SonicWall Mobile Connect Setup

I am trying to get the SonicWALL mobile connect setup on my iPhone. When I try to setup at the add name/server option I input the IP:port where the SonicWALL I'm trying to connect to is located also just tried the IP.

"Mobile Connect can't verify the identity of "IP Address". Would you like to continue anyway? I continue.
"IP Address" is either currently unreachable or is not a valid SonicWALL appliance.

NetExtender works on this SonicWALL.

Any help is appreciated.
LVL 1
bkisielAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bbaoIT ConsultantCommented:
better to have a screenshot for any factors not mentioned in the question.

it seems the SonicWALL device doesn't have a proper certificate installed for mobile clients to connect. or are you sure the given IP address for the firewall is a public IP?
bkisielAuthor Commented:
These are the only options I have when using the Mobile Connect app. If I go to details it has info about a certificate and I choose "Always Trust", it doesn't seem to help. The SonicWALL uses a Selfsigned Certificate.

I double checked the public IP address and it was correct.

Thanks for your help.
image1.PNG
image2.PNG
bbaoIT ConsultantCommented:
what kind of info was masked in your screenshots? IP address or FQDN?
Get Cisco Certified in IT Security

There’s a high demand for IT security experts and network administrators who can safeguard the data that individuals, corporations, and governments rely on every day. Pursue your B.S. in Network Operations and Security and gain the credentials you need for this high-growth field.

bkisielAuthor Commented:
I used the Public IP Address where the SonicWALL is located, I tried with/without the port.

I also tried the dynDNS URL that works from NetExtender - *******.thruhere.net, also with/without port but no luck.

Thanks
bbaoIT ConsultantCommented:
> I used the Public IP Address where the SonicWALL is located

so you do mean there is nothing before the SonicWALL device, or in other words the IP is assigned to the WAN interface of the SonicWALL device? if so, what does the SonicWALL's log say? ever tried tracing packets from your mobile device's (public) IP using its Diagnosis option?
Blue Street TechLast KnightCommented:
Hi bkisiel,

Here are some things to consider:
1. SSL-VPN must be configured correctly for NetExtender/Mobile Connect to work.
2. Default self-cert will work just fine. I'd recommend upgrading to a real cert via godaddy or the like for better security.
3. The port of the SSL-VPN must always be specified after a FQDN or Public IP address.

Let me know once these items have all been cleared so we can continue.
bkisielAuthor Commented:
The Public IP address is assigned to X1:V11 (X1 is WAN). When checking the log I did see an error message: destination for 255.255.255.255 is not allowed by access control, that was all the information that it gave me.

1. NetExtender works fine on the laptops.
2. The certificate that is currently setup also works for NetExtender.
3. I have used the port after when entering the IP Address.

Thanks for your help.
Blue Street TechLast KnightCommented:
Check your licensing...make sure you have enough. You can locate in the Licensing page.

Also make sure you have allocated enough IPs for the SSL-VPN.

If all the above check out and all other devices can access OK then that points to the device.
Blue Street TechLast KnightCommented:
You have to provide feedback in order for us to help you!
bkisielAuthor Commented:
For the SSL VPN License: Licensed      3  Max: 102 (I guess that means I have 3 licenses or 102?)

No one else is connected at the moment and still have the issue. (Not sure where to check to make sure there is enough available IPs)

I will get another device and try to use the mobile connect. (All devices that use NetExtender have no issues)

Thanks for your help.
Blue Street TechLast KnightCommented:
This question is probably dead now but in case it isn't. Licensed: 3  Max: 102, means you have 3 licenses and this device can support at maximum 102 licenses.

What model is this SonicWALL? and what is the SonicOS version?

Make sure your SSL-VPN is setup like this:SSL-VPN SettingsSpecifically, make sure the WAN is green by clicking on it to enable it. Specify the port and use the same port after your domain in the Mobile Connect settings.

Incidentally, it seems like a peculiarly odd setup to specify the primary public IP address to a sub-interface/VLAN. Since, you can only enable primary physical interfaces, this is your issue. Assign the Public IP address to the WAN (X1) instead of the X1:V11 and you should be able to connect.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.