Configuring Mobile Access to Network Resources

This is a sample deployment of a Mobile Access Security Gateway with an AD and Exchange server in the internal network.

Mobile Access tunnels

Internet (external networks)

Mobile Access Security Gateway

Internal network resources, AD and Exchange servers

In this sample Mobile Access deployment, a mobile device uses a Mobile Access tunnel to connect to the internal network. The Mobile Access Security Gateway decrypts the packets and authenticates the user. The connection is allowed and the mobile device connects to the internal network resources.

Using the Mobile Access Configuration Wizard

This procedure describes how to enable and configure the Mobile Access Software Blade on a Security Gateway with the Configuration wizard. For this sample configuration, the AD user group Mobile Access contains all the users that are allowed to connect to the internal network. The deployment is based on the Sample Mobile Access Deployment.

This configuration lets these clients connect to internal resources:

• Android and iOS mobile devices
• Windows and Mac computers
• Internet browsers can open a SSL Network Extender connection to the internal network

To configure Mobile Access :

1. In SmartConsole , go to Gateways & Servers and double-click the Security Gateway object. The General Properties window opens.
2. In the General Properties > Network Security section, select Mobile Access . The Mobile Access page of the Mobile Access Configuration Wizard opens.
3. Configure the Security Gateway to allow connections from the Internet and mobile devices. Select these options:
   • Web
   • Mobile Devices - Select the required options.
   • Desktops/Laptops -Select the required options.
4. Click Next . The Web Portal page opens.
5. Enter the primary URL for the Mobile Access Portal . The default is: https://IPv4 Address of Security Gateway >/sslvpn
6. Click Next . The Applications page opens.
7. Configure the applications to show:
   1. In Web Applications , make sure Demo web application (World Clock) is selected.
   2. In Mail/Calendar/Contacts , enter the domain for the Exchange server and select:
      • Mobile Mail (including push mail notifications)
      • ActiveSync Applications
      • Outlook Web App

   The Mobile Access Portal shows links to the Demo web and Outlook Web App applications. The client on the mobile device shows links to the other applications.

   Allowing Mobile Connections

   The Mobile Access Configuration Wizard enables and configures the Mobile Access Software Blade . It is necessary to add Firewall rules to allow connections from the VPN clients on the computers and devices. Create a Host Node object for the Exchange server, all of the other objects are predefined.