3. Aruba VIA 2.0 Mac Edition | User Guide | 1
Contents
About this Guide....................................................................................................................3
VIA Connection Manager.......................................................................................3
How it Works...................................................................................................3
Compatibility Matrix...............................................................................................4
Installing the VIA Connection Manager .................................................................5
Chapter 1 VIA Configuration.....................................................................................9
Before you Begin...................................................................................................9
Authentication Mechanisms for Aruba VIA 2.0 Mac Edition..................................9
IKEv1...............................................................................................................9
IKEv2...............................................................................................................9
Configuring VIA Settings......................................................................................10
Using ArubaOS WebUI to Configure VIA ......................................................10
Install PEFV license ................................................................................10
Create VIA User Roles ............................................................................10
Create VIA Authentication Profile ...........................................................11
Create VIA Connection Profile................................................................12
Configure VIA Web Authentication .........................................................13
Associate VIA Connection Profile to User Role......................................14
Rebranding VIA and Uploading VIA Installers ........................................15
Using CLI to Configure VIA ...........................................................................16
Create VIA Roles.....................................................................................16
Create VIA Authentication Profiles .........................................................16
Create VIA Connection Profiles ..............................................................17
Configure VIA Web Authentication .........................................................17
Associate VIA Connection Profile to User Role......................................17
Rebranding VIA and Uploading VIA Installers ........................................17
Chapter 2 End User Instructions............................................................................19
Pre-requisites ......................................................................................................19
Downloading VIA .................................................................................................19
Installing VIA ........................................................................................................20
Using VIA .............................................................................................................20
Connection Details Tab.................................................................................21
Diagnostic Tab ..............................................................................................21
Download and Clear Profile Button...............................................................21
Send Logs Button .........................................................................................22
Uninstalling VIA....................................................................................................22
Configruing Certificates ACL...............................................................................22
5. Aruba VIA 2.0 Mac Edition | User Guide Figures | 1
Figures
Figure 1 Welcome Page for Installation...............................................................................5
Figure 2 License Agreement................................................................................................5
Figure 3 License Agreement Prompt...................................................................................6
Figure 4 Standard Install......................................................................................................6
Figure 5 Install Success Page .............................................................................................6
Figure 6 Connection Details ................................................................................................7
Figure 7 VIA - Associate User Role to VIA Authentication Profile .....................................11
Figure 8 VIA - Creating a new server group for VIA authentication profile........................11
Figure 9 VIA - Enter a name for the server group..............................................................12
Figure 10 VIA - Create VIA Connection Profile ....................................................................12
Figure 11 VIA - Select VIA Authentication Profile ................................................................14
Figure 12 VIA - Associate VIA Connection Profile to User Role ..........................................15
Figure 13 VIA - Customize VIA logo, Landing Page, and download VIA Installer ...............15
Figure 14 Login to Download VIA........................................................................................20
Figure 15 Downloading VIA set up file after authentication.................................................20
Figure 16 VIA Connection Manager GUI .............................................................................21
6. 2 | Figures Aruba VIA 2.0 Mac Edition | User Guide
7. Aruba VIA 2.0 Mac Edition | User Guide About this Guide | 3
About this Guide
Virtual Intranet Access (VIA) is part of the Aruba remote networks solution targeted for teleworkers and
mobile users. VIA detects the user’s network environment (trusted and un-trusted) and automatically
connects the user to their enterprise network. Trusted networks typically refer to protected office networks
that allow users to directly access corporate intranet. Un-trusted networks are public Wi-Fi hotspots such
as airports, cafes, or home network. The VIA solution comes in two parts—VIA connection manager and the
controller configuration.
VIA connection manager—Teleworkers and mobile users can easily install a light weight application on
their computers running on MacOSX to connect to their enterprise network from remote locations (see
“VIA Connection Manager” on page 3).
Controller configuration—To set up virtual intranet access for remote users, you must configure your
controller with user roles, and authentication and connection profiles. You can use either the WebUI or
CLI to configure your controller (see “VIA Configuration” on page 9).
