Network traffic rules allow you to set granular control over how the VMware Tunnel directs traffic from devices. Using the Per-App Tunnel of VMware Tunnel, create device traffic rules to control how devices handle traffic from specified applications and server traffic rules to manage network traffic when you have third-party proxies configured.
Device traffic rules force VMware Tunnel to send traffic through the tunnel, block all traffic to specified domains, bypass the internal network straight to the Internet, or send traffic to an HTTPS proxy site. The device traffic rules are created and ranked to give an order of execution. Every time a specified app is opened, VMware Tunnel checks the list of rules to determine which rule applies to the situation. If no set rules match the situation, VMware Tunnel applies the default action. The default action, set for all applications except for safari, applies to domains not mentioned in a rule. If no rules are specified, the default action applies to all domains. The device traffic rules created apply to all VPN VMware Tunnel profiles in the organization group the rules are created in.
Server traffic rules enable you to manage the network traffic when you have third-party proxies configured in your network. These rules apply to traffic originating from the VMware Tunnel. The rules force the VMware Tunnel to send traffic for specified destinations to either use the proxy or bypass it.
VMware Tunnel supports Network Traffic rules for the following platforms:
- iOS devices with VMware Workspace ONE Tunnel for iOS.
- macOS devices with VMware Workspace ONE Tunnel for macOS. VMware Tunnel only supports network traffic rules for the Safari app for macOS devices.
- Android devices with VMware Workspace ONE Tunnel for Android.
- Windows desktop devices with VMware Workspace ONE Tunnel desktop application.
VMware Tunnel supports enforcing the Per-App VPN rules configured in the Windows Desktop and Windows Phone VPN profiles.