SonicWall network administrators.

The DNS Domain configuration process varies, depending on the type of SonicWall appliance being used:

SonicWall firewall appliances - On the SSL VPN > Client Settings page, enter the DNS domain name in the DNS Domain field.
SonicWall SMA 100 Series / SRA appliances - The DNS domain can be configured either globally, at the group level, or at the individual user level:
Global level – On the Network > DNS page, enter the DNS domain name in the DNS Domain field.
Group level – On the Users > Local Groups page, click the edit icon for the group. Click on the NX Settings tab and enter the DNS domain the DNS Domain field.
User level – On the Users > Local Users page, click the edit icon for the user. Click on the NX Settings tab and enter the DNS domain the DNS Domain field.
SonicWall SMA 1000 Series / E-Class SRA appliances - The DNS domain can be configured either globally or for specific IP address pools:
Global level – From the main navigation menu in the Appliance Management Console (AMC), click Network Settings. In the Name resolution area, click Edit. The Configure Name Resolution page appears. Enter the DNS domain name in the Search domains field.
IP address pool level – From the main navigation menu in the AMC, click Services. Under Access services, in the Network tunnel service area, click Configure. The Configure Network Tunnel Service page appears. Click the name of the IP address pool you want to edit. The Configure IP Address Pool page appears. To the right of the Advanced heading, click the arrow icon. Select Customize default settings and enter the DNS domain name in the Search domains field.