VIA requires the PEFV license and is supported on the M3, 3000 Series, and 600 Series controller.
This chapter includes the following topics:
“VIA Connection Manager” on page 3
“Compatibility Matrix” on page 4
“Installing the VIA Connection Manager” on page 5
“Configuring VIA Settings” on page 10
VIA Connection Manager
If a user is connected from a remote location that is outside of the enterprise network, VIA automatically
detects the environment as un-trusted and creates a secure IPSec connection between the user and the
enterprise network. When the user moves into the trusted network, VIA detects the network type and
moves to idle state by dropping the IPSec connection.
How it Works
VIA provides a seamless connectivity experience to users when accessing an enterprise or corporate
resource, for example workstation or server, from an un-trusted or trusted network connection. By default,
VIA is launched automatically at system start and establishes a remote connection. Table 1 on page 3
explains the typical behavior:
Table 1 VIA Connectivity Behavior
User action/environment VIA’s behavior
The client or user moves from a trusted to un-trusted
environment. For example, from office to a public hot-
spot.
Auto-launches and establishes connection to remote
network.
8. 4 | About this Guide Aruba VIA 2.0 Mac Edition | User Guide
Compatibility Matrix
The following table shows the compatibility of VIA 2.0 for Mac.
The client moves from an un-trusted to a trusted
environment.
Auto-launch and stay idle. VIA does not establish remote
connection. You can, however, manually connect to a
network by selecting an appropriate connection profile from
the Settings tab.
While in an un-trusted environment, user disconnects
the remote connection.
Disconnects gracefully.
User moves to a trusted environment. Stays idle and does not connect.
User moves to an un-trusted environment Stays idle and does not connect. This usually happens, if
the user has in a previous occasion disconnected a secure
connection by clicking the Disconnect button in VIA. Users
can manually connect using one of the following methods:
1. Right-click on the VIA icon in the system tray and select
the Restore option and then select the Connect option
to connect using the default connection profile.
2. Right-click on the VIA icon in the system tray and select
the Connect option.
In an un-trusted environment, user restarts the
system.
Auto-launches and establishes remote connection.
In an un-trusted environment, user shuts down the
system. Moves to a trusted environment and restarts
system.
Auto-launches and stays idle.
Table 1 VIA Connectivity Behavior
User action/environment VIA’s behavior
The events do not always occur in the order shown in the Table 1 on page 3.
Table 2 VIA Compatibility Matrix
ArubaOS Version
Operating Systems
Mac 10.7.X Mac 10.8.X
ArubaOS 5.0.X Compatible Compatible
ArubaOS 6.0.x Compatible Compatible
ArubaOS 6.1.x Compatible Compatible
ArubaOS 6.2.x Compatible Compatible
9. Aruba VIA 2.0 Mac Edition | User Guide About this Guide | 5
Installing the VIA Connection Manager
Users can download VIA from a URL provided by their local system administrators and install it on their
computers. Alternatively, administrators can install VIA by using a system management software.
Perform the following steps to install a VIA client on Apple MacOSX. Ensure that you have met the “Pre-
requisites” on page 19 before proceeding with the installation.
1. Double-click the downloaded set up file macviainstaller.pkg to start the installation process.
The Welcome page of the VIA Installation wizard appears..
Figure 1 Welcome Page for Installation
2. Click Continue.
The License Agreement page appears.
Figure 2 License Agreement
3. Click Continue.
The License Agreement prompt appears.
For information about the VIA Connection Manager and OS compatibility, see Chapter 2, “End User Instructions”
on page 19.
10. 6 | About this Guide Aruba VIA 2.0 Mac Edition | User Guide
Figure 3 License Agreement Prompt
4. Click Agree.
The Standard Install page appears.
Figure 4 Standard Install
5. Click Install.
After the successful installation, the page indicating successful installation appears.
