Impact to tunneling when using a global HTTP proxy
A global HTTP proxy policy ensures that HTTP traffic is redirected to a proxy server that you specify. Configuring a global HTTP proxy policy for devices includes specifying the URL for the proxy auto-configuration (PAC) file. Details are available in “Working with global HTTP proxy policies” in the Core Device Management Guide for iOS and macOS Devices.
Consider the case in which you have defined an AppTunnel rule in an AppConnect’s AppConnect app configuration (or Web@Work setting or Docs@Work setting) that includes the URL to the PAC file. That is, the AppTunnel rule does one of the following:
- Uses a wildcard character in the AppTunnel rule’s URL Wildcard field such that the PAC file URL matches the rule
- Explicitly names the PAC file URL in the AppTunnel rule’s URL Wildcard field
The impact of this configuration to tunneling varies depending on the AppConnect app’s AppConnect version, as shown in the following table:
AppConnect for iOS SDK or Wrapper version used in the app |
Impact to tunneling of defining an AppTunnel rule that includes the URL to the PAC file |
3.0 and prior |
•The request to the URL for the PAC file is tunneled. •Other URL requests are tunneled according to the AppTunnel rules. |
3.1.0, 3.1.1, 3.1.2 |
Tunneling to the URL for the PAC file is not supported. A tunneling attempt to this URL results in no network access for the app, whether tunneled or not. |
3.1.3 and supported newer versions |
To support tunneling in these apps, configure a key-value pair in the app’s AppConnect app configuration (or Web@Work setting or Docs@Work setting) as follows: •key name: global_http_proxy_url •value: the URL of the PAC file, which you also enter in the Proxy PAC URL field of the global HTTP proxy policy. Example: http://pac.myproxy.mycompany.com With this key-value pair: •the URL request to the PAC file is not tunneled. •other URL requests are tunneled as specified by the AppTunnel rules. |