Open Mobile supports a variety of network connectivity types, including Mobile Broadband, Wi-Fi, Ethernet, DSL, and dial. These types can be individually enabled in the Open Mobile Portal, to permit only the connectivity types you prefer.
Hotspot Finder: The iPass website includes a Hotspot finder that can be used to locate iPass Network access points, located at http://hotspot-finder.ipass.com/. However, Open Mobile can also be used to connect to non-iPass network access points, making Open Mobile truly a universal connection manager. When online, the Hotspot Finder can also be launched directly from within Open Mobile through the system tray icon.
iPass Hotspot Finder provides brief information about the particular network you are connecting to.
Open Mobile serves as a universal Mobile Broadband (3G) connection manager that can be used with more than 125 Mobile Broadband adapters, including embedded and external adapters. For a complete list of support devices, see the document Supported Mobile Broadband Devices, available from the iPass Portal.
In order to utilize a Mobile Broadband adapter with Open Mobile, the hardware drivers for the adapter must first be installed on the user’s machine. In addition, the card must also be activated and ready for service.
When Open Mobile detects a Mobile Broadband adapter, it will attempt to detect an available wireless signal. Detected networks will appear in the Available Networks list. The end user can then select the Mobile Broadband network and connect.
Mobile Broadband networks can also be configured for Auto-Connect.
Open Mobile can display usage statistics for Mobile Broadband adapters. (Click Options | Usage Stats.) Customers with pricing plans based on usage can quickly determine their accumulated usage.
To minimize costs, you can configure thresholds for roaming and non-roaming usage, and then have users alerted when their usage approaches or exceeds these thresholds. You can also choose to have users disconnected from the network when their usage exceeds the thresholds you set.
If the user has an SMS-compatible device, you can configure Open Mobile to receive SMS messages directly. These will be displayed in the Open Mobile interface. Users with 1.4 or later clients can also send replies to received messages.
Although over 100 Mobile Broadband device models are fully integrated in Open Mobile, the Open Device Framework (ODF) toolkit enables you to integrate and use other devices not officially supported by iPass. Consult the iPass ODF Training Workbook for more information.
Open Mobile serves as a universal Wi-Fi connection manager that can be used to connect to various types of Wi-Fi networks.
Open Mobile can be used to connect to home and other personal Wi-Fi networks.
Open Mobile only supports use of a single WLAN adapter at any one time.
Open Mobile supports the following security types:
In addition, connectivity to non-broadcast networks is supported.
Open Mobile can be used to connect to Wi-Fi hotspots that are part of the iPass network. Using Open Mobile at these locations with an accompanying iPass account allows the user to bypass the normal login and billing associated with that location.
Log in to an iPass hotspot may fail if the user's credentials need to be updated, or in rare cases, a non-iPass hotspot is incorrectly detected as an iPass hotspot because it shares an SSID with an iPass hotspot. If a login attempt to an iPass Hotspot fails, Open Mobile will provide the following choices:
Open Mobile can also be used to assist with login at hotspots that are not part of the iPass network service.
If a hotspot login procedure is needed, Open Mobile launches a small browser window that allows the user to complete the log in to that hotspot. The user can click the box next to Remember this login and Open Mobile will attempt to automatically log in whenever the user connects to that network (without launching the browser window). The user can click Launch external browser if there is any trouble viewing the page or the user prefers to log in through an external browser (such as Chrome, Internet Explorer, Firefox, or Safari). After logging in, Open Mobile will complete any other procedures that the administrator has configured for that user (such as VPN launch, Event Action launch, and so on.)
The browser login window has a non-configurable timeout of 5 minutes.
Browser login, by design, bypasses any proxy settings a user might have configured in preferred browser settings. Self-contained browser login simplifies the user experience, since the user does not need to change proxy settings temporarily to log in, and the browser does not need to rely on a proxy server.
If On-Campus Roaming (OCR) is enabled, users can log in to a corporate network with an 802.1x connection. Although Wi-Fi is ubiquitous, security and authentication standards may widely vary from location to location. OCR enables users to be more productive on a far-flung corporate campus, and allows easy access for guests and contractors, without needing to use multiple connection managers.
Campus hotspots are automatically detected and presented as Wi-Fi networks. Open Mobile sets the proper SSID and security method. OCR hotspots can include any or all of the policy enforcement settings that other Wi-Fi hotspots can include.
Open Mobile supports the following authentication types for use with OCR, on the listed Windows platforms.