Figure 5 Install Success Page
6. Click Close to complete the installation.
After the installation is complete, the connection details pop-up window appears.
11. Aruba VIA 2.0 Mac Edition | User Guide About this Guide | 7
Figure 6 Connection Details
7. Enter the following details:
a. Remote server URL—Obtain this URL from the system administrator. The administrator can also
provision the URL on the controller. In such cases, provide the username and password.
b. Username—Domain user name of the user.
c. Password—Domain password of the user.
8. Click Connect to initiate a secure VIA connection.
12. 8 | About this Guide Aruba VIA 2.0 Mac Edition | User Guide
13. Aruba VIA 2.0 Mac Edition | User Guide VIA Configuration | 9
Chapter 1
VIA Configuration
The VPN settings must be configured before configuring VIA. For information on configuring VPN settings
on your controller, see Virtual Private Networks chapter in the latest ArubaOS user guide .
This chapter includes the following topics:
“Before you Begin” on page 9
“Authentication Mechanisms for Aruba VIA 2.0 Mac Edition” on page 9
“Configuring VIA Settings” on page 10
Before you Begin
The following ports must be enabled before configuring the VIA controller.
TCP 443—During the initializing phase, VIA uses HTTPS connections to perform trusted network and
captive portal checks against the controller. It is mandatory that you enable port 443 on your network to
allow VIA to perform these checks.
UDP 4500—Required for IPSec transport.
Authentication Mechanisms for Aruba VIA 2.0 Mac Edition
Authentication is performed using IKEv1 and IKEv2 methods.
IKEv1
In IKEv1, phase 0 authentication, which authenticates the VPN client, can be performed using either a pre-
shared key or an X.509 certificate (the X.509 certificate must appear in the operating system’s “user”
certificate store.) If certificates are used for IKE phase 0 authentication, it must be followed by username
and password authentication.
The second authentication phase is performed using xAuth, which requires a username and password. The
username and password is authenticated against the controller’s internal database, a RADIUS server, or an
LDAP server. If a RADIUS server is used, it must support the PAP protocol.
Support for two-factor authentication such as token cards is provided in VIA 2.0. Token product such as
RSA tokens and other token cards are also supported. This includes support for new-pin and next-pin.
IKEv2
IKEv2 is an updated version that is faster and supports a wider variety of authentication mechanisms. IKEv2
has only single phase authentication process. VIA supports the following IKEv2 authentication methods:
X.509 certificate. Controllers running ArubaOS 6.1 or greater support OCSP for the purpose of validating
a certificate that has not been revoked.
EAP (Extensible Authentication Protocol) including EAP-TLS and EAP-MSCHAPv2.
14. 10 | VIA Configuration Aruba VIA 2.0 Mac Edition | User Guide
Configuring VIA Settings
The following steps are required to configure your controller for VIA. These steps are described in detail in
the subsections that follow.
1. Install PEFV license—ArubaOS allows you to connect to the VIA controller using the default user
roles. However, to configure and assign specific user roles you must install the Policy Enforcement
Firewall Virtual Private Network (PEFV) license.
2. Create VIA User Roles—VIA user roles contain access control policies for users connecting to your
network using VIA. You can configure different VIA roles or use the default VIA role—default-via-
role.
3. Create VIA Authentication Profile—A VIA authentication profile contains a server group for
authenticating VIA users. The server group contains the list of authentication servers and server rules
to derive user roles based on the user authentication. You can configure multiple VIA authentication
profiles and/or use the default VIA authentication profile created with Internal server group
4. Create VIA Connection Profile— A VIA connection profile contains settings required by VIA to
establish a secure connection to the controller. You can configure multiple VIA connection profiles. A
VIA connection profile is always associated to a user role and all users belonging to that role will use
the configured settings. If you do not assign a VIA connection profile to a user role, the default
connection profile is used.
5. Configure VIA Web Authentication—A VIA web authentication profile contains an ordered list of VIA
authentication profiles. The web authentication profile is used by end users to login to the VIA
download page (https://<server-IP-address>/via) for downloading the VIA client. Only one VIA web
authentication profile is available. If more than one VIA authentication profile is configured, users
can view this list and select one during the client login.
