SonicWALL Mobile Connect User guide

SonicWall™MobileConnectfor

Windows10

UserGuide

SonicWallisatrademarkorregisteredtrademar kofSonicWallInc.and/oritsaffiliatesintheU.S.A.and/orothercountries.Allother

trademarksandregisteredtrademarksarepropertyoftheirrespectiveow ners

Theinformationinthisdo cumentisprovidedinconnectionwithSonicWallInc.and/oritsaffiliates’products.Nolicense,expressor

implied,

byestoppelorotherwise,toanyintellectualproper tyrightisgrantedbythisdocumentorinconnectionwiththesaleofSonicWallproducts.

EXCEPTASSETFORTHINTHETERMSANDCONDITIONSASSPECIFIEDINTHELICENSEAGREEMENTFORTHISPRODUCT,SON ICWALLAND/OR

ITSAFFILIATESASSUMENOLIABILITYWHATSOEVERAND

DISCLA IMSANYEXPRESS,IMPLIEDORSTATU TORYWARRANT YRELATINGTOITS

PRODUCTSINCLUD ING ,BUTNOTLIMITEDTO,THEIMPLIEDWARR ANT YOFMERCHANTABILIT Y,FITNESSFORAPAR TI CU L A RPURP OSE,OR

NON‐INFRINGEMENT.INNOEVENTSHALLSONICWALLAND/ORITSAFFILIATESBELIABLEFORANYDIRECT,INDIRECT,CONSEQUENTIAL,

PUNITIVE,SPECIALORINCIDENTALDAMAGES(INCLUDING,

WITHOUTLIMITATION,DAMAGESFORLOSSOFPROFITS,BUSINESS

INTERRUPTIONORLOSSOFINFORMATION)ARISINGOU TOFTHEUSEORINABILITYTOUSETHISDOCUMENT,EVENIFSONICWALLAND/OR

ITSAFFILIATESHAVEBEENADVISEDOFTHEPOSSIBILITYOFSUCHDAMAGES.SonicWall and/oritsaffiliatesmakenorepresentationsor

warrantieswithrespectto

theaccuracyorcompletenessofthecontentsofthisdocumentandreservestherighttomakechangesto

specificationsandproductdescriptionsatanytimewithoutnotice.SonicWallInc.and/oritsaffiliatesdonotmakeanycommitmentto

updatetheinfo rmationcontainedinthisdocument.

Formoreinformation,visithttps://www.sonicwall.com/legal/.

Mobile

ConnectUserGuide

Updated‐March2017

SoftwareVersion‐1.0

232‐003827‐00RevA

Legend

WARNING:AWARNINGiconindicatesapotentialforpropertydamage,personalinjury,ordeath.

CAUTION:ACAUTIONiconindicatespotentialdamagetohardwareorlossofdataifinstructionsarenotfollowed.

IMPORTANT,NOTE,TIP,MOBILE,orVIDEO:Aninformationiconindicatessupportinginformation.

SonicWallMobileConnectforWindows10UserGuide

Contents

AboutMobileConnect.... . ..........................................................4

HowMobileConnectWorks ................................

............................. 4

SupportedPlatforms ...................

.......................................... ...... 4

Windows10

ProductSupport ................ .. ...................................... 5

UpgradingfromWindows8.1 ................... .. .................

............... ...5

SonicWallApplianceSupport............. ................

........................... 5

RequiredNetworkInformation......... ...........

................................... 6

InstallingMobileConnect............

.................................................7

ConfiguringVPN

Connections.........................................................9

CreatingaConnection.........................................

......................... 9

ConnectingtotheVPNServer....................

...................................... 11

ConfiguringConnectionswithPowerShell........

........................................ 12

CreatingVPNConnectionswithPowerShell.....

...................................... 13

ConfiguringVPNConnectionCustomXMLSettings......

...............................14

PowerShellExamplesforCustomizingVPNConnections .............

....................14

ConfiguringAdvancedVPNConnectionSettings. ........................

