Forum Discussion
Alexey_384
Jul 26, 2014Historic F5 Account
Starting from iOS7 the Always Connected mode works as Connect If Needed. So, if host name can be resolved without VPN, then VPN won't be established. Even if host is not available directly, but it's name is resolvable then VPN won't be established. Another reason of the fault is the required interaction. Untrusted server certificate, for example. You can set nonexistent domain and try to navigate Safari to it. If VPN is established, then you domains are resolvable directly and nothing to do. It's expected behaviour. If not, then interaction is assumed and you have to figured out the cause of it.
- chamindak_11539Jul 28, 2014NimbostratusThanks Alexey. As per my understanding, the user puts a "if needed" domain in safari, which cannot be resolved. But as the domain is included in the "if needed" list on a VPN profile in the F5 edge client, the edge client should start establishing the VPN process. However I am not seeing any traffic on the APM log at all. All goes well if I manually enable the VPN. What am I missing?
- Mike_61719Jul 28, 2014CirrusCan you please provide a few sample domains? It would help us provide you with the information needed. Are you noticing any pre-logon checks taking place? Example: If your browser can resolve abc.com, the VPN won't kick in. If your browser cannot resolve abc.com and it's on the list to connect, the VPN will kick in. If your browser cannot resolve abc.com and it's not on the list to connect, the VPN won't kick in. I had some issues before and I think it's a bug with the software, it should always utilize the VPN if it's in the configuration list.
- kunjanJul 29, 2014NimbostratusIt's not a software bug. iOS7 onwards apple don't support onDemand VPN. It fall backs to 'if Needed'. http://support.apple.com/kb/TS4550