6. Associate VIA Connection Profile to User Role—A VIA connection profile must be associated to a
user role. Users login by authenticating against the server group specified in the VIA authentication
profile and are put into that user role. The VIA configuration settings are derived from the VIA
connection profile attached to that user role. The default VIA connection profile is used.
7. Rebranding VIA and Uploading VIA Installers—You can use a custom logo on the VIA client and on
the VIA download web page.
8. Download VIA Installer and Version File— VIA installers are available at the Aruba support site and
are uploaded to the controller or an external hosting server for download by the users. After the users
login to the VIA download page, the controller presents the appropriate VIA image version file.
Using ArubaOS WebUI to Configure VIA
The following steps illustrate configuring your controller for VIA using the WebUI.
Install PEFV license
Install the PEFV license to configure and assign user roles. For more information on licenses, see Software
Licenses chapter in the latest ArubaOS 6.1 user guide.
To install a license:
1. Navigate to Configuration > Network > Controller and select the Licenses tab on the right hand
side.
2. Paste the license key in the Add New License key text box and click Add.
Create VIA User Roles
To create VIA users roles:
1. Navigate to Configuration > Security > Access Control > User Roles.
15. Aruba VIA 2.0 Mac Edition | User Guide VIA Configuration | 11
2. Click Add to create new policies.
3. Click Done after creating the user role and click Apply to save it to the configuration.
Create VIA Authentication Profile
To create an authentication profile to authenticate users against a server group:
1. Navigate to Configuration > Security > Authentication > L3 Authentication.
2. Under the Profiles section, expand the VIA Authentication Profile option. You can configure the
following parameters for the authentication profile:
Table 3 VIA - Authentication Profile Parameters
Parameter Description
Default Role The role that will be assigned to the authenticated users.
Max Authentication Failures Specifies the maximum authentication failures allowed. The default is 0 (zero).
Description A user friendly name or description for the authentication profile.
3. To create a new authentication profile:
a. Enter a name for the new authentication profile under the VIA Authentication Profiles section and
click Add.
b. Expand the VIA Authentication Profiles option and select the new profile name.
4. To modify an authentication profile, select the profile name to configure the default role
The following figure uses the default authentication profile.
Figure 7 VIA - Associate User Role to VIA Authentication Profile
5. To use a different server group, Click Server Group under VIA Authentication Profile and select New to
create a new server group.
Figure 8 VIA - Creating a new server group for VIA authentication profile
6. Enter a name for the server group.
16. 12 | VIA Configuration Aruba VIA 2.0 Mac Edition | User Guide
Figure 9 VIA - Enter a name for the server group
Create VIA Connection Profile
To create VIA connection profile:
1. Navigate to Configuration > Security > Authentication > L3 Authentication tab. Click the VIA
Connection Profile option and enter a name for the connection profile.
Figure 10 VIA - Create VIA Connection Profile
2. Click on the new VIA connection profile to configure the connection settings. You can configure the
following options for a VIA connection profile.
Table 4 VIA - Connection Profile Options
Configuration Option Description
VIA Servers Enter the following information about the VIA controller.
Hostname/IP Address: This is the public IP address or the DNS hostname of
your VIA Server / controller. You can connect to this remote server using the IP
address or the hostname.
Internal IP Address: This is the IP address of any of the VLAN interface IP
addresses belonging to this VIA server.
Description: This is a human-readable description of the VIA server.
Click Add after entering all the details. If you have more than one VIA controller you
can re-order them by clicking the Up and Down arrows.
To delete a VIA server from the list, select a server and click Delete.
VIA Authentication Profiles
to provision
This is the list of VIA authentication profiles displayed to users in the VIA client. See
“Create VIA Authentication Profile” on page 11.
Select an authentication profile and click Add to add to the authentication
profiles list.
