You can configure server traffic rules for the VMware Tunnel to manage how traffic is directed through a third-party proxy. These rules allow you to bypass the proxy or send traffic through it. You can either add rules manually in the UEM console or via PAC files by using the VMware Tunnel PAC Reader.

Configure Server Traffic Rules using Outbound Proxy

Many organizations use outbound proxies to control the flow of traffic to and from their network. Outbound proxies can also be used for performing traffic filtering, inspection, and analysis.

It is not mandatory to use outbound proxies with VMware Tunnel, but your organization may choose to deploy them behind one or more VMware Tunnel servers based on recommendations from your security and network teams. For VMware Tunnel on Linux, Workspace ONE UEM supports outbound proxies for the two VMware Tunnel components: Proxy and Per-App Tunnel.

Only the basic and cascade deployment models support outbound proxies for the Per-App Tunnel through server traffic rules.

The following table illustrates outbound proxy support for the VMware Tunnel Per-App Tunnel on Linux: 

Proxy Configuration Supported?

Outbound Proxy with no auth

Outbound Proxy with basic auth

Outbound Proxy with NTLM auth

Multiple Outbound Proxies

PAC Support

Configure the rules for sending traffic to your outbound proxies using the server traffic rules. For more information, see Configure Server Traffic Rules from the UEM Console.

If you want to send the requests to the API/AWCM servers through your outbound proxy as well, then you must enable the Default AWCM + API traffic via Server Traffic Rules Networking settings under Groups & Settings > All Settings > Configurations > Tunnel. Once enabled, add the respective web proxies for API/AWCM hostnames on the server traffic rules page.