SonicWall Mobile Connect ios 5.0.0 October 2017 These release notes provide information about the SonicWall Mobile Connect ios 5.0.0 release. Topics: About Mobile Connect ios 5.0.0 Supported Platforms New Features Resolved Issues Known Issues Product Licensing Upgrading Information SonicWall Support About This Document About Mobile Connect ios 5.0.0 SonicWall Mobile Connect 5.0.0 for ios is a major release. See the New Features and Resolved Issues sections for details. SonicWall Mobile Connect 5.0.0 for ios is an app for Apple ios devices that enables secure mobile connections to private networks protected by SonicWall security appliances. 1
Supported Platforms Topics: Apple Product Support SonicWall Appliance Support Apple Product Support SonicWall Mobile Connect 5.0.0 for ios is supported on the following Apple ios devices: Device Minimum ios Version iphone X ios 11 iphone 8 Plus ios 11 iphone 8 ios 11 iphone 7 Plus ios 10 iphone 7 ios 10 iphone 6s Plus ios 9 iphone 6s ios 9 iphone SE ios 9 iphone 6 Plus ios 9 iphone 6 ios 9 iphone 5s ios 9 iphone 5c ios 9 iphone 5 ios 9 iphone 4S ios 9 iphone 4 ios 9 ipad Pro ios 9 ipad Air 2 ios 9 ipad Air (5th generation) ios 9 ipad (4th generation) ios 9 ipad (3rd generation) ios 9 ipad 2 ios 9 ipad mini 4 ios 9 ipad mini 3 ios 9 ipad mini (2nd generation) ios 9 ipad mini ios 9 ipod touch (5th generation or later) ios 9 NOTE: Devices running ios 8 or earlier with earlier versions of SonicWall Mobile Connect cannot update to Mobile Connect 5.0.0 for ios from the App Store unless they are upgraded to ios 9 or newer. 2
SonicWall Appliance Support SonicWall Mobile Connect 5.0.0 for ios is a free app, but requires a concurrent license on one of the following SonicWall solutions to function properly: 1 SonicWall firewall appliances including the TZ, NSA, E-Class NSA, and SuperMassive running SonicOS 5.8.1.0 or higher 2 Secure Mobile Access (SMA) 100 Series appliances, formerly called SonicWall Secure Remote Access (SRA), running 7.5 or higher 3 Secure Mobile Access (SMA) 1000 Series appliances, formerly called SonicWall E-Class Secure Remote Access (SRA), running 10.7 or higher New Features The following new features have been added in Mobile Connect 5.0 for ios: ios 11 Compatibility Mobile Connect has adopted the bold, dynamic new style elements introduced in ios 11 including large title bars, landscape tab bars and more. Network Extension Support Mobile Connect now leverages Apple s current VPN framework, called Network Extension, to allow for more reliable VPN connectivity on ios devices. After upgrading to the 5.0 version, Mobile Connect may need to be re-provisioned, including updating VPN connection configurations and certificates (if applicable). Secure Web Bookmarks Web bookmarks can now be launched within Mobile Connect instead of launching a 3 rd party browser, allowing for a seamless and more secure user experience. Secure Web Boomarks also support SSO and require a connection to a VPN server with software that supports the secure web bookmark policy. Additional Touch ID Support Mobile Connect now supports Touch ID for VPN connections to supported SMA 1000 Series servers. Global HA Support Mobile Connect contains updates for the global high availability and disaster recovery capabilities for VPN connections to SMA 1000 Series servers running 12.1 or newer firmware. Resolved Issues This section provides a list of resolved issues in this release. Resolved Issue Multiple duplicate connection profiles can be created with the same name. Occurs when creating connection profiles with the same name for SMA 100 Series. Also occurs when creating connection profiles with the same name for SonicWall firewalls. Issue ID 186512 3
Resolved Issue Mobile Connect ios is not working properly during a GTO failover in an SMA 12.1 high availability deployment. Occurs when Mobile Connect is enabled on devices running ios 7 or 8, which are connected to a GTO appliance in a Global HA deployment, and then that appliance is restarted. Instead of connecting to the next closest GTO appliance, the device running ios 7 waits for the same appliance to come up and reconnects to it, while the device running ios 8 remains disconnected. Authentication fails with RSA/Vasco in combination with certificate authentication on SMA 100 series. Occurs when using one of the interactive modes, such as the RSA new PIN prompt. Resource access fails although tunnel is up to SMA 100 series or SonicWall firewall. Occurs when phone running Mobile Connect is locked and tunnel is idle for 20 minutes or more. Issue ID 177201 166485 165964 Known Issues This section provides a list of known issues in this release. Known Issue Mobile Connect Credential Caching is automatically set to ON, and Touch ID is requested during connection even after