..................15

ConfiguringSMA1000Series/E‐ClassSRAConnectionSettings...... ................

....15

ConfiguringSMA100Series/SRAandFirewallConnectionSettings.................. .....16

ConfiguringVPNConnectionTriggersinWindows10.....

.................................. 16

MonitoringVPNConnectionsinWindows...........

...................................18

DisplayingVPNConnectionNetworkInformation...........

............... ................ 18

DisplayingIPv4NetworkInformation...............

.................................. 18

DisplayingIPv6NetworkInformation............

..................................... 19

DisplayingRoutingInformation..........

............... ............................  19

DisplayingDNSInformation....

............... ......................... ............20

MonitoringConnectionsintheWindowsTaskManager ................................... ..21

UsingtheVPNProperties

Window....................................................23

GeneralTab.......................................... .. ...

..........................23

OptionsTab.................. ....

....................................... ............24

SecurityTab.................................. .............

..........................25

NetworkingTab......................

................................................26

SharingTab

.......................................................................... 27

TroubleshootingVPNConnectionsinWindows10.... . . ...............

.............. . . . .28

SonicWallSupport ...............................

...................................29

Contents

SonicWallMobileConnectforWindows10UserGuide

AboutMobileConnect

SonicWall™Mobi leConnectforWindows10isanappthatisavailableintheWindowsStore.Theappincludesa

VPNplug‐inthatenablessecuremobileconnectionstoprivatenetworksprotectedbySonicWallsecurity

appliancesfordevices runningWindows10.

Topics:

• HowMobileConnectWorksonpage4

• SupportedPlatformsonpage4

HowMobileConnectWorks

Modernbusinesspracticesincreasinglyrequirethatusersbeabletoaccessanynetworkresource(files,internal

websites,etc.),anytime,anywhere.Atthesametime,ensuringthesecurityoftheseresourcesisaconstant

struggle.Whilemostusersareawarethattheymusttakecaretoprotectcomputersfromnetworksecurityrisks,



thissecurityawarenessdoesnotalwaysextendtomobiledevices.Andyet,mobiledevicesareincreasingly

subjecttosecurityattacks.Furthermore,mobiledevicesoftenuseinsecure,untrusted,publicWi‐Fihotspotsto

connecttothe Internet.Itisthereforeachallengetoprovidesecure,mobileaccesswhilestillguardingagainst

theinherentsecurityrisksofusingmobile devices.

TheSonicWallMobileConnectforWindows10plug‐inprovidessecuremobileaccesstosensitivenetwork

resources.MobileConnectestablishesaSecureSocketLayerVirtualPrivateNetwork(SSLVPN)connectionto

privatenetworksthatareprotectedbySonicWallsecurityappliances.Alltrafficto

andfromtheprivatenetwork

issecurelytransmittedovertheSSLVPNtunnel.

TogetstartedwithMobileConnectforWindows10:

1EnsurethattheSonicWallSMAorfirewallappliancetobeusedbyMobileConnectisconnectedtothe

network.

2ConfiguretheVPNconnectionswithintheNetwork&Internet>VPNsectionoftheWindows10Settings

appwiththerequiredinformation(connectionnameandservername).

MobileConnectestablishesaSSL

VPNtunneltotheSonicWallsecurityappliance.

Youcannowaccessresourcesontheprivatenetwork.Alltraffictoandfromtheprivatenetworkis

securelytransmittedovertheSSLVPNtunnel.