Change the order of the list by clicking the Up and Down arrows, if required.
To delete an authentication profile, select a profile name and click Delete.
17. Aruba VIA 2.0 Mac Edition | User Guide VIA Configuration | 13
Configure VIA Web Authentication
To configure VIA web authentication profile:
1. Navigate to Configuration > Security > Authentication > L3 Authentication tab.
VIA tunneled networks Refers to a list of network destination (IP address and netmask) that the VIA client
tunnels through the controller. All other network destinations are reachable directly
by the VIA client.
Enter an IP address and network mask. Click Add to add them to the tunneled
networks list.
To delete a network entry, select the IP address and click Delete.
VIA IKE V2 Policy Refers to list of available IKEv2 policies.
VIA IKE Policy Refers to list of IKE policies that the VIA Client has to use to connect to the
controller. These IKE policies are configured under Configuration > Advanced
Services > VPN Services > IPSEC > IKE Policies.
Enable IKEv2 Enables the use of IKEv2 policies for VIA when selected.
IKEv2 Authentication
method.
Refers to lists all IKEv2 authentication methods.
VIA IPSec V2 Crypto Map Refers to lists all IPSec V2 that the VIA client uses to connect to the controller.
VIA IPSec Crypto Map Refers to list of IPSec Crypto Map that the VIA client uses to connect to the
controller. These IPSec Crypto Maps are configured in CLI using the crypto-
local ipsec-map <ipsec-map-name> command.
VIA Client Network Mask Refers to the network mask that must be set on the client after the VPN connection
is established.
Default: 255.255.255.255
VIA Client DNS Suffix List Refers to the DNS suffix list (comma separated) that must be set on the client once
the VPN connection is established.
Default: None.
VIA Support E-mail Address Refers to the support e-mail address to which VIA users send client logs.
Default: None.
Client Auto-Login Enables VIA client to auto login and establishs a secure connection to the controller
when selected.
Default: Enabled
Enable split-tunneling Enables split tunneling when selected.
If enabled, all traffic to the VIA tunneled networks (Step 3 in this table) will go
through the controller and the rest is bridged directly on the client.
If disabled, traffic flows through the controller.
Default: off
Allow user to save
passwords
Enables users to save passwords entered in VIA when selected.
Default: Enabled
VIA max session timeout Refers to the maximum time (minutes) allowed before the VIA session is
disconnected.
Default: 1440 min
Table 4 VIA - Connection Profile Options
Configuration Option Description
18. 14 | VIA Configuration Aruba VIA 2.0 Mac Edition | User Guide
2. Expand VIA Web Authentication and click on default profile.
You can have only one profile (default) for VIA web authentication.
3. Select a profile from VIA Authentication Profile drop-down list box and click Add.
To re-order profiles, click the Up and Down button.
To delete a profile, select a profile and click Delete.
4. If a profile is not selected, the default VIA authentication profile is used.
Figure 11 VIA - Select VIA Authentication Profile
Associate VIA Connection Profile to User Role
To associate a VIA connection profile to a user role:
1. Navigate to Configuration > Security > Access Control > User Roles tab.
2. Select the VIA user role (See “Create VIA User Roles” on page 10) and click Edit.
3. In the Edit Role page, navigate to VIA Connection Profile and select the connection profile from the
drop-down list box and click Change.
4. To save changes to the configuration, click Apply.
19. Aruba VIA 2.0 Mac Edition | User Guide VIA Configuration | 15
Figure 12 VIA - Associate VIA Connection Profile to User Role
Rebranding VIA and Uploading VIA Installers
You can rebrand the VIA client and the VIA download page with your custom logo and HTML page. You can
also upload latest versions of VIA installers.
Figure 13 VIA - Customize VIA logo, Landing Page, and download VIA Installer
Download VIA Installer and Version File
To download the VIA installer and version file:
1. Navigate to Configuration > Advanced Services > VPN Services > VIA tab.
2. Under VIA installers for various platforms section, click macviainstaller.pkg to download the
installation file.
