Split Tunneling using Tunnel
Due to Apple deprecation of support for UIWebView and the impact that has on AppConnect AppTunnel on iOS, there is a new option, Enable Split Tunneling using Tunnel in the AppTunnel configuration for Web@Work on unified endpoint management (UEM) platform.The UEM platforms are Cloud or Core
Before enabling the option in UEM, ensure that Tunnel is deployed and the Tunnel VPN configuration is applied to the Web@Work for which you are enabling the split tunneling option.
Enabling the split tunneling option allows the tunnel rules to be applied to Tunnel for Web@Work. The new feature is introduced due to the planned deprecation of the UIWebView API by Apple.
The Web@Work configuration for split tunneling overrides the Access configuration for split tunneling, this does not impact the other apps that use Access configuration.
In addition to Tunnel 4.1.0, the feature requires either one of the following:
- Mobile@Work 12.3.0 and Core 10.7.0.0.
- Go 5.4.0 and Cloud 70.
For information about configuring AppConnect App Configuration and AppTunnel configuration on Cloud, see "Configuring AppConnect Apps" and "Configuring AppTunnel traffic rules" sections in the Cloud Administrator Guide.
For information about configuring AppConnect App Configuration on Core, see "AppConnect app configuration" in the Core AppConnect and AppTunnel Guide.
The feature requires Mobile@Work 12.3.0 and Tunnel 4.1.0 for iOS. For information about the UIWebView API deprecation, see UIWebView Deprecation and AppConnect Compatibility.
Configuring split tunneling with Tunnel (Core)
This section describes the steps to configure split tunnel on Web@Work.
Before you begin
- Ensure that Sentry service is active. For more information, see Enabling split tunneling section in the Access Guide.
- Ensure that Tunnel is deployed and a Tunnel VPN configuration is applied to the AppConnect app. For information about deploying Tunnel for iOS, see the Tunnel for iOS Guide.
Adding Per App VPN to Web@Work app
The following steps describe how to add Per App VPN to Web@Work configuration. Ensure that Per App VPN profile is already created.
Procedure
| 1. | In the Admin Portal, go to Apps > App Catalog. |
| 2. | Click Web@Work, click Edit. |
| 3. | Under the Per App VPN Settings, select Per App VPN by Label Only checkbox. |
| 4. | Select the VPN available in the list and click the right arrow. |
| 5. | Click Save. |
Editing Web@Work Configuration
The following steps describe how to edit Web@Work configuration to enable Split Tunneling on Core
Procedure
| 1. | In the Admin Portal, go to Policies & Configs > Configurations. |
| 2. | Select the check box for Web@Work configuration. |
| 3. | Click Edit, in the Edit Web@Work Setting page, go to AppTunnel Rules. |
| 4. | Under the AppTunnel Rules section, select the Enable Split Tunneling using Tunnel option. |
| 5. | Click Save. |
For information about configuring AppConnect App Configuration, see "AppConnect app configuration" in the AppConnect Guide for CoreTunnel for iOS Guide.
For more information Creating Per App VPN or Tunnel VPN setting, see VPN settings in the Core Device Management Guide for iOS and macOS Devices.
Configuring split tunneling with Tunnel (Cloud)
This section describes the steps to configure split tunnel on Web@Work for Cloud.
Before you begin
- Add and configure Tunnel app. For more information, see Main tasks for configuring Tunnel for iOS (Cloud) section in the Tunnel for iOS Guide.
- Ensure that you have a Standalone Sentry set up for AppTunnel and the necessary device authentication is also configured. See “Configuring Standalone Sentry for app tunneling” in the Sentry Guide for Core and Sentry Guide for Cloud.
- Ensure Per App VPN is created.
Editing Web@Work configuration
The following steps describe how to edit Web@Work configuration to enable Split Tunneling on Cloud.
Procedure
| 1. | In the Web@Work App Configuration > AppTunnel, click + icon. |
| 2. | Enter the Name of the configuration. |
| 3. | In the App Tunnel section, edit the following fields: |
| a. | Sentry Profile |
| b. | Turn ON the Enable Split Tunneling using Tunnel option. |
| 4. | Add App Tunnel rules. |
| 5. | Choose a distribution option for the configuration. |
| 6. | Click Save. |
| 7. | In App Configuration > Per App VPN and click + icon. |
| 8. | Enter the Name of VPN configuration. |
| 9. | Select the Enable Per-App VPN for this app check-box to select MI Tunnel configuration from the drop-down list. |
| 10. | Choose a distribution option for the configuration and click Done. |
| 11. | Click Save. |
After configuring split tunneling, ensure that the configurations are pushed to the device.
For more information, see https://help.mobileiron.com/s/article-detail-page?Id=kA12T000000TTetSAG.