SupportedPlatforms

ThefollowingsectionsdescribesupportedplatformsandnetworkrequirementsforSonicWallMobileConnect:

• Windows10ProductSupportonpage5

• UpgradingfromWindows8.1onpage5

SonicWallMobileConnectforWindows10UserGuide

AboutMobileConnect

• SonicWallApplianceSupportonpage5

• RequiredNetworkInformationonpage6

Windows10ProductSupport

SonicWallMobileConnectforWindows10issupportedondevicesrunningtheWindows10operatingsystem

fromMicrosoft.MicrosoftismakingWindows10availableasfreeupgradeforqualifiedWindows7,Windows

8.1,andWindowsPhone8.1devices.SeethefollowingURLformoreinformation:

http://www.microsoft.com/en‐us/windows/windows‐10‐faq

DownloadSonicWallMobile

ConnectforWindows10usingthefollowingURL:

http://microsoft.com/store/productid/9WZDNCRDSFKZ

UpgradingfromWindows8.1

VPNconnectionsconfiguredfortheMobileConnectinboxplug‐ininWindows8.1willnotworkafterupgrading

toWindows10untiltheMobileConnectapphasbeendownloadedandinstalledfr omtheWindowsStore.The

VPNconnectionwillstillappearintheSettingsapp,however,clickingConnectwillshowthe

error“Application

NotFound.”

Inthiscase,the StoreappwillbeautomaticallylaunchedandtheMobileConnectapppagewillbedisplayed.

OnceMobileConnecthasbeensuccessfullyinstalled,clickingConnectontheVPNconnectionwillnowworkas

expected.

SonicWallApplianceSupport

SonicWallMobileConnectisafreeappavailablefordownloadfromtheWindowsStore,butrequiresa

concurrentuserlicenseononeofthefollowingSonicWallsolutionstofunctionproperly:

• SonicWallfirewallappliancesincludingtheTZ,NSA,E‐ClassNSA,andSuperMassive™9000Seriesrunning

SonicOS5.8.1.0orhigher

SonicWallMobileConnectforWindows10UserGuide

AboutMobileConnect

• SonicWallSecureMobileAccess100Series/SRAappliancesrunning7.5orhigher

• SonicWallSecureMobileAccess1000Series/E‐ClassSRAapp liancesrunning10.7orhigher

RequiredNetworkInformation

TouseMobileConnect,youwillneedthefollowinginformationfromyournetworkadministratororITSupport:

•Servernameoraddress—ThisiseithertheIPaddressorURLoftheSSLVPNserverthatyouwillconnect

to.

• Usernameandpassword—Typically,youwillberequiredtoenteryourusernameandpassword,



althoughsomeconnectionsmaynotrequirethis.

•DomainorLoginGroupname—ThedomainorlogingroupnameoftheSSLVPNserver.Mobi leConnect

maybeabletoautomaticallydeterminethiswhenitfirstcontactstheserver,ortheremaybemultiple

domainsthatcanbeselected.

DNSDomainSettingsonSonicWallAppliances

BeforeMobileConnectuserswillbeabletoaccesstheprivatenetwork,thenetworkadministratormust

configuretheDNSDomainontheSonicWallappliance.WhentheMobileConnectuseraccessesaURLonthe

privatenetwork,theconfiguredDNSdomainisusedtoresolvethehostnamelookup.Forpublicdomainsthat



donotmatchtheconfiguredDNSdomain,theDNSserverfortheWi‐Fior3G/4Gnetworkisused.

ThefollowinginformationisforSonicWallnetworkadministrators:

TheDNSDomainconfigurationprocessvaries,dependingonthetypeofSonicWallappliancebeingused:

•SonicWallfirewallappliances—OntheSSLVPN>ClientSettings

page,entertheDNSdomainnamein

theDNSDomainfield.

•SonicWallSMA100Series/SRAappliances—TheDNSdomaincanbeconfiguredeitherglobally,atthe

grouplevel,orattheindividualuserlevel:

•Globallevel:OntheNetwork>DNSpage,entertheDNSdomainnameinthe

DNSDomainfield.

•Grouplevel:OntheUsers>LocalGroupspage,clicktheediticonforthegroup.Clickonthe

NetExtender/MobileConnecttabandentertheDNSdomaintheDNSDomainfield.

•Userlevel:OntheUsers>LocalUserspage,clicktheediticonfortheuser.

Clickonthe

NetExtender/MobileConnecttabandentertheDNSdomaintheDNSDomainfield.

