This section explains configuration of load balancing VMware Tunnel through Per-App VPN.

Creating Health Monitor

Follow the same navigation steps mentioned in Creating a Custom Health Monitor section in Workspace ONE UEM Admin Console with Type selected as TCP and Health Monitor Port as 443.

Creating Persistence Profile

Follow the same navigation steps mentioned in Creating a Persistence Profile section in Workspace ONE UEM Admin Console.

Client IP Address persistence is recommended with Persistence Timeout value set to 30 minutes.

Creating Pool

Follow the same navigation steps mentioned in Creating Pool section in Workspace ONE UEM Admin Console.

  1. Load balancing algorithm: Least Connections

  2. Persistence profile: Tunnel-Persistence-Profile (created in the previous step).

  3. Click Add Active Monitor and select the TCP Monitor as Tunnel-TCP.

Creating Application profile

For tunnel service, SSL pass-through is required. Create an L4 application profile or use the default System-L4-Application profile.

Creating L4 Virtual Service

To create a new L4 virtual service:

  1. Navigate to Applications > Virtual Services and select the Advanced Setup.

  2. Select System-L4-Application from Application Profile drop-down link and configure the virtual service with the following options:

    1. TCP/UDP Profile: System-TCP-Fast-Path.

    2. Service Port: 443, select Override TCP/UDP and choose System-UDP.

    3. Pool: The Tunnel PerAppVPN Pool created in the previous step.