on demand vpn
2 TopicsAPM: On demand VPN and SSO
Hello, We are trying to set up SSO for the on demand VPN connections coming from iOS devices running the Edge Client and can´t make it work. The user´s credentials are stored in the Edge Client and the SSO profile configured works for full tunnel VPNs, so the SSO configuration is ok. However, when the VPN connection is on demand, the credentials are not sent. I enabled the debug logging for SSO and Access Policy and, while I can see the WebSSO daemon running for full tunnel connections, for on demand VPN the daemon is not aware about the credentials request. We use kerberos as authentication protocol. The virtual server where the on demand VPNs connect has the same working SSO profile used for full tunnel. Does SSO work in conjuction with on demand VPN? What I'm missing? Thanks in advance.376Views0likes3CommentsAPM iOS Access On Demand VPN connection trigger if Domain List is empty
When the F5 VPN iOS Access client is configured to 'connect on demand', what is the behavior if there is nothing defined in the list of domains? Our observation is that it is connecting immediately and will remain connected to the VPN as long as the device is awake. If it sleeps it will reconnect when the device wakes up. While this is not what we want.. we need to add some domains to the list for 'always connect' and probably 'never connect', we were a bit surprised as we expected that it wouldn't bring the VPN connection up at all if there wasn't anything in the domain list. Simply asking for confirmation of what is designed and how it should be behaving in this setup. Thanks!287Views0likes0Comments