Content Gateway (CG) is a component of the AirWatch Content Management solution that securely allows access to on-premise repository content on mobile devices.

About this task


The acronym CG is also used to refer to Content Gateway.


You must configure the Content Gateway node using the AirWatch console before you can configure Content Gateway on Unified Access Gateway. After configuring the node, note down the Content Gateway Configuration GUID, which is automatically generated. See the AirWatch documentation for information on how to configure a Content Gateway Node.


  1. Navigate to General Settings > Edge Service Settings > Content Gateway Settings and click the gearbox icon.
  2. Select YES to enable Content Gateway settings.
  3. Configure the following settings and click Save.




    Indicates that this service is enabled.

    API Server URL

    The AirWatch API Server URL [http[s]://]hostname[:port]

    The destination URL must contain the protocol, host name or IP address, and port number. For example:

    Unified Access Gateway pulls Content Gateway configuration from API server.

    API Server Username

    Username to log into the API server.

    API Server Password

    Password to log into the API server.

    Content Gateway Hostname

    Hostname used to configure edge settings.

    Content Gateway Configuration GUID

    AirWatch Content Gateway configuration ID. This ID is automatically generated when the Content Gateway is configured on the AirWatch Console. The Configuration GUID is displayed on the Content Gateway page on the AirWatch Console under Settings > Content > Content Gateway.

    Outbound Proxy Host

    The host where the outbound proxy is installed. Unified Access Gateway makes a connection to API Server via outbound proxy if configured.

    Outbound Proxy Port

    Port of the outbound proxy.

    Outbound Proxy Username

    Username to log into the outbound proxy.

    Outbound Proxy Password

    Password to log into the outbound proxy.

    NTLM Authentication

    Specify whether the outbound proxy requires NTLM authentication.

    Host Entries

    Takes a comma-separated list of host entries to be added to the /etc/hosts file. Each entry should have an IP address, a hostname, and an optional hostname alias (in that order) separated by a space.

    For example:, example-alias)

    TLS SNI Rule

    This field displays only if TLS port 443 sharing is enabled during deployment. Specify the externalHostName:port that will be used for the service, for example "" for Content Gateway.

    • HTTP traffic is not allowed for Content Gateway, on port 80 on Unified Access Gateway because TCP port 80 is used by edge service manager.

    • When TLS port sharing is used with Content Gateway, the default internal listening port for Content Gateway is 10443.

      • The TLS SNI rule should be <CG_hostname>:10443

      • On the AirWatch console, the Content Gateway settings should be <CG_hostname>:443. Note that the CG_hostname is just the external hostname of the Unified Access Gateway appliance that a device uses to connect to.

    For more information on Content Gateway, go to the AirWatch Online Help .