Released 23 February 2017 | Build 5055996

These release notes include the following topics:

What's New in This Release

VMware Access Point 2.8 provides the following new features and enhancements.

  • Admin User Interface to configure and update settings

    The admin user interface can be used to configure and manage Access Point configuration settings, edge settings, and authentication modes.

  • Authenticating reverse proxy (Auth in DMZ)

    This feature enables support for authenticated reverse proxy in the DMZ for browser-based clients. Access Point currently supports RADIUS and RSA SecurID authentication methods for the authenticated reverse proxy use case.

  • RSA Adaptive Authentication

    RSA Adaptive Authentication enables additional authentication in the DMZ for browser clients with Access Point acting as an authenticating Web reverse proxy for VMware Identity Manager.

  • Access Point monitoring via vROps

    Now the Access Point reporting information can be accessed on vROps. For example, you can find information about the number of concurrent Blast or PCOIP sessions here.

  • Support multiple Web reverse proxy edge services

    This feature enables support for multiple Web reverse proxy services on the single instance of Access Point. For example, single instance of Access Point can support VMware Identity Manager and other Web services.

  • AirWatch SEG Gateway (tech preview)

    This feature supports the AirWatch Secure Email Gateway (SEG) on Access Point

Top of Page


The Access Point user interface, online help, and product documentation are available in Japanese, French, German, Spanish, Brazilian Portuguese, Simplified Chinese, Traditional Chinese, and Korean. For the documentation, see the Documentation Center for VMware Access Point 2.8.

Top of Page

Compatibility Notes

For more information about the VMware Product Interoperability Matrix, see

Top of Page

Resolved Issues for Access Point 2.8.1

  • iOS issues with using the AirWatch Tunnel server with Access Point have been fixed.
  • Fixed the buffer overflow vulnerability with PCoIP Security Gateway.

Top of Page

Known Issues

  • When the "Import Settings" option is used in the Access Point admin UI to import the Access Point settings JSON file and RADIUS authentication or RSA SecurID authentication methods are configured in the JSON file, the following two changes are required to be made in that JSON before the file can be imported.
    • If RADIUS authentication is configured in the JSON file, you must enter the correct values for the following JSON keys in the section where all parameters of RADIUS authentication are stated.


      "sharedSecret_2":"" (This entry is only if a secondary RADIUS server is enabled.)

    • If RSA SecurID authentication is enabled in the JSON file, you must enter the correct values for the following JSON keys in the section where all parameters of RSA SecurID authentication are stated.



  • Smart card authentication does not work while connecting to the Access Point server if the alternate subject name has the e-mail address for the certificate mapped with the domain account.
    Workaround: In the wizard for creating a certificate template for the smart card user, on the Subject Name tab, deselect the checkbox "Include this information in alternate subject name:".
  • Top of Page

    check-circle-line exclamation-circle-line close-line
    Scroll to top icon