Click here to load reader

Deploying VMware Workspace ONE Tunnel for iOS: VMware ... ... DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL GUIDE | 4 1. Launch Chrome Browser

  • View
    14

  • Download
    1

Embed Size (px)

Text of Deploying VMware Workspace ONE Tunnel for iOS: VMware ... ... DEPLOYING VMWARE WORKSPACE ONE TUNNEL...

  • GUIDE – MAY 2019

    PRINTED 2 OCTOBER 2019

    DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 2

    Table of Contents

    Overview

    – Introduction

    – Audience

    Deploying VMware Workspace ONE Tunnel for iOS

    – Introduction

    – Prerequisites

    – Logging In to the Workspace ONE UEM Console

    – Creating Per-App VPN Profile

    – Publishing VMware Tunnel as a Public App

    – Configuring Workspace ONE Web for Per-App VPN

    – Testing Per-App VPN on iOS

    – Configuring Safari Domain Profiles

    – Testing Safari Domains with Per-App Tunnel

    Summary and Additional Resources

    – Conclusion

    – Terminology Used in This Tutorial

    – Additional Resources

    – About the Author

    – Feedback

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 3

    OT-WS1-Tunnel-PerAppVPN

    Overview Introduction VMware provides this operational tutorial to help you with your VMware Workspace ONE® environment. In this tutorial, you explore how to configure and deploy the VMware Workspace ONE® Tunnel app to enable per-app VPN on an enrolled device. Procedures include creating and configuring a VPN profile and testing VPN access to VMware Workspace ONE® Web. You also configure Safari domain profiles and test Safari domains with per-app VMware Tunnel.

    Audience This operational tutorial is intended for IT professionals and Workspace ONE administrators of existing production environments. Both current and new administrators can benefit from using this tutorial. Familiarity with networking and storage in a virtual environment is assumed, including Active Directory, identity management, and directory services. Knowledge of additional technologies such as VMware Workspace ONE® Access (formerly VMware Identity Manager) and VMware Workspace ONE® UEM is also helpful.

    Deploying VMware Workspace ONE Tunnel for iOS Introduction Leveraging Per-App VPN allows you to control which applications on a device have access to your VPN by automatically enabling or disabling VPN access, based on which applications are active. You no longer need to provide a device-wide VPN on your devices, which can allow unintended or unauthorized apps or processes to access your VPN. In this tutorial, you explore how to configure and deploy VMware Workspace ONE® Tunnel to enable per-app VPN on an enrolled device.

    These exercises involve the following components:

    VMware Tunnel Client – The app used to securely connect to the VMware tunnel server (host) to provide Per-App VPN functionality Tunnel Server (Host) – The physical or virtual server (Linux, Windows, UAG) where the tunnel service is installed, and to which the tunnel client connects Per-App Tunnel – The same service for connecting to a secure tunnel channel (VPN) on a per-application basis, which is controlled and configured by the Per-App VPN profile Per-App Tunnel Profiles – The Workspace ONE UEM profile that is pushed to the device that contains the Per-App VPN configurations that the tunnel client reads for Per-App VPN

    For more information, see Configuring the VMware Tunnel Edge Service: VMware Workspace ONE Operational Tutorial.

    Prerequisites Before you can perform this exercise, you must meet the following requirements.

    Workspace ONE UEM version 9.4 or later iOS 7.0+ device enrolled in Workspace ONE UEM

    In addition, you need to create a VPN tunnel. For more information, see Configuring the VMware Tunnel Edge Service: VMware Workspace ONE Operational Tutorial.

    Logging In to the Workspace ONE UEM Console To perform most of the steps in this exercise, you must first log in to the Workspace ONE UEM Console.

    http://www.vmware.com/products/workspace-one.html https://www.vmware.com/products/workspace-one/access.html https://www.vmware.com/products/airwatch-enterprise-mobility-management.html https://techzone.vmware.com/configuring-vmware-tunnel-edge-service-vmware-workspace-one-operational-tutorial https://techzone.vmware.com/configuring-vmware-tunnel-edge-service-vmware-workspace-one-operational-tutorial https://techzone.vmware.com/configuring-vmware-tunnel-edge-service-vmware-workspace-one-operational-tutorial

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 4

    1. Launch Chrome Browser

    On your desktop, double-click the Google Chrome icon.

    2. Navigate to the VMware Workspace ONE UEM Console For example, navigate to https:// where WorkspaceONEUEMHostname is the host name of the Workspace ONE UEM console.

    3. Authenticate In to the Workspace ONE UEM Console

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 5

    Enter your Username, for example, administrator.1. Click Next. After you click Next, the Password text box is displayed.2.

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 6

    Enter your Password, for example, VMware1!1. Click Login.2.

    Note: If you see a Captcha, be aware that it is case sensitive.

    Creating Per-App VPN Profile For iOS 7+ devices and Android Enterprise devices, you can force selected applications to connect through your corporate VPN. Your VPN provider must support this feature, and you must publish the applications as managed applications.

    In this activity, you configure the iOS profile which configures the tunnel client on the device to allow only designated applications to access content on internal servers.

    1. Add a New Profile

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 7

    Click Add.1. Click Profile.2.

    2. Select the OS for the Profile

    Click Apple iOS.

    3. Configure the General Properties of the Profile

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 8

    Enter the name, such as Per-App VPN in this example screenshot.1. Select the name of your device's assignment group, and select that group. For example, select All Devices2. ([email protected]) as the Assigned Smart Group.

    4. Add a VPN Payload

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 9

    Click VPN from the Payload menu.1. Click Configure to access the VPN payload settings.2.

    5. Configure the VPN Payload

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 10

    Select VMware Tunnel from the Connection Type drop-down menu.1. Select the Enable VMware Tunnel check box.2. Click Save & Publish.3.

    6. Publish the VPN Profile

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 11

    Click Publish.

    Publishing VMware Tunnel as a Public App In this activity, you deploy an application configured to use the VPN tunnel on iOS.

    Note: A VPN tunnel must be set up before you begin adding it as a public application. For more information, see Configuring the VMware Tunnel Edge Service: VMware Workspace ONE Operational Tutorial.

    1. Add VMware Tunnel as a Public App

    https://techzone.vmware.com/configuring-vmware-tunnel-edge-service-vmware-workspace-one-operational-tutorial https://techzone.vmware.com/configuring-vmware-tunnel-edge-service-vmware-workspace-one-operational-tutorial

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 12

    Click Add.1. Click Public Application.2.

    2. Search the App Store for Tunnel App

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 13

    Select Apple iOS for the Platform.1. Enter an application Name. For example, VMware Tunnel.2. Click Next.3.

    3. Select the VMware Tunnel Result

    Click Select for the VMware Tunnel result.

    4. Save and Assign VMware Tunnel

    https://media.screensteps.com/image_assets/assets/001/987/002/original/0a410297-55df-46ee-96aa-f5cb1707a927.png

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 14

    Click Save & Assign.

    5. Add Assignment for VMware Tunnel

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 15

    Click Add Assignment.

    6. Configure VMware Tunnel Assignment Settings

    Click the Selected Assignment Groups field to display the list of created Assignment Groups. Enter All Devices, and1. select the All Devices ([email protected]) group. Select Auto for the App Delivery Method.2.

    7. Configure Policies for VMware Tunnel

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL

    GUIDE | 16

    Scroll down to find the Policies section.1. Select Enabled for Remove On Unenroll.2. Click Add.3.

    8. Confirm Assignment and Save

  • DEPLOYING VMWARE WORKSPACE ONE TUNNEL FOR IOS: VMWARE WORKSPACE ONE OP

Search related