disabling the Credential Caching option. Occurs when Credential Caching is initially enabled in Mobile Connect with the At User s Discretion option enabled on an SMA 1000 series appliance and Mobile Connect successfully connects using Touch ID, and then Mobile Connect is disconnected, the profile is edited to to disable Connection Caching, and then Mobile Connect connects again to the same appliance. HTTP, HTTPS, HTML5 RDP, VNC, Telnet and SSH bookmarks are not launched within the Mobile Connect app. The bookmark is launched with a third-party app instead of the built-in Mobile Connect web browser. Occurs when the bookmark is configured on a SMA 1000 series appliance running SMA 12.1 with the Use mobile connect secure web browser option, and then the bookmark is accessed with the Mobile Connect 5.0 app. The Mobile Connect device ID changes, causing ID-based EPC checks to fail and the user cannot log into the SMA appliance. Occurs when the device ID is already registered with the SMA appliance, and then the Mobile Connect app is upgraded to 5.0. Connecting to a profile containing the username and password prompts for the password after upgrade. Occurs when a profile with a saved username and password is created in Apple Configurator 2 for use on an SMA 100 series appliance, Mobile Connect can connect to the profile without being prompted for a password, and then Mobile Connect is upgraded to 5.0. RDP, VNC, SSH and Telnet Bookmarks will not launch due to a security feature in ios 10 and above that prevents secure connections to servers with untrusted SSL certificates. Occurs when the SMA server uses an untrusted, self-signed SSL certificate. Issue ID 189993 189936 187932 187785 186562 4
Product Licensing SonicWall Mobile Connect 5.0.0 for ios is a free app with no licensing required, but requires a concurrent license on a SonicWall appliance to function properly. For more information, see SonicWall Appliance Support. Upgrading Information Devices running ios 8 or earlier with earlier versions of SonicWall Mobile Connect cannot update to Mobile Connect 5.0.0 for ios from the App Store unless they are upgraded to ios 9 or newer. For more information, see Apple Product Support. SonicWall Support Technical support is available to customers who have purchased SonicWall products with a valid maintenance contract and to customers who have trial versions. The Support Portal provides self-help tools you can use to solve problems quickly and independently, 24 hours a day, 365 days a year. To access the Support Portal, go to https://www.sonicwall.com/support. The Support Portal enables you to: View knowledge base articles and technical documentation View video tutorials Access MySonicWall Learn about SonicWall professional services Review SonicWall Support services and warranty information Register for training and certification Request technical support or customer service To contact SonicWall Support, visit https://www.sonicwall.com/support/contact-support. 5
About This Document Legend WARNING: A WARNING icon indicates a potential for property damage, personal injury, or death. CAUTION: A CAUTION icon indicates potential damage to hardware or loss of data if instructions are not followed. IMPORTANT, NOTE, TIP, MOBILE, or VIDEO: An information icon indicates supporting information. Last updated: 10/9/2017 232-004057-00 Rev A Copyright 2017 SonicWall Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. SonicWall is a trademark or registered trademark of SonicWall Inc. and/or its affiliates in the U.S.A. and/or other countries. All other trademarks and registered trademarks are property of their respective owners. The information in this document is provided in connection with SonicWall Inc. and/or its affiliates products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of SonicWall products. EXCEPT AS SET FORTH IN THE TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, SONICWALL AND/OR ITS AFFILIATES ASSUME NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON- INFRINGEMENT. IN NO EVENT SHALL SONICWALL AND/OR ITS AFFILIATES BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF SONICWALL AND/OR ITS AFFILIATES HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SonicWall and/or its affiliates make no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserve the right to make changes to specifications and product descriptions at any time without notice. SonicWall Inc. and/or its affiliates do not make any commitment to update the information contained in this document. For more information, visit https://www.sonicwall.com/legal. To view the SonicWall End User Product Agreement, go to: https://www.sonicwall.com/en-us/legal/license-agreements. Select the language based on your geographic location to see the EUPA that applies to your region. 6