In dieser Seite werden die Variablen für unterschiedliche Sprachen definiert.
Diese Seite wird auf folgenden Seiten eingebunden
The settings of the profiles in the Security tab
Last adaptation to the version: 2.12 (12.2025)
New:
notemptyThis article refers to a Beta version
Partial configuration for profiles in the Mobile Security Portal.
Further information is displayed here:
| Caption |
Value |
Description
|
| Allow Suspend Always-On-VPN |
|
- Allows the user to temporary disable the VPN-Connection
- If not activated manually, the VPN will resume at a time chosen by the user
|
| Allow other VPN profiles |
|
- Allows adding other VPN profiles in addition to the security profile
|
| Authentication required after app start notempty Requirement for this feature: App version 3.1 |
|
- If activated, authentication (PIN or biometric) is required when starting the app
- This must be set by the user
|
| Activate security |
|
- To be able to use Mobile Security, the Securepoint VPN Client app is first installed automatically
- This requires either a VPP license from the Apple Business Manager or an Apple ID on the device
- notempty A corresponding message will be displayed if no VPP license is available: To use the Security / VPN feature, you need a VPP license for the Securepoint VPn Client app from Apple Business Manager
- If Cloud Shield is active, security cannot be enabled at the same time
notempty
|
| Protocol |
TCP |
- Protocol used for VPN tunnel: TCP or UDP
|
| Portfilter Type |
Open |
- Filter network traffic based on network ports:
|
| Closed |
- Only port 80 (http) and 443 (https) are enabled
|
| Selection |
- Port filter rule selection: Specify which port collections are open for network traffic:
|
|
| Port-Collection |
Port |
Protocol |
Application
|
| Administrative Tools |
21 |
TCP |
ftp
|
| 3389 |
TCP |
ms-rdp
|
| 23 |
TCP |
telnet
|
| 5900 |
TCP |
vnc
|
| 22 |
TCP |
ssh
|
| 5938 |
TCP/UDP |
teamviewer
|
| Communication |
3478-3481 |
UDP |
Skype
|
| 49152-65535 |
UDP
|
| 49152-65535 |
TCP
|
| 5222 |
TCP |
Google Push-Notifications
|
| 5223 |
UDP
|
| 5228 |
TCP
|
| VOIP |
5060 |
UDP |
SIP/RTP
|
| 7070-7089 |
UDP
|
| VPN |
1194 |
TCP |
OpenVPN
|
| 1194 |
UDP
|
| 500 |
UDP |
IPSec
|
| 4500 |
UDP & ESP
|
| 1701 |
UDP |
L2TP
|
| Mail |
25 |
TCP |
smtp
|
| 587 |
TCP
|
| 465 |
TCP |
smtps
|
| 110 |
TCP |
pop3
|
| 995 |
TCP
|
| 143 |
TCP |
imap
|
| 993 |
TCP
|
|
|
| SSL interception |
Default |
- Defines whether or not to intercept SSL traffic
- The default value is to intercept traffic based on content filter response
|
| Content-Filter Allowlist |
Add entries |
- Click box: Web pages that are to be added to a allowlist
- Possible entries: Contentfilter
|
| Content-Filter Blocklist |
Add entries |
- Click box: Websites that are to be added to a blocklist
|
| Disable for SSIDs |
Add SSIDs |
- Enter WLAN SSIDs for which the security features shall be disabled
|
| Disable for IP addresses |
Add IPs |
- IP addresses or networks can be entered for which the security functions are to be deactivated, i.e. the individual host 192.0.2.192/32 or the entire subnet 192.0.2.0/24
- For address blocks with less than three digits, a dot must be entered or navigated within the mask using the cursor keys
|
| Exclude local WLAN from VPN |
|
- If enabled, a route is added that excludes the local WLAN IP range from the tunnel
|