Upload VIA Installer
To upload a new VIA installer:
1. Navigate to Configuration > Advanced Services > VPN Services > VIA tab.
2. Under Upload new VIA Installers, browse and select the installer from your computer. Click Upload
to upload the installer to the controller.
20. 16 | VIA Configuration Aruba VIA 2.0 Mac Edition | User Guide
Customize Logo
To use a custom logo on the VIA download page and on the VIA client:
1. Navigate to Configuration > Advanced Services > VPN Services > VIA tab.
2. Under the Customize Logo section, browse and select a logo from your computer. Click Upload to
upload the image to the controller.
To use the default Aruba logo, click Reset.
Customize the Landing Page for Web-based Login
To use a custom landing page for VIA web login:
1. Navigate to Configuration > Advanced Services > VPN Services > VIA tab.
2. Under Customize Welcome HTML section, browse and select the HTML file from your computer. Click
Upload to upload the image to the controller. The following variables are used in the custom HTML file:
All variables in the custom HTML file have the following notation
<% user %>: this will display the username.
<% ip %>: this will display the IP address of the user.
<% role %>: this will be display the user role.
<% logo %>: this is the custom logo (Example: <img src="<% logo %>">)
<% logout %>: the logout link (Example: <a href="<% logout %>">VIA Web Logout</a>)
<% download %>: the installer download link (Example: <a href="<% download %>">Click here
to download VIA</a>)
To use the default welcome page, click Reset.
3. Click Apply to continue.
Using CLI to Configure VIA
The following steps illustrate configuring VIA using CLI. Install your Policy Enforcement Firewall Virtual
Private Network (PEFV) license key.
(host) (config)# license add <key>
Create VIA Roles
(host) (config) #user-role example-via-role
(host) (config-role) #access-list session "allowall" position 1
(host) (config-role) #ipv6 session-acl "v6-allowall" position 2
Create VIA Authentication Profiles
(host) (config) #aaa server-group "via-server-group"
(host) (Server Group "via-server-group") #auth-server "Internal" position 1
(host) (Server Group "via-server-group") #aaa authentication via auth-profile default
(host) (VIA Authentication Profile "default") #default-role example-via-role
The installer package should be a .arb file for the controller to accept the package. This is the installer package
wrapped/signed with an Aruba signature.
Commands that achieve specific task are described in this section. For detailed information on the VIA command
line options, see the latest ArubaOS Command Reference Guide.
21. Aruba VIA 2.0 Mac Edition | User Guide VIA Configuration | 17
(host) (VIA Authentication Profile "default") #desc "Default VIA Authentication
Profile"
(host) (VIA Authentication Profile "default") #server-group "via-server-group"
Create VIA Connection Profiles
(host) (config) #aaa authentication via connection-profile "via"
(host) (VIA Connection Profile "via") #server addr 202.100.10.100 internal-ip
10.11.12.13 desc "VIA Primary Controller" position 0
(host) (VIA Connection Profile "via") #auth-profile "default" position 0
(host) (VIA Connection Profile "via") #tunnel address 10.0.0.0 netmask 255.255.255.0
(host) (VIA Connection Profile "via") #split-tunneling
(host) (VIA Connection Profile "via") #mac-credentials
(host) (VIA Connection Profile "via") #client-netmask 255.0.0.0
(host) (VIA Connection Profile "via") #dns-suffix-list example.com
(host) (VIA Connection Profile "via") #support-email via-support@example.com
Configure VIA Web Authentication
(host) (config) #aaa authentication via web-auth default
(host) (VIA Web Authentication "default") #auth-profile default position 0
You can have only one profile (default) for VIA web authentication.
Associate VIA Connection Profile to User Role
(host) (config) #user-role "example-via-role"
(host) (config-role) #via "via"
Rebranding VIA and Uploading VIA Installers
This step can only be performed using the WebUI. See “Rebranding VIA and Uploading VIA Installers” on
page 15.
22. 18 | VIA Configuration Aruba VIA 2.0 Mac Edition | User Guide
23. Aruba VIA 2.0 Mac Edition | User Guide End User Instructions | 19
Chapter 2
End User Instructions
This section of the document provides end user instructions and information on using the VIA connection
manager.
This chapter includes the following topics:
“Pre-requisites” on page 19
“Downloading VIA” on page 19
“Installing VIA” on page 20
“Using VIA” on page 20
“Uninstalling VIA” on page 22
“Configruing Certificates ACL” on page 22
Pre-requisites
Ensure that the system meets the following pre-requisites:
The systems running on the following versions of OS:
Apple Mac OSX Lion (10.7.x) version
Apple Mac OSX Mountain Lion (10.8.x) version
You have administrator privileges to install VIA.
The computer is connected to a wired or wireless network.
Downloading VIA
In a typical scenario, you will receive an e-mail from your local system administrator with details to
download VIA from a URL (controllers public IP address).
In this example, the users can download VIA setup files from https://via.bng.com/via after entering
thier corporate credentials.
VIA has been tested only with English-language versions of MacOSX. Technical support is not provided for non-
English versions.
24. 20 | End User Instructions Aruba VIA 2.0 Mac Edition | User Guide
Figure 14 Login to Download VIA
Figure 15 Downloading VIA set up file after authentication
Installing VIA
Double-click the downloaded setup file macviainstaller.pkg to start the installation process.
For information about the installation steps refer, “Installing the VIA Connection Manager” on page 5.
Using VIA
The VIA desktop application has the following options:
Connection Details Tab
Diagnostics Tab
Download and Clear Profile Button
Send Logs Button
25. Aruba VIA 2.0 Mac Edition | User Guide End User Instructions | 21
Figure 16 VIA Connection Manager GUI
Connection Details Tab
This tab provides all required details about your remote connection. After a successful connection, you can
see the assigned IP from your remote server, the profile used for the connection and other network related
information.
Disconnect—Click this button to disconnect the current remote connection. You will have to manually
connect for the next connection. VIA will not automatically start the connection.
Connection Profile—Click on the drop-down options to select an alternate connection profile.
Diagnostic Tab
Provides information on the sequence of events that happened during the recent connection.
Download and Clear Profile Button
Click this button to download the connection profiles over HTTPS when the VIA user chooses to download
profiles or click this to clear the profile.
This section also provides VIA details and other connection messages.
This button switches between Clear Profile and Download Profile based on the profile you select in
Connection Profile. If you have selected a profile in Connection Profile, this button reads as Clear
Profile. If you have not selected a profile in Connection Profile, this button reads as Download Profile.
26. 22 | End User Instructions Aruba VIA 2.0 Mac Edition | User Guide
Send Logs Button
Click Send Logs to send the list of log files collected by VIA. To enable your support team to effectively
resolve your VIA connection issues, it is mandatory that you send logs generated by VIA.
Uninstalling VIA
To uninstall VIA, execute the command sudo /usr/local/bin/macviauninstaller.sh in the Mac
terminal.
Configruing Certificates ACL
The Certificate Key Access Control List (ACL) allows the VIA VPN Agent to use key from the keychain
without requesting credentials. Certificate Key is used to sign the data while IKE communication. Perform
the following steps to configure the certificate vpnagent ACL to the users using the Mac VIA client.
1. In Mac OS, select Applications > Utilities > Keychain Access.
2. In the left-pane, under Category select Certificates.
3. In the right-pane, select Users and double-click on the name of the user.
4. Click Access Control.
5. Select the option Confirm before allowing access.
6. Verify vpnagent is listed under Always allow access by these applications:. If vpnagent is not in the
list, click + and select the folder /usr/libexec and select vpnagent.
If the default Mailclient is configured, it opens an e-mail with a log file attached to it. If the default Mailclient is not
configured, it opens an e-mail without the attachment and you must manually attach the log files to the e-mail.