Customer Support Advisories

  • Upgrade to Diagnostics version 4.10 by June 30, 2017 to ensure map access

    After June 30, 2017, Diagnostics servers prior to version 4.10 may not correctly display coverage maps, device maps, and client report mini-maps.

    Earlier Diagnostics server versions will continue collect and store location data and display reports, but due to changes with Microsoft Bing Maps, maps may not display properly after June 30, 2017. If you encounter problems where maps do not display after that date, upgrade to Diagnostics version 4.10.

    Technical Support can assist customers who want to upgrade their Diagnostics systems. For assistance planning your upgrade, or for any further questions, please contact us.

  • End-of-life for Diagnostics version 2.x

    After December 31, 2017, NetMotion Software will no longer provide support for Diagnostics version 2.x servers and clients. Customers running Diagnostics 2.x systems should upgrade to Diagnostics version 4.10 or later.

    For a current list of supported operating systems and versions, see the Product Lifecycle and Supported Operating systems page on our corporate web site: netmotionsoftware.com/support/supported-systems

    For further information or if you need to speak with our sales and tech support representatives, please contact us.

  • End-of-development for older server and client platforms

    Effective March 2017, NetMotion Software has stopped developing and testing its software products on the following platforms:

    • Microsoft Windows Server 2008 R2
    • Microsoft Windows Server 2012 (Windows Server 2012 R2 continues to be supported)
    • Apple iOS version 9.x
    • Google Android versions 4.0 through 4.3

    NetMotion Products that support these operating systems continue to be supported until the product’s published end-of-life, but maintenance releases, feature releases, and major versions of NetMotion Software will not support them.

    • Customers with a current maintenance agreement will continue to receive full support for NetMotion products until the product version they are running has reached end-of-life.
    • We encourage customers running our solutions on any of these operating systems to upgrade.
    • Technical Support can assist customers who want to upgrade to a newer, supported operating system. For assistance planning your migration, or for any further questions, please contact us.
  • End-of-life announcement for Mobility version 9.x

    NetMotion Software is providing customers with advance notice of the end of life (EOL) for the following:

    • Mobility XE 9.x servers
    • Mobility XE 9.x clients for Microsoft Windows 7

    Note: EOL for Windows Vista and Windows XP was announced in 2014

    NetMotion Software recommends that customers running Mobility 9.x begin to plan their migration to the latest version of Mobility. We will no longer provide support for version 9.x servers and Windows 7 client after January 1, 2018.

    For a current list of supported operating systems and versions, see the Product Lifecycle and Supported Operating systems page on our corporate web site.

    http://netmotionwireless.com/support#fndtn-Supported-Systems

    Thank you for being a NetMotion customer. We look forward to helping you with your migration to the latest version of Mobility.

    For further information or if you need to speak with our sales and tech support representatives, visit our website https://www.netmotionsoftware.com/ or call us directly at 206-691-5555.

    The NetMotion Team

  • Support Advisory - Mobility and Windows Defender

    On October 3, 2016, Microsoft released updates to Windows Defender, its anti-malware product for Windows 8.x and 10. The updated version of Windows Defender is incompatible with Mobility v10.7x and v11 clients. As a result, Windows Defender cannot properly update its malware signatures.

    NetMotion has released new versions of the affected Mobility clients, resolving the incompatibility. Customers who are running Windows Defender should update to the latest version of Mobility of Mobility 10.7x or 11.0x.

    Contact Support 

    If you have any further questions, contact NetMotion Technical Support:

    www.netmotionsoftware.com/support

  • Administrators should upgrade their iOS clients to version 10.72 before October 10, 2016

    Mobility 10.72 for iPhone and iPad is supported on both iOS 9 and 10. Administrators should upgrade to Mobility 10.72 before October 10, 2016. This is when NetMotion plans to release Mobility 11 for iPhone and iPad, which supports only iOS 10 and later.

    Most upgrades from Mobility 10.72 to Mobility 11 are expected to be trouble-free. Administrators should be aware of important issues surrounding licensing, certificate handling, and support for iOS 9 that may arise with the release of Mobility 11, and take appropriate steps to prepare for the transition.

