30 Sep 2019

Knox Deep Dive: Advanced Virtual Private Networks (VPN) - Part 2 of 2

By Daljot Singh (Programmer Writer)

In the previous article we discussed about the differentiating features of Knox VPN and in this blog we would be shedding light on key requirements for the setup compliance. In addition, we present certain key-points to help you resolve any issues while setting up and where can you look for help.

What do target devices require to successfully run the Knox VPN framework?

The target device must have the following:

  • A VPN client integrated with the Knox VPN framework installed on the device.
  • The vendor-specific parameters for third-party VPN clients that help define the VPN profile.
  • A valid Knox license with VPNpermission— "com.samsung.android.knox.permission.KNOX_VPN_GENERIC"
  • If you want to control basic VPN configuration through the Android O Settings screen, you must download the add-on APK from Samsung and install it in the main user.

Should you install the VPN client inside or outside the Work Profile?

You can go for either option, depending upon your requirements. For example, if you have two containers created on your device, you can install the VPN client outside the Work Profile so that it is available to both containers. Conversely, if you install the VPN client inside one container, the VPN client is not available to the other container.

How do I troubleshoot VPN configuration issues?

  1. After pushing the Knox VPN client using MDM solution to your devices, verify that it appears on both the personal space and on the Work Profile on the device.
  2. Verify that your VPN credentials are correct by manually setting up VPN in the personal space.
  3. Verify that you can connect to the Knox VPN gateway.
  4. If you can't connect to the Knox VPN gateway and:
  • you are connected to a firewall, change your access point and try again.
  • you aren't connected to a firewall, try to connect to any website using the device browser. If you can't access any of the websites, contact Samsung Knox Support.
  1. If the issue persists, capture log files and contact Samsung Knox Support.

VPN Clients That Work in the Knox VPN Framework

 

  1. Cisco
  2. F5
  3. Pulse Secure
  4. BlackBerry
  5. StrongSwan
  6. OpenVPN
  7. Mobile Iron
  8. Air Watch
  9. Aruba
  10. Spectra
  11. Net Motion

 

Stay Tuned:

Talking of troubleshooting problems, our next article is on troubleshooting device issues. So keep yourself posted and keep learning.

Next steps

To learn more about: