VMware Tunnel with the Per-App Tunnel (Tunnel SDK) provides a unique feature called Device Traffic Rules. You can set individual traffic policies for tunneling, blocking, and bypassing traffic for each of your apps with the Device Traffic Rules.

Prerequisites

If you migrate from VMware Tunnel - Proxy to Tunnel SDK (Per-App Tunnel) and want to keep the domains that use the tunnel, enter the App Tunnel URLs from the Proxy to the Device Traffic Rules settings for Tunnel SDK.

For information on Device Traffic Rules, see Create Device Traffic Rules in VMware Tunnel

Procedure

  1. Navigate to Groups & Settings > All Settings > Apps > Settings and Policies > Security Policies > App Tunnel Mode > VMware Tunnel - Proxy and record the entries in the App Tunnel URLs field.
  2. Navigate to Groups & Settings > All Settings > System > Enterprise Integration > VMware Tunnel > Network Traffic Rules > Device Traffic Rules
  3. Select the applicable SDK application (like Workspace ONE Web).
  4. Add multiple applications. This configuration differs from the default SDK setting because you need to enter the domains to tunnel by the app rather than as a blanket entry for all SDK-built apps.
  5. Select Tunnel for the Action.
  6. Enter the app tunnel URLs from the VMware Tunnel - Proxy option in Destination Hostname.
  7. Define a default policy for domains that do not match patterns with your destination host names.
  8. Navigate to Groups & Settings > All Settings > Apps > Settings and Policies and select App Tunnel Mode and change from VMware Tunnel - Proxy to VMware Tunnel.