Type | Windows 8 | Windows 7 | Windows Vista | Windows XP (SP3 only) |
---|---|---|---|---|
EAP-TLS | Yes | Yes | Yes | Yes |
PEAP-GTC | Yes | Yes | Yes | No |
PEAP-MSCHAPV2 | Yes | Yes | Yes | Yes |
PEAP-TLS | Yes | Yes | Yes | Yes |
TTLS-MSCHAPV2 | Yes | Yes | Yes | No |
TTLS-GTC | Yes | Yes | Yes | No |
TTLS-PAP | Yes | Yes | Yes | No |
EAP-FAST-MSCHAPV2 | Yes | Yes | Yes | No |
FAST-GTC | Yes | Yes | Yes | No |
FAST-TLS | Yes | Yes | Yes | No |
In addition, Open Mobile supports 64-bit Windows OS platforms with multiple certificate environments.
Individual Network Settings: In addition, OCR connections can be configured by individual users. A profile setting in the Open Mobile Portal enables a user to save OCR connection settings to an exportable file, which can then be collected by IT administrators for use by other users. For more information on exporting OCR settings, consult the tech note Configuring OCR with Open Mobile for Windows.
Open Mobile will detect Wi-Fi connections made with other connection managers that utilize Windows OS WLAN capabilities and can inherit such connections, becoming the connection manager of choice. The user can view the status and usage statistics for those sessions, and can even use Open Mobile to disconnect from them. An inherited connection can launch an integrated VPN, if one is configured. However, other policy settings will not be enforced.
Data is collected from inherited connections, and will be displayed in Open Mobile Insight reports.
You can make the free OpenAccess Wi-Fi access points available to your users in the iPass Portal. Use of an OpenAccess hotspot will not incur the user any cost to connect and are marked with this icon:
For some free networks, Open Mobile may display both the free, OpenAccess version and the iPass (pay) version of the network.
If a user attempts to connect to a free OpenAccess network and the connection fails, then if there is an alternate iPass network available, the user will be connected to the iPass network instead. However, depending on your access plan, there may be an additional charge incurred for connection to the iPass access point. This capability is currently not configurable.
Gogo Inflight Internet access points are found on many major airlines and may be included in the iPass directory, if your organization chose this service. Gogo Inflight requires you to enter a CAPTCHA phrase to verify a person (not a machine) requested access.
If you are using an Internet Explorer browser to connect to Gogo and a Script Error window appears, follow the instructions below:
The Auto-Connect feature lets users automatically connect to their preferred wireless networks, either by Mobile Broadband or by Wi-Fi. Networks can include Mobile Broadband, personal Wi-Fi, or iPass Wi-Fi network access points. In addition, the user can choose to prefer known Wi-Fi or instead to always select Mobile Broadband for automatic connectivity. Properly configured, Auto-Connect can make connecting to the Internet a ‘zero-click’ experience.
If Auto-Connect is enabled, Open Mobile will automatically re-connect to a network when the user is unintentionally disconnected. Auto-reconnect helps automate the connection process if the user temporarily loses signal or loses a connection because of some other factor.
You can enable Auto-Connect policies in the Open Mobile Portal. (The Auto-Connect setting for personal networks is enabled by individual users in Open Mobile, under Options.)
When multiple networks are available in the same location, Open Mobile uses a sophisticated algorithm for determining which network to choose for Auto-Connect. This algorithm chooses from the available networks using a combination of connection history, signal strength, user preference, and administrator-defined preferences.
If a user chooses to disconnect, it would not be desirable to be automatically re-connected to the same network. As a result, manually disconnecting from a network will automatically turn off Auto-Connect for all networks. Auto-Connect will be turned back on automatically after the user establishes another connection, reboots, or returns from sleep or hibernation mode.
Special rules to prefer or prohibit networks can be set for individual networks in your Wi-Fi and Mobile Broadband directories, as well as for different security types, controlling how Open Mobile will display these networks to users. Prefer and prohibit rules supersede any Network Policy settings.
Open Mobile can be used to connect to hotel Ethernet locations that are part of the iPass Network. Open Mobile users connecting at these locations can use their iPass credentials to log in and are charged at iPass rates.
The One Network at a Time (ONAAT) feature is enabled by default and controls which networks take precedence over other networks when a connection is already established. ONAAT automatically disconnects any detected Wi-Fi and Mobile Broadband sessions when an Ethernet connection is detected, to help control connectivity costs and aid in Ethernet anti-bridging. The chart below shows the result to an existing connection when a new connection is established.
