Secure Edge iOS and iPadOS Beta

The Secure Edge iOS and iPadOS Beta is released and available for all Secure Edge customers. All Secure Edge accounts are invited to participate in the beta via Apple TestFlight.

BEFORE YOU BEGIN  Using third-party VPN and DNS filtering applications with the Secure Edge solution may cause unexpected or undesirable behavior. We recommend disabling these utilities for endpoints that leverage the Secure Edge client.

NOTE  If you attempt to install this prior to 3/20/2025 you may receive a message that "This beta isn't accepting any new testers right now". Updates are still in progress, please try to set up the client after 3/20/2025.

Features

The iOS client and iPadOS client have the same set of features and end user experience as found in the Windows and MacOS versions, with two exceptions:

  • The iOS and iPadOS clients cannot be installed using Datto RMM or VSA 10.
  • The iOS and iPadOS clients cannot be checked with the SafeCheck with Datto RMM feature. There is an optional configuration parameter to allow unverified iPhones and iPads while continuing to provide SafeCheck for MacOS and Windows clients.

Supported OS

  • iPhone: iOS 16, 17, 18

  • iPad: iPadOS versions 16, 17 and 18

Installation

  1. Install the TestFlight Application from the Apple App Store on the iPhone or iPad.

  2. From the same client device, follow the link provided: Beta Activation Link.

  3. Install the Secure Edge iOS or iPadOS client from inside TestFlight.

  4. Once it completes the install, open the Datto Secure Edge Client.

  5. Consent to Data Security and Privacy.

  6. Enter in the Organization Code.

    NOTE  When using IdP, an additional prompt for the credentials will be required. For more information on the Authentication Settings, please review: Authentication Settings.

    The client is now in a pending state and needs to be approved inside the Provisioning page inside of Network Manager. This extra step is a security measure to prevent the creation of unwanted softclients.

Approving the softclient

The following steps will need to be completed by an administrator with Partner Portal access.

  1. Log into the Datto Partner Portal.

  2. Navigate to Networking Status > Network Manager > Manage > Secure Edge > Provisioning > Pending Clients. Then, select the boxes next to the clients you'd like to approve.

  3. Select Approve and the Assign Subscriber & Approve Client(s) modal will appear. Ensure that each client listed in the Hostname drop-down menu has a corresponding subscriber assigned in the Subscriber drop-down menu.

  4. When you've completed your review, click Approve Client(s).

  5. Return to the newly-added workstations. Within five minutes, the softclient will connect to the service. The subscriber is now protected by Secure Edge.

    After the user has been provisioned, the count in the Subscriptions in Use section of the Network Manager will be increased accordingly.

    The User will also be listed under the Provisioning section, where it can be managed.

  6. Once the client has been approved, return to the client device and select Login to complete the setup.

Once the setup has been completed

Datto recommends checking the following to confirm setup has completed properly and everything is working as intended. For more information on these configurations, refer to: Start and configure your Cloud Gateway.

  • Verify that client works with the configured Always On or User based authentication.

  • Verify that Security Policies work as expected:

    • Tunnel Settings
    • DNS Filter
    • Application Control

  • Test end user experience with applications.

If you experience any problems, please reach out to Datto Technical Support.

Frequently Asked questions

No. Each Secure Edge subscriber license allows for up to 3 concurrent connected sessions per subscriber license

The Datto Networking Support team is ready to support you. Please open a case with the Support team

Yes, you can submit feedback via any of the following options.

  • This online form
  • The TestFlight app
  • Email to: Secure_Edge_Beta@datto.com

No longer than 90 days.

No. The Secure Edge client will operate the same regardless of the connection type.

Please be aware standard data rates by your mobile provider may apply, depending on your service plan and if you are roaming outside of your coverage area while using this client.

Known Issues

After a month of use, the security key will expire, resulting in the client getting stuck in a "Connecting" state. This will also trigger an alert stating;

You have been logged out

To resolve this and reset the security key, please disable, then re-enable the VPN in IOS VPN Settings.

When attempting to cancel the login through the client, you will receive an error message:

The operation couldn’t be completed. (org.oopenid.appauth.general error –3 )

Return to the original screen and you will be able to attempt the login again.

In Network Manager the Hostname may not populate immediately after the organization code is input into the client. This will not prevent it from being approved and added in Network Manager. Additionally, the Hostname will still populate after about 5 minutes.

If there is an issue with a network disconnect from the client when setting it up, you may see the error:

An error has occurred, and you have to been disconnected. Try reconnecting or contact your administrator for additional help.

This should return you to the previous field so the connection can be attempted again. If the issue continues, please make sure the device has a stable network connection and can resolve public hostnames.

Additional Resources