    Full details of the issues and procedures for managing the upgrade process are described here.

    Administrators who want to preview the upgrade process to the version 11 iOS client can sign up for the closed beta. Please contact steve.fallin@netmotionwireless.com for more information.

  • Known Issue with Mobility 11.02 for Mac:

    Mobility users running OS X version 10.11 must recreate their configuration profiles after upgrading to Mobility 11.02. See MOB-8671 in Known and Resolved Issues

  • Problems reported with January Windows 10 update:

    January 19, 2016:
    This issue is resolved in the Mobility 10.72 client for Windows 10, released January 19, 2016.

    The Mobility 10.72 clients are immediately available on our download site and through the NetMotion Wireless deployment server. Administrators are encouraged to upgrade their Windows 10 Mobility clients and then install the Microsoft update as soon as is practical.

    On January 12, 2016, Microsoft released a cumulative update to Windows 10 that prevents users running Mobility from logging on to the Windows desktop. NetMotion has identified the problem and is in the process of implementing a solution. We will update the NetMotion support advisory page in the coming week with information on timing and availability of a fix.

    Until a fix is available, the two options for addressing the issue are to uninstall the update or uninstall Mobility.

    Administrators with Windows 10 devices can stop the installation of the patch by excluding the following packages from their regular system updates:

    • Security Update for Microsoft Windows (KB3124263)
    • Security Update for Microsoft Windows (KB3124266)

    If the Windows 10 update has been installed unintentionally, Administrators can uninstall it by following these steps:

    1. Start the machine in Safe Mode.
    2. Go to Add/Remove Programs > View Installed Updates.
    3. Uninstall the following packages:
      • Security Update for Microsoft Windows (KB3124266)
      • Security Update for Microsoft Windows (KB3124263)
    4. Reboot the machine.

    Contact Support
    Customers with any further questions can call our support team at (888) 723-2662.

  • Mobility Client Update for iOS 9

    A new Mobility client (v10.71) that supports iOS 9 is available on the Apple App Store. Apple device users should update their Mobility client to v10.71 BEFORE they upgrade to iOS 9 to ensure uninterrupted access.

    This newest version of Mobility also supports devices running iOS 7.1 and above. Mobility client versions prior to 10.71 are not supported on iOS 9. It is not necessary to update the Mobility server to run this client.

    If you any other questions or would like assistance, please contact support@netmotionwireless.com

  • Upgrading directly from Windows 7 to Windows 10 with Mobility installed is not supported

    The Mobility Windows 7 client does not run on Windows 10. Upgrading directly from Windows 7 to Windows 10 with Mobility installed is not supported. If you choose to upgrade any of your Windows 7 devices, please uninstall the Windows 7 client, upgrade the operating system, and then install the Mobility 10.71 beta client for Windows 10.

  • End of Development for Microsoft Windows Server 2008 R2

    By the end of 2015, NetMotion Wireless will stop developing and testing the Mobility and Diagnostics servers for Microsoft Windows Server 2008 R2. Solutions shipped with support for Windows Server 2008 R2 will continue to be supported, but maintenance releases, feature releases, and major versions of NetMotion Mobility and Diagnostics server software will not be released for Windows Server 2008 R2 after 2015.

    Customers running a NetMotion server on Windows Server 2008 R2 who have a current maintenance agreement will continue to receive full support until the product version they are running has reached end-of-life.

    We encourage customers running our solutions on Windows Server 2008 R2 to make plans for upgrading their platform as soon as reasonably possible.

    Technical Support can assist customers who want to upgrade their current Windows Server 2008 R2 deployment to a newer supported Microsoft server operating system. For assistance planning your migration, or for any further questions, please contact them at +1 888 723 2662.

  • Problems reported with Microsoft patch KB 3002657

    Summary
    On March 10, 2015, Microsoft released a security bulletin describing a vulnerability in Windows, and a patch to remedy the vulnerability. Since then, there have been many reports in the media describing conflicts between that patch and other security products. Mobility customers should exercise caution when applying Microsoft’s fix to their authentication server if both of the following are true:

    • You are running on a Windows 2003 domain controller.
    • You are configured for NTLM Authentication to that Windows 2003 domain controller.

