This topic provides some frequently asked questions about MDM Gateway Server.
Why won't Gateway Server work properly after importing a new certificate?
If you replaced the Gateway computer certificate or certification authority and imported the new certificate to the Gateway Web site, then you must uninstall and reinstall the Gateway Server component.
Does MDM support Gateway Server computers with only a single network adapter?
No. MDM requires two network adapters: one for communicating with external client devices, and one for communicating with internal servers. MDM does not support binding internal and external IP addresses to a single network adapter.
Can I use the MDM Mobile VPN connection to enable Exchange ActiveSync (EAS) on intranet-based Microsoft Exchange Servers?
Yes. If you want tighter security than Secure Sockets Layer (SSL) access, you can use the MDM Mobile VPN connection for double-envelope security on mobile messaging. MDM supports DirectPush in this VPN-to-EAS scenario.
Can users disable the Mobile VPN Connection?
Yes. To disable the Mobile VPN connection, on the
device, select
Settings, select
Connections, select
Mobile VPN, and then select
Disable. You can also enable or disable the Mobile VPN
connection by using the MDM VPN Diagnostics Tool. For information
about this tool, see MDM Resource Kit Tools at this Microsoft Web
site:
What are the consequences of disabling the Mobile VPN Connection?
The device is not protected because without the Mobile VPN connection, it connects to a public Internet connection. Therefore, it is exposed to all of the threats on the Internet.
Device wipes will not function because MDM sends the wipe notification through the alerting mechanism provided by MDM Gateway Server. If you disable the Mobile VPN connection, MDM Gateway Server cannot address the device.
If your company only has MDM–enrolled devices, then Microsoft Exchange Server ActiveSync is not exposed to the Internet. Therefore, if you disable the Mobile VPN connection, the device cannot connect to it.
Does MDM support Windows Mobile Device Center/ActiveSync Desktop Pass-Through connections using USB or Bluetooth?
No. MDM client devices and device emulators cannot establish Mobile VPN connections using Windows Mobile Device Center/ActiveSync Desktop Pass-Through connections.
If I establish a Windows Mobile Device Center/ActiveSync connection, what is the Mobile VPN connection status, and how is network traffic routed?
The following table summarizes how network traffic is routed when you connect the device to a desktop computer.
Mobile VPN Connection Status | Mobile VPN Connection Enabled |
---|---|
ActiveSync RNDIS Multihoming on |
|
ActiveSync RNDIS Multihoming Off |
|
ActiveSync Serial USB Multihoming on |
|
ActiveSync Serial USB Multihoming off |
|
ActiveSync Serial Bluetooth Multihoming on |
|
ActiveSync Serial Bluetooth Multihoming off |
|