- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
Features and Supported functionality of Aventail Mobile connect for iOS and Android
03/26/2020 
30 People found this article helpful
44,444 Views
Description
What are the features and Functionality of Aventail Mobile connect for iOS and Android (4.x) releases.
Resolution
1. User Interface and Functionality is mostly similar to the Connect tunnel client.
2. Mobile Connect supports both SSL and ESP based connectivity. Please note ESP is supported on aventail appliances running 10.5.4 or higher.
3. Mobile Connect supports End Point Control check and the policies needs to be definited little different than the usual client machines based deployment.
4. Mobile Connect supports client side Proxy deployments like remote internet proxy, proxy auto detection.
5. Mobile connect supports VPN OnDemand (Always and Never Dial) with certificate authentication. VPN OnDemand provides seamless, secure access to the enterprise network.
6. End Point Control Profiles specifically for iOS and Android devices are available in 10.6.1 & higher releases.
7. Mobile connect does not have dynamic routing like other desktop clients like Windows/Mac/Linux. On Mobile platforms, the routes needs to be added while the Tunnel adapter is brought up during the connection. So any Resource that needs to be redirected through the VPN should have corresponding Host IP/Subnets/Range resource defined within the AMC - Resources sections along with the necessary Access rules.
8. In Split tunnel mode, only the DNS requests that match the configured VPN DNS Suffic search domains will use the Mobile connect provisioned DNS servers. Requests to domains that do not match the VPN DNS suffixes will go to the local (3G/WIFI) connection based DNS Servers.
Example DNS suffix: example.com
Query for www.example.com uses VPN DNS Server
Query for intranet.corp.example.com uses VPN DNS Server
Query for www.google.com uses Local DNS server
Query for webmail.examplecorp.com uses Local DNS server
9. iOS only Mobile connect has a limitation of 297 for no of IP/Range resources. We are currently working on this with Apple support for further clarifications.
10. For Mobile connect deployments, that require all DNS requests to be prioritized we recommend Redirect all method for the tunnel setup.
Related Articles
- How to secure Virtual Office portal from all external access
- NetExtender users fail to get connected throwing an Error Failed to get vpn protocol on firmware 10.2.1.2 or above due to misconfigured protocol
- Is SRA/SMA appliance vulnerable to CVE-2016-2183 and CVE-2016-5915?
YES
NO