    Applying Microsoft’s fix will keep Mobility client versions 10.52 or below from properly authenticating. This issue has no impact on the operation of the Mobility server, just client authentication.

    No other Mobility components are affected by this conflict. Mobility deployments configured to use other RADIUS servers, or RSA authentication are not affected by this bulletin.

    What to Do
    There are three basic ways to mitigate the impact of Mobility client and the Microsoft patch.

    1. Do not install the MS15-027 patch from Microsoft on your Windows Server 2003 authentication server. Alternately, if you’ve already installed the patch, uninstall it.
    2. Contact the support team for an approved work around.
    3. Upgrade your domain controllers for NTLM authentication to Windows Server 2008, 2008 R2 2012 or 2012 R2. The issues has not been reported on these platforms or appeared in our testing of those platforms.

    If you choose not to install the patch from Microsoft at this time, we strongly recommend that you isolate your authentication server on a trusted network.

    Contact Support
    Customers with any further questions can call our support team at (888) 723-2662.

    References

  • UPDATED: Microsoft Secure Channel Patch Conflict

    Summary
    On November 11, 2014, Microsoft released a security bulletin describing a vulnerability in the Microsoft Secure Channel security package in Windows, and a patch to remedy the vulnerability. The patch kept Mobility clients version 10.50 and earlier from connecting to Microsoft NPS and IAS authentication servers.

    A week later, on November 18, Microsoft re-released the patch, rolling back the changes that kept Mobility client versions 10.50 and below from connecting to NPS and IAS servers. NetMotion Wireless has tested the updated MS14-066 patch and found that the original conflict between the patch and the earlier Mobility clients is no longer present. In light of this, we recommend that Mobility administrators:

    1. Apply the updated patch according to their standard patching procedures.
    2. Continue with their plans to upgrade all clients to the most current version of Mobility in order to take advantage of the latest features and bug fixes.

    References

  • Microsoft Secure Channel Patch Conflict

    Summary
    On November 11, 2014, Microsoft released a security bulletin describing a vulnerability in the Microsoft Secure Channel security package in Windows, and a patch to remedy the vulnerability. Mobility customers should exercise caution when applying Microsoft’s fix to their authentication server if both of the following are true:

    • You are running Mobility client versions 10.50 or below.
    • You use Microsoft’s Network Policy Server (NPS) server or Microsoft Internet Authentication Server (IAS) for authentication.

    Applying Microsoft’s fix will keep Mobility client versions 10.50 or below from properly authenticating to either NPS or IAS. The conflict that keeps Mobility clients from authenticating is not present in Mobility client versions 10.51 or greater (released August 5, 2014). This issue has no impact on the operation of the Mobility server, just client authentication.

    No other Mobility components are affected by this conflict. Mobility deployments configured to use other RADIUS servers, NTLM, or RSA authentication are not affected by this bulletin.

    What to Do
    There are two basic ways to mitigate the impact of the conflict between older versions of the Mobility client and the Microsoft patch.

    1. Upgrade affected clients to Mobility 10.51.
    2. Do not install the MS14-066 patch from Microsoft on your NPS or IAS server. Alternately, if you’ve already installed the patch, uninstall it.

    If you choose not to install the patch from Microsoft at this time, we strongly recommend that you isolate your NPS or IAS server on a trusted network.

    Contact Support
    Customers running supported versions of Mobility for Windows Mobile or Windows CE should contact support for an update to their client software.

    Information on installing the Mobility client on all operating systems can be found here: System Administrators Guide > Mobility client installation.

    References

  • POODLE Vulnerability Bug

    In mid-October, 2014, multiple media outlets reported a serious vulnerability in the SSL v3.0 encryption protocol (POODLE, CVE-2014-3566). SSL v3.0 an older and less secure option for encrypting data sent between web servers and browsers still supported by servers and browsers for the purposes of backward compatibility. By exploiting this vulnerability, an attacker can read information encrypted with this protocol.