•SonicWallSMA1000Series/E‐ClassSRAappliances—TheDNSdomaincanbeconfiguredeitherglobally

orforspecificIPaddresspools:

•Globallevel:FromthemainnavigationmenuintheApplianceManagementConsole(AMC),click



NetworkSettings.IntheNameresolutionarea,clickEdit.TheConfigureNameResolutionpage

appears.EntertheDNSdomainnameintheSearchdomainsfield.

•IPaddresspoollevel:FromthemainnavigationmenuinAMC,clickServices.UnderAccess

services,intheNetworktunnelservicearea,click

Configure.TheConfigureNetworkTunnel

Servicepageappears.ClickthenameoftheIPaddresspoolyouwanttoedit.TheConfigureIP

AddressPoolpageappears.TotherightoftheAdvancedheading,clickthearrowicon.Selectthe

CustomizedefaultsettingscheckboxandentertheDNSdomain

nameintheSearchdomains

field.

NOTE:TheMobileConnectuserdoesnotneedtoperformanyconfigurationtasksrelatedtoDNS.

SonicWallMobileConnectforWindows10UserGuide

InstallingMobileConnect

ThissectiondescribeshowtoinstallMobileConnect.SonicWallMobileConnectforWindows10isinstalled

fromtheWindowsStore.

ToinstallMobileConnect:

1OnyourWindows10device,launchthe Storeapp.

2Inthesearchfield,typeinSonicWallMobileConnectandclickEnter.

3Inthesearchresults,selectSonicWallMobileConnect.

SonicWallMobileConnectforWindows10UserGuide

InstallingMobileConnect

4 SelectInstall.Theappwillbegindownloadingandinstallonyourdevice.

5Wheninstallationiscomplete,theSonicWallMobileConnecticonwillappearinthelistofapplications

onyourWindows10device.

SonicWallMobileConnectforWindows10UserGuide

ConfiguringVPNConnections

ThissectiondescribeshowtoconfigureandinitiateaVPNconnectionusingSonicWallMobileConnectfor

Windows10.

Topics:

• CreatingaConnectiononpage9

• ConnectingtotheVPNServeronpage11

• ConfiguringAdvancedVPNConnectionSettingsonpage15

• ConfiguringVPNConnectionTriggersinWindows10onpage16

CreatingaConnection

InWindows10,VPNconnectionscanbecreatedintheSettingsapp.

TocreateaVPNconnection:

1 LaunchtheSettingsappandnavigatetoNetwork&Internet>VPN.

2UnderVPN,selectAddaVPNconnection.

SonicWallMobileConnectforWindows10UserGuide

ConfiguringVPNConnections

3IntheAddaVPNconnectionwindow,selectSonicWallMobileConnectastheVPNprovider.

4Afterenteringalltherequiredinformation,clickSave.

OncetheVPNconnectionissuccessfullycreated,theVPNconnectionnameappearsinthelistof

connectionsandintheVPNsection.

IMPORTANT:Ifacustomportisrequired,thentheservernamemustbeenteredinURLformatinthe

Servernamefield,forexamplehttps://vpn.example.com:4433.

SonicWallMobileConnectforWindows10UserGuide

ConfiguringVPNConnections

ConnectingtotheVPNServer

ToestablishaMobileConnectVPNsession:

1IntheActionCenter,selecttheVPNtoopentheSettingsappandconnecttheVPNbyselectingConnect.

2EnteryourusernameandpasswordwhenpromptedandtapOK.NotethattheWindowsSignInscreen

acceptstheSonicWallSMA100Series/SRAorFirewallappliancedomainorthe

SonicWallSMA1000

Series/E‐ClassSRALoginGroupvalueastheMicrosoftdomainportionofthe username:

Username@Domain ORUsername@LoginGroup

Domain\UsernameORLoginGroup\Username

Example1:jdoe@SRA‐DEMOorSRA‐DEMO\jdoe,whereSRA‐DEMOisthenameofthedomainforthe

SMA100Seri es/SRAappliance.

