Guys,
Sorry for not replying, but I continue to forget the get the snapshots at work. If I recall correctly, here are some steps:
- In "authentication" layer, in the "Source" column, create a combined object and add the following users agents to it: "iPhone", "iPad", and "MobileSafari"
- Select that conbined object in the source
- Set it to authentication and set auth type to "Proxy IP"
- Go back to proxy management, under the "Configuration" tab, go to "Authentication" and then select your IWA Authentication Realm.
- Edit that, in there, there is a setting for "surrogate refresh time", set that to some large number such as 8 hours or so. Remember, if you don't set the surrogate setting, it will work, but you will run into random cases where specific session does not contain a "user agent" that matches the ones you created in step # 1. The surrogate setting should resolve that conflict.
- The rest of the rules are related to your actual normal ACL to restrict the mobile devices from going where they should not.
I may be missing a step or two, forgive me, as I'm pulling this off of memory, but I will do my best to remember when I'm at work to get the details instructions on how I did it.
PS: your mobile device should point to the proxy, or if you have WCCP set, then that's a different case that I did not test the mobile device under that scenario. However, you will need to type in your credentials as well in the mobile device under the "Proxy settings", remember, when your "Domain" policy dictate the the user password must be changed every xx days, you will need to update your password in the mobile device at the same time.
Message was edited by: KojiKabuto