Tunnel proxy deployment secures the network traffic between an end user device and a website through the VMware Browser mobile application.

Procedure

  1. In the admin UI Configure Manually section, click Select.
  2. Navigate to General Settings > Edge Service Settings and click Show.
  3. Click VMware Tunnel Settings gearbox icon.
  4. Change NO to YES to enable tunnel proxy.
  5. Configure the following edge service settings resources.
    Option Description
    API Server URL Enter theVMware AirWatch API server URL. For example, enter as https://example.com:<port>.
    API Server User Name Enter the user name to log in to the API server.
    API Server Password Enter the password to log in to the API server.
    Organization Group ID Enter the organization of the user.
    Tunnel Server Hostname Enter the VMware Tunnel external hostname configured in the Workspace ONE UEM console.
  6. To configure other advanced settings, click More.
    Option Description
    Outbound Proxy Host Enter the host name where the outbound proxy is installed.
    Note: This is not the Tunnel Proxy.
    Outbound Proxy Port Enter the port number of the outbound proxy.
    Outbound Proxy User Name Enter the user name to log in to the outbound proxy.
    Outbound Proxy Password Enter the password to log in to the outbound proxy.
    NTLM Authentication Change NO to YES to specify that the outbound proxy request requires NTLM authentication.
    Use for VMware Tunnel Proxy Change NO to YES to use this proxy as an outbound proxy for VMware Tunnel. If not enabled, Unified Access Gateway uses this proxy for the initial API call to get the configuration from the Workspace ONE UEM console.
    Host Entries Enter the details to be added in /etc/hosts file. Each entry should include an IP, a hostname, and an optional hostname alias in that order, separated by a space. For example, 10.192.168.1 example1.com, 10.192.168.2 example2.com example-alias. Click the '+' sign to add multiple host entries.
    Important: The host entries are saved only after you click Save.
    Trusted Certificates Select the trusted certificate files in PEM format, to be added to the trust store. By default, the alias name is the filename of the PEM certificate. Edit the alias text box to give a different name.
  7. Click Save.