Example2:jdoe@CORPor

CORP\joe,whereCORPistheLoginGroupfortheSMA1000Series/E‐Class

SRAappliance.

SonicWallMobileConnectforWindows10UserGuide

ConfiguringVPNConnections

Whentheconnectionissuccessfullyestablished,theStatuschangestoConnectedandtheDisconnect

buttonreplacestheConnectbutton.

Onceconnected,youcanaccesstheremotenetwork.TheNetworksscreenshowsthestatusoftheVPN

connection.

IftheVPNconnectionisinterrupted,theVPNiconshowsasdisconnectedandyou

willnolongerbeableto

accesstheremotenetwork.ReturntotheNetworksscreentoreestablish theVPNconnection.Windows10will

automaticallyattempttorees tablishinterruptedconnections.VPNconnectionsinWindows10alsocanbe

managedusingPowerShell.

ConfiguringConnectionswithPowerShell

Thissectionincludesthefollowingtopics:

• CreatingVPNConnectionswithPowerShellonpage13

• ConfiguringVPNConnectionCustomXMLSettingsonpage14

• PowerShellExamplesforCustomizingVPNConnectionsonpage14

SonicWallMobileConnectforWindows10UserGuide

ConfiguringVPNConnections

CreatingVPNConnectionswithPowerShell

TocreateaVPNconnection,usethePowerShellcommandAdd-VpnConnection(seehttp://

technet.microsoft.com/en‐us/library/jj55 4824.aspx).ThePluginApplicationIDfortheSonicWallMobileConnect

VPNpluginisSonicWALL.MobileConnect_e5kpm93dbe93j.Intheexamplebelow,aVPNconnectionto

vpn.example.comiscreatedwithdefaultoptions.ThisisequivalenttousingtheSettingsappontheWindows



10device.

ThefollowingisanexampleofthePowerShellcommandsforcreatingaconnection:

PS C:\> $xml = "<MobileConnect/>"

PS C:\> $sourceXml=New-Object System.Xml.XmlDocument

PS C:\> $sourceXml.LoadXml($xml)

PS C:\> Add-VpnConnection -NameVPN -ServerAddress vpn.example.com -

SplitTunneling $True -PluginApplicationID

SonicWALL.MobileConnect_e5kpm93dbe93j -CustomConfiguration $sourceXml

TodeleteaVPNconnection,usethePowerShellcommandRemove-VPNConnection,specifyingtheVPN

connectionusingthe-nameoption.Forexample:

PS C:\> Remove-VpnConnection –Name VPN

SonicWallMobileConnectforWindows10UserGuide

ConfiguringVPNConnections

ConfiguringVPNConnectionCustomXMLSettings

UsingPowerShell,itispossibletoconfigureadvancedsettingsfortheMobileConnectVPNplug‐in.Thissection

describeseachindividualcu stomXMLoptionandprovidesexamplesofhowtoconfigurethesesettingsusing

PowerShell.

•ServerPort—<Port>4443</Port>‐serverport(optional,defaultis443)

• DebugLogging—<DebugLogging>true</DebugLogging>‐enabledebuglogginginplug‐

in(optional,

defaultfalse).

•PacketCapture—<PacketCapture>true</PacketCapture>‐enablepacketcapture(optional,defaultfalse)

•WindowsNativeAuthenticationUI—<WindowsAuthUI>false</WindowsAuthUI>‐disableWindows

nativeauthenticationUI(optional,defaulttrue).

•ParseDomainfromUsernamefield—<UsernameHasDomain>false</UsernameHasDomain>‐Parseout

DomainfieldfromUsernamefieldinWindowsAuthdialog(optional,defaulttrue).Usernameshouldbe

enteredintheformat

<Username>@<Domain> or<Domain>\<Username>.ForSMA100Series/SRA

andFirewallconnections,theDomainportionisusedfortheDomainfield.

