SonicWall Mobile Connect for iOS immediately disconnects when establishing a connection
03/26/2020 17 16739
DESCRIPTION: SonicWall Mobile Connect for iOS immediately disconnects when establishing a connection on first launch after installation.
Step 1: Exit the application.
To completely exit the application, open the iOS Multitasking Dock (double-tap the Home button), tap-and-hold on an icon in the Multitasking Dock, and click on the red ‘X’ on the top left corner of the SonicWall Mobile Connect icon.
Step 2: Launch SonicWall Mobile Connect and try to establish a connection.
Tap on the SonicWall Mobile Connect icon to launch the application. Try to establish a connection once again. If the issue continues, proceed to Step 3.
Step 3: Reboot the iOS device and repeat Step 2.
Note: If the issue continues, and the issue also affects NetExtender clients on Windows, Mac, or Linux, please move forward to Step 4.
Step 4a (SMB SSL-VPN only): Ensure the the User, Group, or Portal that is experiencing this issue is set to allow NetExtender connectivity.
It is possible to prevent specific Users, Groups, and Portals from allowing NetExtender connections. Doing so will prevent Mobile Connect from connecting. The most specific setting will apply. For example, if a user is set to deny NetExtender access, but a Portal is set to allow, all users will be allowed to connect with NetExtender, except for the user that is specifically set to deny NetExtender.
To ensure that Mobile Connect users can log in, you'll need to make sure NetExtender connections are allowed in the Portal, Group, or User settings. As mentioned earlier the most specific setting will apply.
Portal > Least Specfic. Everyone that uses the Portal is affected. Group > More Specific. Based on group memberships. Only specific groups are affected. (Uses portal setting by default) User > Most Specific. Changes affect the specific user. (Uses group setting by default)
"VirtualOffice" Portal configuration screen: "Home Page" tab. Ensure that "Allow NetExtender connections to this portal" is enabled.
"LocalDomain" Group configuration screen. Ensure that NetExtender is either Enabled explicitly at the Group level, or is set to "Use portal setting" and is allowed in the Portal configuration as shown above.
User configuration for an existing user. Ensure that NetExtender is either Enabled explicitly at the User level, Group level, or is set to "Use group setting" and is allowed in the Group configuration as shown above.
Step 4b (UTM SSL-VPN only):
On UTM appliances any SSL-VPN user that requires NetExtender access will need to be a member of the "SSLVPN Services" group. Users and Groups can be added to the SSLVPN Services group manually. Alternatively, if an external authentication method, such as LDAP is used, a group named "SSLVPN Services" can be created in LDAP. Any user that is a member of that group will be allowed to authenticate for SSL-VPN access. Below is a screenshot of the SSLVPN Services group with "All LDAP Users" listed as a member. With this configuration, an SSLVPN Services group is not required in LDAP, as "All LDAP Users" have access.