Secure Mobile Access 12.4 Administration Guide

Secure Network Detection

Secure Network Detection allows users to automatically establish a tunnel connection when attempting to login from an unsecure location. The client determines whether the device is in a secure network by comparing the client’s DNS suffixes and servers to the connected interface. Depending on this comparison, the following occurs:

Secure network detection
If connected...If not connected...
DNS entry foundDisconnect and reconnect in SND stateConnect in SND state
DNS entry not foundLeave connectedConnect using dialer

Connect Tunnel supports secure network detection per community level. CEM is not required now for Connect Tunnel client to configure the secure hosts, you can configure secure hosts in community tunnel access page.

Secure Network Detection (SND) is provided by Connect Tunnel and Mobile Connect. SND allows secure “always on, always connected” SSL VPN sessions to SMA appliances from client endpoint devices. When Secure Network Detection is enabled, the Connect Tunnel client can detect when the user is located on a non-secure network and automatically establish a tunnel connection. Mobile connect still follows DNS suffix entry for detecting secure network.

The connection status is indicated by an icon on the systray:

Systray IconDescription
Connected
Disconnected
Secure Network

Consider the following when using SND:

  • At the EPC Zone level, the Allow session to resume from multiple IP addresses checkbox must be checked for SND to work.
  • When enabling Secure Network Detection without Credential Caching, the user may be prompted for their credentials when they transition from secure to non-secure networks (or vice-versa) if their session has been alive longer than the maximum Credential Lifetime length under General Settings.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.