•WindowsSingleSignOn—<SingleSignOn>false</Singl eSignOn>‐DonotsetSSOflagto

RequestCredentials()(optional,defaulttrue).

PowerShellExamplesforCustomizingVPN

Connections

Enabledebuglog ging:

PS C:\> $xml = "<MobileConnect><DebugLogging>true</DebugLogging></

MobileConnect>"

PS C:\> $sourceXml=New-Object System.Xml.XmlDocument

PS C:\> $sourceXml.LoadXml($xml)

PS C:\> Add-VpnConnection -Name VPN -ServerAddress vpn.example.com -

SplitTunneling $True -PluginApplicationID

SonicWALL.MobileConnect_e5kpm93dbe93j

-CustomConfiguration $sourceXml

NOTE:IfDebugLog gingisenabled,logsarewrittentothefollowingfile:

C:\Users\<userName>\AppData\Local\Packages\SonicWALL.MobileConnect

_e5kpm93dbe93j\LocalState\Logs\MobileConnect.log

NOTE:IfPacketCaptureisenabled,thepacketcaptureisinthefollowingfiles:

ConnectionstoSMA1000Series/E‐ClassSRAappliances:

C:\Users\<userName>\AppData\Local\Packages\SonicWALL.MobileConnect

_e5kpm93dbe93j\LocalState\Logs\MobileConnect.pcap

ConnectionstoSMA100Series/SRAandFirewallappliances:

C:\Users\<userName>\AppData\Local\Packages\SonicWALL.MobileConnect

_e5kpm93dbe93j\LocalState\Logs\MobileConnect.ppp.pcap

NOTE:<UsernameHasDomain>onlyappliesifW indowsAuthUIisenabled

NOTE:<SingleSignOn>willnotapplyfortheusername&passwordcustomauthenticationprompt

(WindowsAuthUIsettofalse)

SonicWallMobileConnectforWindows10UserGuide

ConfiguringVPNConnections

Enabledebugloggingandpack etcapture:

PS C:\> $xml = "<MobileConnect><DebugLogging>true</

DebugLogging><PacketCapture>true</PacketCapture></MobileConnect>"

PS C:\> $sourceXml=New-Object System.Xml.XmlDocument

PS C:\> $sourceXml.LoadXml($xml)

PS C:\> Add-VpnConnection -Name VPN -ServerAddress vpn.example.com -

SplitTunneling $True -PluginApplicationID

SonicWALL.MobileConnect_e5kpm93dbe93j

-CustomConfiguration $sourceXml

SpecifyNon‐standardportforVPNconnection:

PS C:\> $xml = "<MobileConnect><Port>4433</4433></MobileConnect>" PS C:\>

$sourceXml=New-Object System.Xml.XmlDocument

PS C:\> $sourceXml.LoadXml($xml)

PS C:\> Add-VpnConnection -Name VPN -ServerAddress vpn.example.com -

SplitTunneling $True -PluginApplicationID

SonicWALL.MobileConnect_e5kpm93dbe93j

-CustomConfiguration $sourceXml

ConfiguringAdvancedVPNConnectionSettings

Thissectionincludesthefollowingtopics:

• ConfiguringSMA1000Series/E‐ClassSRAConnectionSettingsonpage15

• ConfiguringSMA100Series/SRAandFirewallConnectionSettingsonpage16

ConfiguringSMA1000Series/E‐ClassSRAConnection

Settings

ThefollowingsettingsareapplicabletoVPNconnectionswithSMA1000Series/E‐ClassSRAappliances:

•EncapsulatedSecurityPayload—<ESP>true</ESP>‐Enable ESPmode(optional,defaultfalse)

• Compression—<Compression>false</Compression>‐Disablelz4compression(optional,defaulttrue)

•NetworkConflictResolutionMode—<NCR>Local</NCR>‐SetNetworkConflict

Resolution(NCR)mode(optional,default'Admin',othervalues'Remote'or

'Local')

