This section explains how to configure load balancing VMware tunnel through tunnel proxy.

Creating Health Monitor

Follow the same navigation steps mentioned in Creating a Custom Health Monitor section in Workspace ONE UEM Admin Console.

Create the following health monitors:

  1. A HTTPS monitor on port 2020:

    1. Select HTTPS from the Type drop-down menu.

    2. Select2020 from the Health Monitor Port drop-down menu.

    3. Provide the Tunnel HTTPS request data (header and body as required).

    4. Set the Server Response Data to 407 and Response Code to 4XX.

    5. Click Save.

  2. A TCP monitor on port 8443:

    1. Select TCP from the Type drop-down menu.

    2. Select 8443 from the Health Monitor Port drop-down menu.

    3. Click Save.

Creating Persistence Profile

Follow the same navigation steps mentioned in Creating a Persistence Profile section in Workspace ONE UEM Admin Console.

For VMware Tunnel,Tunnel (Proxy), Client IP Address persistence Type is recommended with Persistence Timeout value set to 30 minutes.

Click Save and proceed to the next step of creating a pool for servers.

Creating Pool

Follow the same navigation steps mentioned in Creating Pool section in Workspace ONE UEM Admin Console.

  1. Choose the following options to create a pool:

    1. Load Balance: Least Connections

    2. Analytics Profile: The Tunnel Persistence Profile created in the previous step.

    3. Enable SSL: Not required for the pool.

    4. Add Health Monitor: Tunnel HTTPS monitor created in the previous section.

  2. Click Next and navigate to Step 3: Advanced Tab. Select the Disable Port Translation check box.

  3. Click Save.

Creating Application profile

For tunnel service, SSL pass-through is required. Create an L4 application profile or use the default System-L4-Application profile.

Creating L4 Virtual Service

The following are the steps to create a new L4 virtual service:

  1. Navigate to Applications > Virtual Services and select the Advanced Setup.

  2. Select the System-L4-Application from Application Profile drop-down menu and configure the virtual service with the following options:

    1. TCP/UDP Profile: System-TCP-Fast-Path.

    2. Service Port: 8443 (select Override TCP/UDP) and 2020(UDP).

    3. Pool: The Tunnel service pool created in the previous step.