The VMware Tunnel PAC Reader allows you to use PAC files to configure outbound proxies for the Per-App Tunnel component.

Prerequisites

  • Download the PAC Reader bundle from the Workspace ONE UEM Resources Portal. Install the PAC Reader on any Linux server such as your VMware Tunnel server. Installation requires extracting the PAC Reader and running the install script. If the PAC file contains DNS resolution rules such as dnsresolve() or isInNet(), change the value of traffic_rule_post_dns in server.conf to 1 on your VMware Tunnel server.
    Note: Currently the PAC Reader has the following limitations:
    • Currently, the PAC Reader only supports Linux servers.
    • The PAC Reader currently does not support the following rules:
      • Nested if statements. Try to put the inner logic above the outer logic. This change makes the outer logic lower ranked than the inner logic.
      • Else-if statements. Try to convert these rules to if statements.
      • Regex
      • myapaddress()
      • Generic use of the AND operator
    • The PAC Reader only supports limited use of variable declaration and use.

    Before you configure Outbound Proxy using VMware Tunnel PAC Reader, make ssure that you meet the following network requirements:

  • Access to the Workspace ONE UEM API server: The PAC Reader requires access to the Workspace ONE UEM API server. The server is typically accessed over port 443. Consider installing the PAC Reader on your VMware Tunnel server as the server already has access to the Workspace ONE UEM API server.
  • Access to the PAC file. If you are hosting your PAC file on a Web server, the PAC Reader must have access to that server.
  • Python 2.7 installed on the server.
  • RHEL 7 as the server OS.

Procedure

  1. On the Linux server, extract the PAC Reader bundle from the Workspace ONE UEM Resources Portal.
    The extract creates the pacreader folder.
  2. Open the pacreader folder.
  3. To install the PAC Reader in the pacreader folder, run the install script.
    sudo ./install.sh
  4. Configure the necessary properties in the pacreader.properties file.
    Property Description
    API_SERVER_URL Enter the API server URL.
    API_KEY Enter the API key for the API server. Find this key by navigating to Groups & Settings > All Settings > System > Advanced > API  > REST API > API Key.
    OG_ID Enter the Organization Group ID for the OG in which the VMware Tunnel is configured.
    PAC_LINK

    Enter the URL of the PAC file if you host it on a Web server.

    If you configure PAC_LINK, do not configure PAC_PATH.

    PAC_PATH

    Enter the file path to the PAC file on the server.

    If you configure PAC_PATH, do not configure PAC_LINK.

  5. Start the PAC Reader.
    ./pacreader.sh start