NetMotion Mobility Is Now Absolute Secure Access

NetMotion Mobility is a premium enterprise mobility and Zero Trust Network Access (ZTNA) solution that delivers unrivaled capabilities and performance. It includes many features unavailable in any other secure remote access solution. It is software-based, running on Windows Server, and does not require dedicated or proprietary hardware. It also features broad client support, including Windows (Professional and Enterprise), macOS, iOS (iPhone and iPad), and Android phones and tablets.

Absolute Software

Last year NetMotion Software was acquired by Absolute Software, makers of persistent, self-healing security software. Beginning with release 12.70, NetMotion Mobility has been rebranded as Absolute Secure Access. In addition, NetMotion Mobile IQ, a comprehensive visibility and reporting tool that integrates with Mobility is now Absolute Insights for Network.

What’s New in 12.70

Absolute Secure Access v12.70 has been completely rebranded, and the management user interface (UI) has a new look and feel. The UI and endpoint agent also includes new icons. In addition, Absolute Secure Access 12.70 includes the following new features.

  • Formal support for Windows Server 2022
  • Enhanced data warehouse security controls
  • Faster Network Access Control (NAC) checks
  • Improved user and device authentication certificate selection – no more user prompts!
  • Support for iOS 16

Migration Path

Migrating from NetMotion Mobility 12.5x to Absolute Secure Access 12.70 is straightforward. However. Migrating from NetMotion Mobility releases before 12.5x will prove more challenging. Specifically, the 12.5x release introduced some significant architectural changes which prevent in-place upgrades to 12.70. With NetMotion Mobility releases before 12.5x, it is recommended to implement new infrastructure running 12.70 and migrate users to the new infrastructure.

Additional Information

Absolute Enterprise VPN and Zero Trust Network Access (ZTNA)

VIDEO: Introduction to Absolute Secure Access Enterprise VPN and ZTNA

What’s New in Absolute Secure Access 12.70

Absolute Secure Access Purpose-Built Enterprise VPN

Absolute Secure Access Purpose-Built Enterprise VPN Advanced Features In Depth

Always On VPN RADIUS Configuration Missing

Windows Server Routing and Remote Access Service (RRAS) is a popular choice for administrators deploying Always On VPN. It is easy to configure and scales out easily. Most commonly, RRAS servers are configured to use RADIUS authentication to provide user authentication for Always On VPN client connections. The RADIUS server can be Microsoft Network Policy and Access Server (NPAS, or simply NPS) or a third-party RADIUS solution. It is best to have the RADIUS service running on a server separate from the RRAS server.

RADIUS Authentication

Administrators can configure RADIUS authentication by opening the Routing and Remote Access management console (rrasmgmt.msc), right-clicking the VPN server, then choosing Properties > Security. Click the Configure button to configure authentication and accounting providers accordingly.

RADIUS Options Missing

In some cases, the administrator will notice that the option to configure RADIUS authentication and accounting servers is missing. In its place is the following error message.

“Because Network Policy Server (NPS) is installed, you must use it to configure authentication and accounting providers. To configure authentication and accounting providers, create or modify connection request policies.”

Configuration Options

It might be tempting for administrators to follow this guidance when presented with this message by opening the Network Policy management console (nps.msc) to configure it. However, that is not recommended or necessary. This message results from a common configuration error that should be corrected.

NPS Role Installed

The error message above occurs when an administrator mistakenly installs the NPAS role on the RRAS server itself. Again, this is not recommended or required. To resolve this issue, uninstall the NPS role by opening an elevated PowerShell command window and running the following command.

Uninstall-WindowsFeature NPAS

Configuration Corrupted

After removing the NPAS role from the RRAS server, administrators may encounter the following error message when configuring RADIUS authentication and accounting servers in RRAS.

“The connection request policy used for authentication and accounting configuration is corrupted. Either install Network Policy Server (NPS) and restore the connection request policy manually, or click Repair Settings to restore the connection request policy by using Windows Accounting and Windows Authentication.”

Repair Settings

To resolve this issue, click the Repair Settings button. Once complete, RADIUS authentication and accounting configuration should work as expected.

Additional Information

Always On VPN Network Policy Server (NPS) Auditing and Logging

Always On VPN Network Policy Server (NPS) Load Balancing

Always On VPN and Windows Server 2019 Network Policy Server (NPS) Bug

%d bloggers like this: