Original Publication Date: 11/06/2014
In September 2014, Apple posted the release of the iOS Edge Client version 2.0.3. Users should download this new version from the app store. For operational differences with SSL VPN between iOS 8 and previous iOS releases, refer to documentation from Apple.
|463498||SAML authentication can now be performed within Edge Client to establish a VPN connection
The BIG-IPÂ® Edge ClientÂ® application for mobile devices provide the following SAML support:
|453765||The admin or the user can now specify a client certificate to be used for WebLogon.|
|346136||On Demand VPN now works with "username + password" when a user enable the "Allow Password Caching" policy on the APM server.|
|475404||A user can now create VPN configurations without requiring users to specify the user name during creation. However, a user name entered from an authentication prompt will automatically be saved in the VPN configuration if the credentials were successfully authenticated and the connection was launched by the user within Edge Client (as opposed to being launched by URL scheme or VPN-on-Demand).|
|468486||Previously, there is no way to explicitly specify the logon mode of the VPN connection. If either username or certcn is specified as one of the URL parameters, Edge Client will implicitly use the native logon mode. Web logon mode would only be used if there is no user name or certificate specified.
In version 2.0.3, a logon_mode parameter can now be specified as part of the URL parameters. It allows the user to explicitly specify the logon mode as either web or native. An error message will be shown if any of the input parameters is not valid for the specified logon mode. If no logon_mode parameter is specified, the native mode will be selected as the default.
|475017||Starting on iOS 7, domains entered in the Always Connect section have the same behavior as the Connect If Needed status. On iOS 8.x systems, domains entered in the Always Connect section are automatically moved to Connect If Needed status by the system after the VPN configuration is saved.|
|476549||The DNS address spaces are limited to 64 entries. When split tunneling is enabled, the Apple VPN framework only allow up to 64 entries for the DNS address space. Exceeding this number will generate warning messages in the device console log, such as the following:
Aug 22 10:54:18 iPad mDNSResponder <Error>: mDNS_AddDNSServer: DNS server limit of 64 reached, not adding this server Aug 22 10:54:18 iPad mDNSResponder <Error>: mDNS_AddDNSServer: DNS server limit of 64 reached, not adding this server Aug 22 10:54:18 iPad mDNSResponder <Error>: mDNS_AddDNSServer: DNS server limit of 64 reached, not adding this server .
|351545||When a user is prompted for password credentials, the cursor remains in the auto-filled username field when the cursor should be in the password field. This issue exists on the Apple Control UI.|
|464861||Previously, a user might notice the Per-App VPN connection is established but some websites or some of their content could fail to load. This issue as been fixed in 2.0.3.|
For additional information, please visit http://www.f5.com.
You can find additional support resources and technical documentation through a variety of sources.
Free self-service tools give you 24x7 access to a wealth of knowledge and technical support. Whether it is providing quick answers to questions, training your staff, or handling entire implementations from design to deployment, F5 services teams are ready to ensure that you get the most from your F5 technology.
AskF5 is your storehouse for thousands of solutions to help you manage your F5 products more effectively. Whether you want to search the knowledge base periodically to research a solution, or you need the most recent news about your F5 products, AskF5 is your source.
The F5 DevCentral community helps you get more from F5 products and technologies. You can connect with user groups, learn about the latest F5 tools, and discuss F5 products and technology.