•LoginGroupCaching—<CacheLoginGroup>true</CacheLoginGroup>‐EnableLogin

Groupselectioncaching(optional,defaultfalse)

SonicWallMobileConnectforWindows10UserGuide

ConfiguringVPNConnections

ConfiguringSMA100Series/SRAandFirewall

ConnectionSettings

ThefollowingsettingsareapplicabletoVPNconnectionswithSMA100Series/SRAorFirewallappliances:

•Case‐sensitiveDomainMatching—<DomainMatchCaseSensitive>true</DomainMatchCaseSensitive>‐

Performcase‐sensitivematchforuserenteredDomainfieldagainstVPNserverDomain(optional,

defaultfalse)

•MaxLoginRetries—<MaxLoginRetries>0</MaxLoginRetries>‐(optional,default2‐totalof3login

attemptsallowed)

•Require

SmartCardCertificate—<SmartCardRequired>true</SmartCardRequired>‐requireclient

certificatetobeSmartCard(CertificateQuery‐>HardwareOnlyflagmustbeset)(optional)

• ClientCertificateIssuerCA—<ClientCertIssuerCA>testing.testsslvpn.com</ClientCertIssuerCA>‐filter

setofclientcertificatesinstalledonWindows10bytheIssuerCA(optional)

• AutomaticallySelectClientCertificate—<ClientCertAutoSelect>true</ClientCertAutoSelect>‐

automaticallyselectasingleclientcertificatewithoutpromptingthe

userforverification(optional,

defaultfalse)

• ClientCertificateThumbprint—

<ClientCertThumbprint>bea9275b806262dea611059efc8c2fa55 7d8ee10</ClientCertThumbprint>‐

automaticallyselecttheclientcertificatethatmatchesthegivencertificateThumbprint(optional)

ConfiguringVPNConnectionTriggersin

Windows10

VPNconnectiontriggerscanbeconfiguredusingPowerShelltoautomaticallyconnectaVPNconnectionwhen

anapplicationislaunched,orwhenaclientattemptstoaccessaresourcewithinaspecifiedDNSnamespace.In

addition,trustednetworkscanbeconfiguredtopreventaVPNconnectionfrombeinginitiatedwhenclient

devices

arealreadywithinthetrustednetworkandtheVPNisnotneeded.Pleaseref ertoMicrosoft’s

documentationonthefollowingcommands:

•Add‐VpnConnectionTriggerApplication

(seehttp://technet.microsoft.com/en‐us/library/dn296460%28v=wps.630%29.aspx)

TheAdd-VpnConnectionTriggerApplicationcommandaddsapplicationstoaVPNconnection

object.TheapplicationsautomaticallytriggeraVPNconnectionwhenlaunched.

•Add‐VpnConnectionTrig gerDnsConfiguration

(seehttp://technet.microsoft.com/en‐us/library/dn262650%28v=wps.630%29.aspx)

The

Add-VpnConnectionTriggerDnsConfigurationcommandaddsaDNSsuffixornametothe

DNStriggerpropertiesforaclient.IfyouspecifyaDNSIPaddressforthesuffixorname,whentheclient

accessesaresourcewithinthe suffix,theclientstartsaVPNconnection.IfyoudonotspecifyaDNSIP



addressforaDNSsuffixorname,accessingthesuffixornamedoesnottriggertheVPNconnection.

NOTE:Defaultbehavioristhatacase‐insensitivematchisperformed.Onlyappliesif

<WindowsAuthUI>isenabledand<UsernameHasDomain>isenabled.

NOTE:TheWinRTStreamSocketAPIinWindows10doesnotcurrentlyprovidethelistofIssuerCA

certificatesfromtheSSLserver,sothismaybeusedasaworkaroundtofilterthelist.

