Return to home page
Decrease font size by 1 pointChange font to 8 pointChange font to 9 point (default)Change font to 10 pointIncrease font size by 1 point

Log in or log out
Tech Notes

Getting a New Mobility Installation Up and Running

Technical Note 2142

Last Reviewed 11-May-2007
Applies To
All versions of Mobility
 Printer-friendly version

Summary

NetMotion Mobility is a complex product but it's designed for quick installations without the need for a lot of tweaking of settings. This tech note is designed to let you know exactly what needs to be configured to get a test or pilot system up and running and where problems might come up. Here are the essentials the NetMotion Wireless Technical Support team has used over and over again to get Mobility working fast.

For a quick reference here's a summary of the recommended configuration steps. Details are below if you need to deviate from these recommendations or if you run into problems.

  1. Install and configure the server.

  2. Install the client:
    Specify the server's IP address during install

  3. Connect the client:
    Plug the client into the LAN for now

  4. Troubleshoot the connection:
    Clear up any network, authentication, or DNS issues

  5. Move the client to other networks (802.11 or WWAN):
    If going through a firewall you'll need to open up UDP port 5008

  6. Final configuration:
    If it works fine, now is a good time to add other user accounts and assign static VIPs

Step 1: Install and Configure the Server

System requirements: In general, any current desktop machine running Windows 2000 or 2003 Server is more than sufficient for a demo-sized deployment. For more details see the server readme. The server only needs one NIC.

Install the Mobility server software with all of its defaults. Choose NTLM (Windows) authentication (if you're planning on using RADIUS you can always switch later).

Very little configuration is needed on the server, but there are a couple of areas to consider: authentication and virtual IP addresses.

Authentication

Using NTLM Authentication, Mobility authenticates users against your Windows domain, or against a local Windows group called "NetMotion Users". During installation you have the choice to point the Mobility server at a Global Domain Group (whose members are allowed to connect), or to add users locally to "NetMotion Users". You can use domain or local users, but either way you'll need to authorize at least one user that you can use for testing client connections. See tech note 2177 for more details.

Virtual IP Addresses (VIPs)

Each client has a virtual IP address that resides on the Mobility server in addition to its normal, "real" IP address. These VIPs can come from one of three places:

  • DHCP

  • A pool of addresses

  • Individually assigned static addresses

Because we're interested in getting up and running quickly you should only consider the first two at this point. If you need static VIPs wait until you get everything working and configure them later.

Tip: It's easiest to use DHCP for your VIPs (the default setting). If the LAN on which the Mobility server resides has a DHCP server, skip this section and let the server acquire VIPs from DHCP.

If you don't have a DHCP server on the LAN you'll need to set up a pool of VIPs. See tech note 2166 for information on setting up a pool of virtual IP addresses.

Step 2: Install the Client

Install the Mobility client on a laptop. The only thing you'll need to do is enter the IP address of the Mobility server (don't select the "Acquire server address from DHCP" option). Reboot when prompted.

Tip: If you're planning on using Windows Mobile (Pocket PC) devices, wait until you have a working setup. By using a laptop or desktop for your initial connection you'll have a greater set of troubleshooting tools if you need them.

Step 3: Connect!

Plug the client into the LAN with the server and connect.

Tip: Using the LAN gets a lot of potential problems out of the way: 802.11 access points, firewalls, routers, etc. It's easy enough to add these in later.

Step 4: Troubleshoot the Connection

Verify that the following now works:

  1. You can connect to the Mobility server

  2. You can reach hosts by name (internal and external—try Yahoo and a local file server)

If everything is working skip to the next step, otherwise clear up the problems:

1. Can't connect
On the client double-click on the Mobility icon in the sys tray. If the status is stuck at "Connecting..." the client probably just isn't reaching the server for some reason. See tech note 2137 for instructions on how to troubleshoot this situation.

2. Login prompt reappears
If the user/password/domain prompt reappears you've reached the server but the credentials have failed. Verify that the credentials you're using are valid and that the user is in a group that's allowed to connect (either the domain group specified in the Authentication—NTLM Global Domain Group server setting, or a member of the server's "NetMotion Users" group).

The Domain field is one that's often overlooked. Mobility must authenticate users against the Windows domain that they belong to. In the case of a user created locally on the Mobility server, the name of the domain is the machine (NetBIOS) name of the server.

3. Name resolution isn't working
If you can connect but can't reach any hosts it might be a name resolution problem. Try connecting to a host by IP address rather than name. Try a mix of internal and external hosts—if you can get to web sites but not local servers it's possible DNS is working but not WINS.

If you're using DHCP for your VIPs and the client is plugged into the LAN it's rare to have DNS/WINS problems. If you are it's probably because the DHCP server isn't handing out DNS or WINS, or because there isn't a route to your DNS or WINS servers.

Step 6: Move the Client to Other Networks

Now that everything is working on the LAN, move the client to your 802.11 or WWAN network and make sure everything works.

The firewall is your main consideration when connecting from outside your LAN. NetMotion Mobility uses UDP port 5008 for all of its traffic. If connecting through a firewall you'll need to set up NAT or port forwarding on the firewall pointing traffic to the Mobility server, then configure the Mobility client to point to the external address of the server. You also need to enter the firewall address in the External Server Addresses list on the Mobility server; see tech note 2169. (In version 6.01 and earlier, this setting was called Alternate Server Addresses.)

Test your connectivity through a firewall
The Mobility XE client includes a utility that sends a ping over UDP port 5008 to the server and reports whether or not the server is reachable (Mobility uses UDP port 5008 for all of its traffic). In Mobility XE 6.50 and higher you can test connectivity from the client properties:

  1. Open the NetMotion Client Properties (right-click on the Mobility XE icon in the System tray and select Properties).

  2. Click on Diagnostics.

  3. In the Mobility Diagnostics window, click on Connectivity.

In Mobility 6.01 and earlier, use the command-line utility, Tellmes.exe.

There are two common reasons for this connectivity test to fail:

  • The firewall isn't allowing UDP 5008 traffic to go through.

  • Misconfigured routing on the Mobility server. This is usually because the server has a second NIC and the IP stack doesn't have the correct route set up to tell it where to send traffic destined for the clients.

Step 7: Final Configuration

Now that you have a working installation, try connecting another client, test roaming between networks, assign static VIPs if needed, and so on.

Installing Mobility should be a piece of cake, and using these tips will make it as painless as possible. The current record among the SEs at NetMotion Wireless for setting up a complete working installation on site is 8 minutes(!). We'll look forward to hearing whether you beat that record.

Related Information

9979

NetMotion Mobility Technical Notes

Please comment on this technical note.