Many Windows Mobile devices support two methods of connecting to a network:

These connection types affect how to manage the devices and how they interact with your company infrastructure.

The Mobile virtual private network (VPN) for the managed Windows Mobile device uses the best Internet connection available when it connects to Mobile Device Manager (MDM) Gateway Server. If a better connection becomes available, the device does not change automatically. As an example, a device connected through Mobile VPN over a cellular connection to MDM Gateway Server continues to use the cellular connection even if a Wi-Fi connection becomes available. However, if the cellular connection becomes unavailable, the Mobile VPN transitions seamlessly to the best communication channel available.

To minimize battery consumption, if the Mobile VPN connects over Wi-Fi, the device may disable Wi-Fi when the device goes into hibernation. If this occurs, the Mobile VPN can connect to MDM Gateway Server over the cellular connection if it is available.

The following illustration shows how the device can use the two connection types to access MDM Gateway Server in your organization.

The following list identifies the main access connection routes for a device:

For both internal and external gateway connections, we recommend that the network administrators for your company configure a firewall between MDM Gateway Server and your company internal resources. This configuration gives you a finer level of control over how you manage network traffic between the internal resources and the Windows Mobile devices.