@BWC thanks for the quick reply but we are using an NSA 3600. We did see the WireGuard/SMA 100 write-ups which I thought gave WG some creditability. I just came from the CEO's office we will be implementing something else very soon to fix this IOS problem if we can't answers from SW.
@Micah Is this issue ever going to be fixed? If so, when? If not we need to find another solution and toss our SMA and NSa in the trash. The issue has been known for almost 2 months starting with betas, so y'all need to work on your testing procedures (of which you obviously have none). Customers are being shown you don't test and are slow to fix production stopping issues.
But seriously... the beta program of Apple is designed for this, is incredible that they don't test it. In our case all the users affected are directors and high profile.
For using WireGuard, please open WireGuard port on firewall, and have the UDP traffic on that port be routed or NATed to SMA appliance, just like what you have done for TCP port 443. Then, WireGuard will work.
For running WireGuard, port forwarding should be enough, make sure the UDP traffic over WireGuard port is routed or NATed to SMA appliance.
I cannot the use case on your side about running Application Offloading for Exchange over WireGuard tunnel? Could you please file a support case for the issue you are facing.
Answers
@BWC thanks for the quick reply but we are using an NSA 3600. We did see the WireGuard/SMA 100 write-ups which I thought gave WG some creditability. I just came from the CEO's office we will be implementing something else very soon to fix this IOS problem if we can't answers from SW.
@BWC @TRO
Still testing but our phones can now talk to our Exchange Server via WireGuard. On your Sonicwall Firewall below are the high-level steps:
1. Port Forward WG Server
2. Address objects:
WireGuard host (IP address, LAN zone)
WireGuard network (wg0 subnet, LAN zone)
3. Routing:
-source: Any
-destination: WireGuard network
-service: Any
-interface: X0 (LAN)
-gateway: WireGuard host
I'm glad this is a high priority fix for Sonicwall because I'd hate to see how long this would take if it wasn't...
@Hypnotoad
you're sarcastic, right? It's been over a week since this vague Statement, there should be more Information available by now.
--Michael@BWC
This problem should have been resolved way earlier than this....
@Micah Is this issue ever going to be fixed? If so, when? If not we need to find another solution and toss our SMA and NSa in the trash. The issue has been known for almost 2 months starting with betas, so y'all need to work on your testing procedures (of which you obviously have none). Customers are being shown you don't test and are slow to fix production stopping issues.
I agree. This is actually beyond ridiculous at this point.
Recieved an update this morning (NL) that updates the Secure Mobile Access Client on iOS 16.1 to version 5.0.12 (5057)
This fixes the issues for us. The agent connects again to our SMA410. The status page isn't updated yet Notice: Mobile Connect Client fails to connect after upgrading to iOS 16.1 | SonicWall
The patch for this connection issue has been published on App Store now, please check https://apps.apple.com/us/app/sonicwall-mobile-connect/id466931806
The app update fixes the problem.
But seriously... the beta program of Apple is designed for this, is incredible that they don't test it. In our case all the users affected are directors and high profile.
For using WireGuard, please open WireGuard port on firewall, and have the UDP traffic on that port be routed or NATed to SMA appliance, just like what you have done for TCP port 443. Then, WireGuard will work.
Hi, Michael,
For running WireGuard, port forwarding should be enough, make sure the UDP traffic over WireGuard port is routed or NATed to SMA appliance.
I cannot the use case on your side about running Application Offloading for Exchange over WireGuard tunnel? Could you please file a support case for the issue you are facing.
ISSUE RESOLVED:
THE ISSUE WITH MOBILE CONNECT CLIENT FAILING TO CONNECT TO SMA100 AND FIREWALLS AFTER UPGRADING to iOS 16.1 VERSION ****HAS BEEN RESOLVED****
The patch for this connection issue has been published on App Store now, please check https://apps.apple.com/us/app/sonicwall-mobile-connect/id466931806