    Mobility is not vulnerable to the POODLE attack, neither are communications between Locality agents and the Locality server. Locality relies on Windows to determine what type of cryptography to use for securing connections to the management interface. Since many of Microsoft’s server operating systems are vulnerable, it may be possible for an attacker to read the contents of those browser sessions if all of the other conditions of the attack are met.

    Microsoft has published an advisory that addresses the POODLE attack.

    As a precaution, we recommend that administrators follow Microsoft’s recommendations for disabling the SSL v3.0 encryption algorithm on their Windows server. Doing so will not impair Locality in any way.

    As always, we encourage our customers to audit their entire infrastructure to determine if any other components require software updates. Many vendors are already providing patches to vulnerable systems.

  • Bash Shell “Shellshock” Bug

    On September 24, 2014, multiple media outlets reported a serious vulnerability in the Bash shell, a utility commonly found on Linux, UNIX, and Mac OS devices (CVE-2014-6271). By exploiting this vulnerability, an attacker can take control of a susceptible device.

    Neither Mobility nor Locality is vulnerable to this issue since we have never shipped any software that contains the Bash shell. There is no need to patch or update the client or server for any of our products.

    As always, we encourage our customers to audit their entire infrastructure to determine if any other components require software updates. Many vendors are already providing patches to vulnerable systems.

    References

  • iOS 8 Not Currently Supported by Mobility

    We will release an update to the NetMotion Mobility client that supports iOS 8 soon. NetMotion strongly recommends that all users of the Mobility client for iPhone, iPad and iPod touch remain on iOS 7.1x in order to continue to use their Mobility client, which currently supports only iOS 7.1x.

    The App Store application on your Apple devices will automatically notify users when the updated Mobility client is available for iOS 8. We will also notify customers via email and on our website.

  • Open SSL Man-in-the-Middle Attack

    On June 5, 2014, new vulnerabilities were reported in OpenSSL. Exploitation of these vulnerabilities could allow an attacker to decrypt intercepted traffic. Mobility 10.11 and earlier versions are only affected by CVE-2014-0224 when configured to use RADIUS authentication with a vulnerable RADIUS server. The advisory contains details on six vulnerabilities – Mobility is not affected by the other five advisories because it does not use the affected components.

    Mobility deployments configured to use NTLMv2, LEAP, or RSA SecurID authentication can safely disregard this advisory.

    Details
    If an attacker can intercept the authentication session between two vulnerable systems, it is possible to fool the systems into using keys based only on public information. Only if all of the following conditions are true is it possible to decrypt Mobility traffic using this exploit:

    • You are using a RADIUS server that is running one of two vulnerable versions of the OpenSSL server library (OpenSSL 1.0.1 and 1.0.2-beta1). Both the client and the RADIUS server must have vulnerable libraries for the exploit to succeed.
    • The attacker can intercept all traffic going to and from the Mobility server which requires that the attacker has control of a router on the path between the Mobility server and a Mobility client and can force all Mobility traffic through it.
    • The attacker captures the Mobility user authentication sequence and is directly targeting Mobility.

    What to Do

    • Administrators should contact their RADIUS server vendors to determine if their particular server is affected by this vulnerability and if so, whether a patch is available.
    • NetMotion is developing a patch for all affected Mobility clients so that Mobility will block the attack even if the RADIUS server is vulnerable. We will update the user community as soon as updates are available.
    • Customers should audit their entire infrastructure to determine if any other components, such as web servers or other systems using OpenSSL, require software updates.
    • Temporarily change authentication types to one that is not affected by this vulnerability.

    References

  • End of Support Announcement: Locality 1.x Client and Server Software

    On January 1, 2015, NetMotion Wireless will discontinue support for Locality Server 1.x and Locality Agent 1.x.

    For customers with these products, we offer assistance in migrating to the latest version of Locality. After January 1, 2015, we will continue to offer assistance, but we will no longer test interoperability with newer versions of our products, future operating systems (on client or server platforms), or resolve defects associated with them.

    Customers running Locality v1.x are highly encouraged to upgrade to the latest software as soon as reasonably possible. For assistance planning your migration, or for any further questions, please contact technical support at (888) 723-2662.

