After configuring the .ini template file, run the PowerShell script to configure the OVA and deploy VMware Tunnel. The PowerShell script provides validation checks that are not available when deploying the OVA using vSphere.
Before you can run the PowerShell script, you must configure the INI file to pass the VMware Tunnel configuration to the OVA file.
- Windows administrator privileges
The PowerShell script runs on Windows 8.1 or later machines or Windows Server 2008 R2 or later.
The machine can also be a vCenter Server running on Windows or a separate Windows machine.
- VMware OVF Tool 4.1 (available on my.vmware.com)
- VMware-ClientIntegrationPlugin (available on my.vmware.com)
- Configured .ini template file to pass the configuration values to the appliance (part of the OVA download package available on Workspace ONE UEM Resources at https://resources.air-watch.com/view/sbfsfykltpqfxhvg9tpy/en)
- PowerShell script to configure the appliance (part of the OVA download package available on Workspace ONE UEM Resources at https://resources.air-watch.com/view/sbfsfykltpqfxhvg9tpy/en)
- Communication between the Windows machine used to deploy the OVA and your vSphere instance
- vSphere v5, 5.1, 5.5, or 6
vSphere ESX host with a vCenter Server is needed.
You must select the vSphere datastore and the network to use. You must associate a vSphere Network Protocol Profile with every referenced network name. his Network Protocol Profile specifies network settings such as IPv4 subnet mask, gateway etc. The deployment of Unified Access Gateway uses these values so make sure the values are correct.
- Microsoft Hyper-V
- Windows Server 2012 R2 or Windows Server 2016
- Open PowerShell as an administrator.
- Navigate to the folder containing your PowerShell script and modified .ini template.
Enter the following command:
.\apdeploy.ps1 <Ini file name>
- Enter the password for each prompt:
- Appliance Password (for the root user)
- REST API (admin UI) password
- API server password
- (Optional) Outbound proxy if using a proxy with authentication.
- If you are using vSphere, password for the vSphere User that can deploy VMs
After entering each password, PowerShell validates the entered password.
Once all passwords are entered, the Unified Access Gateway uploads to the hypervisor and the machine configures itself and installs. You must wait for the script to finish for the network to initialize. Progress can be tracked by viewing the machine from vSphere or Hyper-V.
Running the PowerShell with the values matching an existing instance in vSphere destroys the existing appliance and deploys a new instance instead. You cannot run the same INI template for Hyper-V. The Unified Access Gateway name must be different each time you deploy through PowerShell.
After a successful deployment, the Workspace ONE UEM Appliance Agent starts immediately and the monitoring services for VMware Tunnel start after 60 seconds.