Content Gateway (CG) is a component of the VMware AirWatch Content Management solution that securely allows access to On-premise repository content on mobile devices.

Prerequisites

You must configure the Content Gateway node using the Workspace ONE UEM console before you can configure Content Gateway on Unified Access Gateway. After configuring the node, note down the Content Gateway Configuration GUID, which is automatically generated. See the Configure a Content Gateway Node section in the VMware Workspace ONE UEM documentation for detailed information.

Note:

The acronym CG is also used to refer to Content Gateway.

You can also refer to the following documentation for Content Gateway architecture and security overview:

  1. Basic (Endpoint Only) Deployment Model for Content Gateway

  2. Relay Deployment Model for Content Gateway

Procedure

  1. Navigate to General Settings > Edge Service Settings > Content Gateway Settings and click the gearbox icon.
  2. Select YES to enable Content Gateway settings.
  3. Configure the following settings and click Save.

    Option

    Description

    Identifier

    Indicates that this service is enabled.

    API Server URL

    The VMware AirWatch API Server URL [http[s]://]hostname[:port]

    The destination URL must contain the protocol, host name or IP address, and port number. For example: https://load-balancer.example.com:8443

    Unified Access Gateway pulls Content Gateway configuration from API server.

    API Server Username

    User name to log into the API server.

    Note:

    It is required that the admin account have, at a minimum, the permissions associated with the Content Gateway role

    API Server Password

    Password to log into the API server.

    Content Gateway Hostname

    Host name used to configure edge settings.

    Content Gateway Configuration GUID

    VMware AirWatch Content Gateway configuration ID. This ID is automatically generated when the Content Gateway is configured on the Workspace ONE UEM console. The Configuration GUID is displayed on the Content Gateway page on the UEM console under Settings > Content > Content Gateway.

    Outbound Proxy Host

    The host where the outbound proxy is installed. Unified Access Gateway makes a connection to API Server through an outbound proxy if configured.

    Outbound Proxy Port

    Port of the outbound proxy.

    Outbound Proxy Username

    User name to log into the outbound proxy.

    Outbound Proxy Password

    Password to log into the outbound proxy.

    NTLM Authentication

    Specify whether the outbound proxy requires NTLM authentication.

    Trusted Certificates

    Add a trusted certificate to this edge service. Click '+' to select a certificate in PEM format and add to the trust store. Click '-' to remove a certificate from the trust store. By default, the alias name is the filename of the PEM certificate. Edit the alias text box to give a different name.

    Host Entries

    Enter the details to be added in /etc/hosts file. Each entry should include an IP, a hostname, and an optional hostname alias in that order, separated by a space. For example, 10.192.168.1 example1.com, 10.192.168.2 example2.com example-alias. Click '+' to add multiple host entries.

    Important:

    The host entries are saved only after you click Save.

    Note:

    HTTP traffic is not allowed for Content Gateway on port 80 on Unified Access Gateway, because TCP port 80 is used by the edge Service Manager.