Existing Connection | Second Connection Type | |||
---|---|---|---|---|
Ethernet | Wi-Fi | Inherited Wi-Fi | Mobile Broadband | |
Ethernet | N/A | Ethernet connected. All other connections terminated. | Ethernet connected. All other connections terminated. | Ethernet connected. All other connections terminated. |
Wi-Fi | Ethernet connected. All other connections terminated. | First connection is disconnected, and the second connection is established. | If both connections are on the same device, the first is disconnected and the second connection is established. If second connection is made on different Wi-Fi device, both connections are maintained and shown in Open Mobile. | First connection is disconnected, and the second connection is established. |
Inherited Wi-Fi | Ethernet connected. All other connections terminated. | Inherited Wi-Fi connection will be terminated, new Wi-Fi connection established | First connection will be terminated by Windows and second connection will be established. | Both are shown as connected. |
Mobile Broadband | Ethernet connected. All other connections terminated. | First connection is disconnected, and the second connection is established. (Note: On Windows, if the Wi-Fi connection is non-Open Mobile, both are shown as connected.) | Both are shown. Inherited Wi-Fi will be in connected/associated state. | N/A |
When enabled in the Open Mobile Portal (in Advance Mobile Broadband Settings and Advanced Wi-Fi Settings), Open Mobile allows the client to stay connected to multiple networks at a time. If this feature is enabled, for example, a user can stay connected to a Mobile Broadband or Wi-Fi network while they dock their laptop to connect by Ethernet, and then, the user will not have to re-establish the Mobile Broadband or Wi-Fi connection when they undock.
Open Mobile can be used to establish dial-up connections in more than 100 countries. If dial-up connections are enabled, the user can search for dial-up access points by country, city, and in some countries, state or prefecture. The iPass network includes ISDN access points as well; proper ISDN hardware is required for connection.
Dial-up connections may require the user to configure special settings, called dial properties. These can include the following:
Open Mobile supports DSL connectivity over PPPoE connections.
Open Mobile can be configured to detect when a user is connected to a corporate or campus network at a given venue. Corporate network detection (CND) is important if you want Open Mobile to apply VPN launch policies to users. For example, using a CND test, a user's VPN can be configured to launch when only connected to the Internet and not to a corporate network.
A variety of different test methods are available for CND testing. Typically, a CND test will involve either checking a local test criterion (such as a specific registry entry on the machine), or a remote test criterion (such as whether a specific URL can be reached). Local tests are preferred to remote tests, since these tend to be faster and do not affect network traffic. CND tests for an Open Mobile profile are configured in the Open Mobile Portal. A detailed summary of these tests is given here.
The complexity and number of tests used will depend upon the size and uniqueness of the corporate network being detected. Multiple tests can improve the chances of making a successful corporate network detection. In some cases, a combination of tests is required to determine whether Open Mobile detects a corporate network.
For example, in the course of connecting, a user could receive a DHCP IP address within the normal DHCP IP range. However, because public addressing is used, the same user could receive the same DHCP IP address on an entirely different network. By adding a second corporate network detection method, such as detection by DNS Server address, you can ensure that corporate networks are more accurately detected.
Note that configuring too many corporate network detection methods can significantly affect the performance of the Open Mobile client, as each test method uses processing time, and may use network bandwidth as well. You should use as few methods as possible to get the optimal performance results for your users.
Upon connecting, Open Mobile performs an Internet Connection network test to determine whether the user has an Internet connection. The Internet Connection test is also known as an amion (“Am I On?”) test.
By default, an HTTP request is sent to an iPass Web sniff server (sniff1.i-pass.com or sniff2.i-pass.com). If a valid response to the request is received, Open Mobile proceeds with actions requiring an Internet connection, such as VPN launch or other configured event actions. Typically, a check of these URLs requires the following:
However, for some customers, neither of these steps may be optimal for their own network requirements. For example, there may be a security issue associated with whitelisting a specific URL. In addition, alternate URLs visible to users both inside and outside the network at the same time may not be available. To accommodate such customers, in Windows 1.4.1 clients, the amion test uses these supplemental steps.
Antivirus Solutions and Amion: Some antivirus solutions can interfere with amion testing, or block it completely. You should make sure that the sniff server URLS are accessible by Open Mobile through any antivirus solution configured on the host system. You may need to whitelist the URLs in your antivirus software in order to ensure accessibility.
Go to: Open Mobile for Windows Help