  • Open SSL ``Heartbleed`` Bug

    On April 7, 2014 multiple media outlets reported a vulnerability in OpenSSL (CVE-2014-0160) related to Heartbeat Extension packets (the Heartbleed bug) that can lead to data exploitation. Neither of our products, Mobility or Locality, has ever included a version of the OpenSSL library with this vulnerability. There is no need to patch or update the client or server for any of our products.

    However, we strongly encourage our customers to audit their entire infrastructure to determine if any other components require software updates, for example:

    • Any RADIUS server authenticating via EAP-TLS or PEAP, whether collocated or not
    • An OpenVPN access server
    • Any application collocated with the Mobility server

    References:

  • Open SSL ``Heartbleed`` Bug and OpenVPN

    According to OpenVPN, the access server accessible from your Mobility console may be vulnerable. We’ve shipped support for two versions:

    • V1.6.1 – NOT VULNERABLE
    • V1.8.4 – VULNERABLE

    We have validated the least intrusive fix for v1.8.4 as recommended by OpenVPN. Since the vulnerability is remotely exploitable, we recommend that customers take the OpenVPN Server off line until they have installed the fix.

    Learn how to Patch OpenVPN, Visit Our KnowledgeBase Article >>

  • End of Support Announcement: Windows XP

    Microsoft is discontinuing support for Windows XP on April 8, 2014. After that, no further updates to Windows XP will be provided to address defects or security vulnerabilities and they will no longer provide technical support.

    In light of Microsoft’s decision, on January 1, 2015, NetMotion Wireless will discontinue support for the Mobility and Locality clients that run on Windows XP, allowing NetMotion users an extra 8 months to complete their migration. Additionally, after that date we will no longer offer support for Mobility clients running on Windows Vista, or for Mobility XE versions 8.0 to 8.51. After January 1, 2015, customers with these products can receive assistance with migrating to new versions and platforms, but we will no longer test interoperability with newer versions of our products, future client operating systems, or resolve bugs associated with them.

  • Mobility 10.10 and Android 4.4.x (Kit Kat) – Resolved in Mobility 10.51

    Mobility version v10.10 is fully supported on Android 4.0 – 4.3x, but not Android 4.4.x (Kit Kat). Additionally, we are aware of several bugs in Kit Kat that adversely affect VPN functionality. Google is in the process of fixing them and we will release a Mobility client that is fully Kit Kat-compatible after the bugs have been addressed.

    NetMotion Wireless customers running Mobility v10.10 and earlier for Android should NOT update to Kit Kat, even if an update is offered by their carrier. Kit Kat is only supported on Mobility v10.51 and above. For more information on v10.51, review What’s New in NetMotion Mobility and Known and Resolved Issues.

  • Do Not Upgrade to Windows 8.1 with Mobility Installed – Resolved in Mobility 10.51

    Mobility version 10.0 is supported on Windows 8.0, but not on Windows 8.1. For any computers running Windows 8.0 with Mobility installed, do not attempt to upgrade the operating system to version 8.1. The upgrade will fail and (in some cases) reverting to Windows 8.0 will also fail. A Windows 8.1-compatible Mobility client is scheduled for release in fourth quarter 2013.

  • New Microsoft Cryptographic Library Update may Cause Disconnects and Delays

    Customers running NetMotion Mobility® v9.50 and v9.51 and FIPS 140-2 libraries, or NSA Suite B may experience a disconnect from the Mobility server, or a significant delay when installing the most recent Microsoft CNG.sys cryptographic library update. There are simple steps to remedy this.

    Click here to access the Knowledge Base Support article addressing this issue  >>

  • Mobility Analytics Database to Move to MySQL with Next Release

    In the next release of NetMotion Mobility, the database technology used with the Analytics module will move from Microsoft SQL to MySQL. Installing the Analytics module will now always put the reporting server and reporting database together on the same machine.

    Click here to access Knowledge Base Support for further details >>

  • Development of Mobility for Windows Server 2003 to End on March 2012

    After March 2012, resolution of the most severe issues in versions of Mobility running on Microsoft Server 2003 will be available on an “as-needed” basis.

    Click here to access Knowledge Base Support for further details on technical support and timelines >>