Covenant Eyes VPN issue with Internal Mail

I’ve got a handful of staff members who have Covenant Eyes setup on their iPhone. With this enabled and on our Internal/Staff wifi network they are unable to check their mail.

If they disconnect from wireless and try via cellular data it all works well.

I’m thinking this is a DNS issue with the VPN not giving the external address of our webmail server and instead trying to connect via the internal.

Any thoughts?

Could be the firewall. Firewalls are often set to block proxy servers, which Covenant Eyes acts as. We had to put in a firewall rule to whitelist Covenant Eyes proxy. The company can give you the server addresses to allow.

  • Greg

CE has some great new functionality allowed them by forcing the VPN connection. That is great for the average user, but there are instances where it doesn’t work. When it doesn’t work, they have a way of disabling the VPN. You still get reporting through the CE Browser, but not the other tracking of all traffic for all apps.

When it doesn’t work, they have a way of disabling the VPN

Eric, can you explain what this means? Is there a way that I can disable CE’s VPN feature, since it causes other unintended problems? Thanks.

Sounds like you may not have NAT Loopback working on your firewall.

James, sorry I am just seeing this question. But, yeah, if you call CE support they can disable the VPN requirement on their iOS mobile browser (I assume it’s the same on other platforms, but I don’t know for sure). Like I said, this makes it not track ALL traffic, but it does still track traffic in the CE browser app.

Is your network a Cisco Meraki based network? I have had issues with all Google apps on my phone only on Meraki networks.