XenMobile, MDX wrapping and web socket (WSS) traffic

We’ve discovered an issue on iOS devices with web socket traffic.

The MDX wrapper does not seem to be capable of intercepting the web socket (WSS) traffic and therefore if a mobile application or WorxWeb browser attempts to make a web socket connection the data is sent direct to the server rather then over VPN.

This does not work in either SecureBrowse or Full Tunnel modes.

Tested on 10.3.0, 10.3.5 & 10.3.6 versions of MDX toolkit

Another observation with WebSocket traffic is that in order for it to pass a load balanced VIP on the netscaler web socket must be enabled on the said VIP.

Currently working with Citrix support on finding a resolution.

1 Like

Citrix have confirmed that this functionality does not exist currently but this is on a roadmap (with no ETA) at this stage.

1 Like

I have run into the same problem with Mattermost. Did you find some kind of workaround(deploy public app store version, code change to remove wss, etc), or are you just postponing an app release?

1 Like

I have the same problem, we’re looking forward the solution or any release.

We’ve ended up not using the mVPN and exposing the back resources to be able to be accessed directly by the device

It looks like web socket support is coming

It is announced for the XenMobile cloud, therefore I suspect it should be made available in the next On-prem release.

Websocket Support. You can now access web applications using the WebSockets protocol with Secure Web and other MDX-wrapped applications. The WebSocket protocol is used by websites to do things like push notifications, stream data, and do web chat. This feature does not require the use of the MDX SDK.