Validate Workspace ONE Tunnel Implementation for Per App VPN
Once enrollment is complete, ensure that the Workspace ONE Tunnel and Google Chrome applications are installed on your device. If not, open the App Catalog to Install these applications on your device.
1. Launch & Enable the Workspace ONE Tunnel Client
This step is to enable the newly installed Tunnel client to initiate a VPN connection automatically on behalf of the user whenever an enabled application is launched. This is only required the first time that the application is installed.
Press the Home button on the iPad to return to the Launchpad. Swipe right if needed to see the downloaded applications. Select the Workspace ONE Tunnel client to open it.
Note: If the Tunnel application is missing from your device, open the Catalog and try to install it from there by selecting Install.
1.1. Opening Workspace ONE Tunnel Client for the first time
Click Continue to enable the Tunnel application as a VPN client on the device.
Click I Understand
1.3. Accept Data Sharing Policy
Click I Agree
1.4. Confirm Workspace ONE Tunnel VPN Configuration
If everything was configured correctly, you will see the Device section has a green checkmark and shows that it configured with VPN Configuration #XXXXX.
2. Opening Safari Browser
Open Safari Browser.
3. Access Public website from Safari
https://www.vmware.com on the Navigation Bar.
You can access the VMware website normally and no VPN is requested as expected.
4. Access Intranet Website with Safari Browser
http://intranet.corp.local/intraneton the Navigation Bar.
- Based on the URL launch you will see the VPN icon appear indicating the connection is active. This is happening because Workspace ONE Tunnel Client App found a rule that applies to this situation, which is the one you precious defined.
- The website will load and you'll see a intranet home with Welcome message.
5. Attempt to Access Intranet Website From Google Chrome
We will now show that although the VPN connection is active for Safari browser, you are not able to access the intranet from other browsers.
5.1. Open Google Chrome browser
Open Google Chrome Browser
5.2. Enter the Intranet Website URL
http://intranet.corp.local/intranetand press Go/Enter
- VPN is not active
- After couple seconds you will receive an error page that states "This site can't be reached"
Notice that the website doesn't load for Google Chrome since the device traffic rulle configured earlier allows access to the internal domain only through Safari browser. The website is published to an internal DNS that can only be accessed when the VPN connection is being used. Safari is enabled to initiate Per-App VPN Tunnel only for the domains configured in the device traffic rulles.