-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
EX SSL-VPN: EPC configuration for Mobile connect based VPN Connections from Android Devices
03/26/2020 
8 People found this article helpful
484,306 Views
Description
EX SSL-VPN: EPC configuration for Mobile connect based VPN Connections from Android Devices
Resolution
Feature/Application:
Mobile connect VPN connections can be checked and provisioned in a separate EPC zones. This article will explain the different EPC definition checks that can be performed with the Android devices when connecting with the Mobile connect client. We recommend a separate EPC zone and Profile for Mobile connect connections as the definition settings would be different from other client machines connections and checks. On Firmware 10.5.4 and 10.6.0, we can use the Linux based profiles to check theAndroid devices. Even though we are using Linux based EPC definitions, we need to create separate profile for Mobile connect users.
In the upcoming 10.5.5 and 10.6.1 firmware releases, we will have new EPC platforms specifically for iOS and Android devices. Customers can configure the EPC profiles based on these new platforms instead of using MAC OS X or even Linux based EPC definitions.
a. EPC Check for DeviceID
The Serial number of the Android device is used as the DeviceID and can be found in the Settings - About Phone - Status. Customer can also obtain the Serial number from the unregistered device log entries for Android phones:-
Once we have identified the deviceid's, then we can configure the EPC profile to allow connections for known devices:-
b. EPC Check for Client Certificate
EPC check for client certificates can be performed on Android devices. To install the client certificates on a android device , please refer the following link:- http://support.google.com/mobile/bin/answer.py?hl=en&answer=168466
On the Aventail appliance, the Linux based EPC profile is configured as follows:-
With this setup, when the android device connects the user is prompted to select the Client certificate for the connection check (after completing the authentication part). Then the Mobile connect app completes the connection and we can confirm the session information in the AMC - User sessions page
c. EPC Check for Jailbroken Applications or Files
Android devices can be cheked for its Rooted status using the following EPC profiles that identifies any rooted app's or even its files within the device. Customers can configure the Linux based EPC profiles as shown below to check for these details:-
Please note that List of rooted application or even its filename is not available with SonicWall. So customers have to identify these informations from their users and environment.
See Also:
Related Articles
- How to Set Timeout for Inactive Tunnel Connections
- Commands for silent installation of NetExtender via CMD line
- Users on Netextender 10.3.0 version failing to connect with the following error message " Cannot get a response from the server "
YES
NO