SonicWallMobileConnectforWindows10UserGuide

ConfiguringVPNConnections

•Add‐VpnConnectionTriggerTrustedNetwork

(seehttp://technet.microsoft.com/en‐us/library/dn262638%28v=wps.630%29.aspx)

TheAdd-VpnConnectionTriggerTrustedNetworkcommandaddsDNSsuffixesastrusted

networkstotheVPNprofile.WhenaDNSsuffixthatyouaddtotheVPNprofileispresentonthephysical

interfaceontheclient,theVPNconnectiondoesnotstarteveniftheclienttriestoaccess

anapplicationthat

ispartoftriggeringpropertiesortriestoaccessaresourcethatispartofDNSsuffixconfiguredfortriggering.

SonicWallMobileConnectforWindows10UserGuide

MonitoringVPNConnectionsinWi ndows

MonitoringVPNConnectionsinWindows

VPNconnectionscanbemonitoredinWindows10usingthenativesetofWindowsutilities,includingCMDshell

commands,suchasipconfigandroute,andapplicationssuchasTaskManager,ResourceMonitor,andtheEvent

Viewer.

Thissectionincludesthefollowingtopics:

• DisplayingVPNConnectionNetworkInformationonpage18

•

MonitoringConnectionsintheWindowsTaskManageronpage21

DisplayingVPNConnectionNetwork

Information

Thefollowingsectionsincludeexamplesusingcommandlineutilitiestoshowdetailednetworkinformation:

• DisplayingIPv4NetworkInformationonpage18

• DisplayingIPv6NetworkInformationonpage19

• DisplayingRoutingInformationonpage19

• DisplayingDNSInformationonpage20

DisplayingIPv4NetworkInformation

Thefollowingisanexampleshowing IPv 4networkinformation:

C:\> ipconfig /all

Windows IP Configuration

PPP adapter VPN

Connection-specific DNS Suffix. . : example.com

Description . . . . . . . . . . . : VPN

Physical Address. . . . . . . . . :

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

IPv4 Address. . . . . . . . . . . : 192.168.200.61(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.255

Default Gateway . . . . . . . . . :

NetBIOS over Tcpip. . . . . . . . : Enabled

Connection-specific DNS Suffix Search List : example.com

SonicWallMobileConnectforWindows10UserGuide

MonitoringVPNConnectionsinWi ndows

DisplayingIPv6NetworkInformation

Thefollowingisanexampleshowing IPv 6networkinformation:

C:\> ipconfig /all

Windows IP Configuration

PPP adapter VPN

Connection-specific DNS Suffix. . : example.com

Description . . . . . . . . . . . : VPN

Physical Address. . . . . . . . . :

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

IPv6 Address. . . . . . . . . . . :

2008:192:168:200:1:1:1:6(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.255

Default Gateway . . . . . . . . . :

DHCPv6 IAID. . . . . . . . . . . . : 452990301

DHCPv6 Client DUID . . . . . . . . :

00-01-00-01-1-BD-D7-43-00-15-5D-7E-C4-43

NetBIOS over Tcpip. . . . . . . . : Enabled

Connection-specific DNS Suffix Search List : example.com

DisplayingRoutingInformation

Thefollowingisthecommandtoshowroutinginformation:

C:\> route PRINT

SonicWallMobileConnectforWindows10UserGuide

MonitoringVPNConnectionsinWi ndows

DisplayingDNSInformation

Thefollowingisanexampleshowing DNSinformation:

C:\> netsh name show effectivepolicy

DNS Effective Name Resolution Policy Table Settings

Note: DirectAccess settings are inactive when this computer is

inside a corporate network.

Settings for .example.com

-----------------------------------------------------------------

-----

Generic (DNS Servers):

192.168.200.20

192.168.200.21

Generic (VPN Trigger): disabled

Settings for vpn.example.com

-----------------------------------------------------------------

-----

Generic (DNS Servers):

Generic (VPN Trigger): disabled

NOTE:TheproperDNSinformationfortheVPNconnectionisdisplayedusingthenetsh name show

effective policycommand.TheipconfigcommanddoesnotshowthecompletesetofDNS

informationandshouldnotbereliedupon.

SonicWALL Mobile Connect User guide

Related papers

Other documents