• Mobile Connect for iOS 5.0
• Introduction to Mobile Connect
  • How Mobile Connect Works
  • New Features in Mobile Connect 5.0
  • Additional Feature Information
  • Supported Platforms
    • Apple Product Support
    • SonicWall Appliance Support
    • Required Network Information
• Installing and Connecting
  • Installing Mobile Connect
  • Creating and Saving Connections
    • Creating Firewall or SMA 100 Series Connections
    • Creating SMA 1000 Series Connections
  • Initiating a Connection
  • Configuring Connect on Demand
    • Connect on Demand to SMA 1000 Series
    • Connect on Demand to SMA 100 and SMA 1000 Series
  • Configuring Trusted Network Detection
  • Using Apple Configurator 2 with Mobile Connect
  • Configuring Per App VPN
• Settings, Bookmarks, Files, and Certificates
  • Settings Overview
  • URL Control Syntax and Parameters
    • Using the addprofile Command
    • Using the Connect Command
    • Using the Disconnect Command
    • Using the callbackurl Command Parameter
  • Using Bookmarks
    • Showing and Filtering Bookmarks
    • Supported Bookmark Types
      • Desktop Bookmarks
        • RDP Bookmarks
        • VNC Bookmarks
        • Citrix Bookmarks
      • Web Bookmarks
      • Mobile Connect Bookmarks
      • Terminal Bookmarks
  • Using Files
  • Files Features
    • Supported File Types
    • Unsupported File Types
    • File Policies and Actions
  • Importing Certificates to the iOS Device
    • Using Mobile Device Management for Certificate Import
    • Using Mobile Connect Client Certificate Importer
• Monitoring and Troubleshooting
  • Monitoring Mobile Connect
  • Troubleshooting Mobile Connect
• SonicWall Support
  • About This Document

Configuring Trusted Network Detection

The Apple Trusted Network Detection (TND) enhancement to the iOS Connect On Demand feature has the following properties:

• Can be used only with Connect on Demand.
• Extends the Connect on Demand functionality by determining whether the user is on a trusted network.
• Is configured with the Apple Configurator 2.
• Is used for wireless connections only. When operating over other types of network connections, Connect on Demand does not use TND to determine whether a VPN should be connected.

Connect On Demand starts a VPN connection whenever a user tries to access a destination with a hostname specified in the domains list. For example, if *.example.com is in the Always Connected list, when a user accesses internal.example.com, the client starts a VPN connection regardless of the network to which the device is currently connected. TND compares the VPN and local DNS servers and DNS suffixes to determine whether to use Mobile Connect and dial the VPN, as shown in the following table:

DNS comparison and effect on login

DNS suffixes	DNS servers	Login
None	None	Refused - no VPN
None	Same	Refused - no VPN
Same	Same	Refused - no VPN
Same	Same and others	Allowed
Same	Different	Allowed
Different	Same	Allowed
Partial match	Partial match	Allowed

A partial match means that if there are two DNS servers configured for TND, but only one DNS server matches the actual network environment, then the login will still be allowed.

Consult documentation from Apple Inc. for more information about Trusted Network Detection and Connect on Demand.

To determine if TND is available for your connection, tap the information indicator in the Status row on the Connection tab. This displays the Trusted Networks button used to enable/disable TND, if available.

Trusted Networks button

To configure TND

1. Tap the information indicator in the Status row on the Connection tab.
2. Ensure that Connect On Demand is turned on.

3. Turn on Trusted Networks.

   Trusted Network Detection is available only for connections to SonicWall SMA 1000 Series.