Mobile Connect for iOS 5.0

Technical Documentation>  Installing and Connecting>  Configuring Trusted Network Detection
Table of Contents

Configuring Trusted Network Detection

The Apple Trusted Network Detection (TND) enhancement to the iOS Connect On Demand feature has the following properties:

  • Can be used only with Connect on Demand.
  • Extends the Connect on Demand functionality by determining whether the user is on a trusted network.
  • Is configured with the Apple Configurator 2.
  • Is used for wireless connections only. When operating over other types of network connections, Connect on Demand does not use TND to determine whether a VPN should be connected.

Connect On Demand starts a VPN connection whenever a user tries to access a destination with a hostname specified in the domains list. For example, if *.example.com is in the Always Connected list, when a user accesses internal.example.com, the client starts a VPN connection regardless of the network to which the device is currently connected. TND compares the VPN and local DNS servers and DNS suffixes to determine whether to use Mobile Connect and dial the VPN, as shown in the following table:

DNS comparison and effect on login
DNS suffixes DNS servers Login
None None Refused - no VPN
None Same Refused - no VPN
Same Same Refused - no VPN
Same Same and others Allowed
Same Different Allowed
Different Same Allowed
Partial match Partial match Allowed

A partial match means that if there are two DNS servers configured for TND, but only one DNS server matches the actual network environment, then the login will still be allowed.

Consult documentation from Apple Inc. for more information about Trusted Network Detection and Connect on Demand.

To determine if TND is available for your connection, tap the information indicator in the Status row on the Connection tab. This displays the Trusted Networks button used to enable/disable TND, if available.

Trusted Networks button

To configure TND

  1. Tap the information indicator in the Status row on the Connection tab.
  2. Ensure that Connect On Demand is turned on.

  3. Turn on Trusted Networks.

    Trusted Network Detection is available only for connections to SonicWall SMA 1000 Series.