Validate AirWatch + NSX integration on the enrolled device

In this section we are going to validate our security group assignment and edge service gateway configuration performed in the earlier sections.

1. Launch AirWatch Tunnel Client

Launch AirWatch Tunnel Client
  1. Launch Tunnel from your enrolled device.
  2. Upon launch, you will see User Permission prompt. Review and click Yes to continue.

2. Validate that you have Per-App VPN profile installed

Validate that you have Per-App VPN profile installed

NOTE - It may take around 1 minute for the Per-App VPN profile to install on your device. To speed up the process, you can perform a device sync via AirWatch agent on the console or do a device query from AirWatch Console.

Launch Tunnel app on the device and ensure that you see a VPN configuration profile, before proceeding with the next step.

3. Validate SG_IP1 policy using Dolphin Browser

Since, we have assigned SG_IP1 to Dolphin Browser, we should be able to access web-01. But at the same time, we should not be able to access web-02.

3.1. Launch Dolphin Browser

Launch Dolphin Browser

Click on the icon to launch Dolphin Browser.

NOTE - You may see some initialization prompts when you first launch Dolphin Browser. Click through them to proceed.

3.2. Access Web01 server

Access Web01 server
  1. Enter the URL "http://web01.corp.local" in the address bar.
  2. Validate that you can see the splash page confirming access.

3.3. Access Web02 server

Access Web02 server
  1. Click on + sign to open a new tab.
  2. Enter the URL, "http://web02.corp.local" in the address bar.
  3. Validate that you cannot access the splash page.

This confirms that apps assigned to SG_IP1 can only access web01 server endpoint.

4. Validate SG_IP2 policy using Firefox Browser

Since, we have assigned SG_IP2 to Firefox Browser, we should be able to access web-02. But at the same time, we should not be able to access web-01.

4.1. Launch Firefox Browser

Launch Firefox Browser

Click on the icon to launch Firefox browser.

NOTE - You may see some initialization prompts when you first launch Firefox Browser. Click through them to proceed.

4.2. Access Web01 server

  1. Enter "http://web01.corp.local" in the address bar..
  2. Verify that you cannot reach the web endpoint.

4.3. Access Web02 server

  1. Enter the URL: "http://web02.corp.local" in the address bar.
  2. Validate that you can see the splash page VMworld confirming access.