Workspace ONE provides you with the VMware Tunnel solution that provides secure access for connecting to corporate resources. VMware Tunnel is part of the Anywhere Workspace solution set for enabling remote work and enforcing endpoint compliance. Depending on the operating system, VMware Tunnel can serve to replace both per-app and full device VPNs with a modern Zero Trust architecture.

Key Concepts

When configuring and deploying the VMware Tunnel, you must learn the VMware Tunnel terminology. Understanding the functionality that these components reference will aid your comprehension of this product. For more information, see Key Concepts.

Architecture and Deployment Model

The VMware Tunnel is a product you can install on physical or virtual servers that reside in either the DMZ or a secured internal network zone. VMware Tunnel comprises two separate components, proxy and Per-App Tunneling, each with their own architecture and security features. For more information, see Architecture and Security.

VMware Tunnel Pre-Deployment Configuration

Preparing for your VMware Tunnel installation ensures a smooth installation process. Installation includes performing preliminary steps in the Workspace ONE UEM console, and setting up a server that meets the listed hardware, software, and network requirements. For more information, see Pre-Deployment Configuration.

VMware Tunnel offers two architecture models for deployment, that is single-tier and multi-tier. For more information on deployment models and components, see Deployment Model.

Deploy VMware Tunnel with Unified Access Gateway

VMware offers a hardened virtual appliance (Unified Access Gateway) that hosts Workspace ONE services like Per-app Tunnel, and is the preferred method for deployment. Deploying Tunnel on Unified Access Gateway can be done from either vSphere or Hyper-V and can be automated using PowerShell. The Tunnel service on Unified Access Gateway is same as what the Linux installer provides.

Deploy VMware Tunnel on a Linux Server

For customers who do not want to use the Unified Access Gateway deployment, Workspace ONE UEM offers the Linux installer so you can configure, download, and install VMware Tunnel onto a server. The Linux installer has different prerequisites than the Unified Access Gateway method. To run the Linux installer, you must meet specific hardware, software, and general requirements before you can begin installation.

VMware Tunnel Management

Consider configuring additional functionality to enhance your VMware Tunnel deployment. These features allow you more control over device access and networking support. For more information, see Managing VMware Tunnel .

VMware Tunnel Troubleshooting

The VMware Tunnel supports troubleshooting logs to aid in diagnosing issues in your deployment. For more information, see VMware Tunnel Troubleshooting and Support.