Dell SonicWALL Secure Mobile Access 8.5
Administration Guide
Supported Application Deployment Considerations
Be aware of these installation and general feature caveats when using application offloading and HTTP(S)
bookmarks with the following software applications:
SharePoint 2013 and SharePoint 2010 are supported with application offloading, but not with
HTTP(S) bookmarks.
Outlook Anywhere
SMA/SRAs with Application Offloading.
Outlook Anywhere uses Microsoft’s MS-RPCH proprietary protocol that could conflict with normal
HTTP(S) protocol.
Application Offloading is only supported on SharePoint 2013 and with any application using HTTP/HTTPS. Secure
Mobile Access has limited support for applications using Web services and no support for non-HTTP protocols
wrapped within HTTP.
The application should not contain hard-coded self-referencing URLs. If these are present, the Application
Offloading proxy must rewrite the URLs. Because Web site development does not usually conform to HTML
standards, the proxy can only do a best-effort translation when rewriting these URLs. Specifying hard-coded,
self-referencing URLs is not recommended when developing a Web site because content developers must modify
the Web pages whenever the hosting server is moved to a different IP or hostname.
For example, if the backend application has a hard-coded IP address and scheme within URLs as follows,
Application Offloading must rewrite the URL.
<a href="
This can be done by enabling the
Enable URL Rewriting for self-referenced URLs
setting for the Application
Offloading Portal, but all the URLs might not be rewritten, depending on how the Web application has been
developed. (This limitation is usually the same for other vendors employing reverse proxy mode.)
Cross Domain Single Sign-On
External Website Bookmarks can be created for application offloading portals to achieve a single point of access
for users. This allows users to automatically log in to application offloading portals after logging into the main
To use Cross Domain Single Sign-on (SSO):
1 Create two or more portals with the same shared domain (from Virtual Host Domain name) and that need
authentication. One portal should be a regular portal. These portals are also in the same SMA/SRA
appliance’s domain so that a user can log in to both of them with the same credentials.
explains how to create a portal.
2 Log in to the portal and create a bookmark, as explained in
Adding or Editing User Bookmarks
3 Set the service to
External Web Site
4 Enable
Automatically log in
for the bookmark that enables Cross Domain SSO for this bookmark.
5 Specify a Host that is a portal with the same shared domain name.
6 Save the bookmark and launch it. The new portal is logged in automatically without any credential.
The shared domain names do not need to be identical; a sub-domain also works. For example, one portal is a
regular portal whose virtual host domain name is “” and its shared domain name is
“” The other portal’s virtual host domain name is “” and the shared
domain name is “” If a bookmark to is created in the
portal, Cross Domain SSO works because “” is a sub-domain of