Hi, We are trying out Workspace One UEM and have a strange issue when configure vmware tunnel. We cannot save the configuration, When I press save I got An error has occurred Something unexpected happened. If the issue persists, please contact your IT administrator. Any ideas? Thanks Stefan
Hi,
I will answer my self
We have now been able to save the tunnel configuration. Next step is to see if it works all the way from the mobile device.
I had to import our internal root and intermediate certificate.
The support team never mention that on our session, they collected logs and changed some IIS services to start with another user and changed the API to Api.
When I told them we got it to work with our certificat I got this answer.
"I wanted to inform you that when you use the internal CA to issue certificates for the console server and if the console server was being used as API endpoint as well, in that case, you have to add the certificate chain as trusted CA for tunnel in order for it to trust the API endpoint and accept the configuration shared by it."
/Stefan
Hi,
we are having the same problem in our on.-premise installation (v. 19.07) . What we have checked is that we can configure the per-app tunnel only if we configure the proxy tunnel first. So we configure proxy tunnel, then per-app tunnel and then delete the proxy tunnel configuration.
Our next problem with per-app tunnel is that we can not download the xml file with the configuration and get the same error as you. We opened a ticket with vmware and after collecting a lot of logs and having several zoom sessions they suggest us to install again the API or to upgrade to 19.09 to see if this solves the problem. We are now upgrading to 19.09. We wil let you know about the results.
Regards
Hi Stefan,
no luck with the upgrade. One question: have you done a fresh installation of Workspace ONE starting with v.19.09 or have you upgrade from a previous version? In our case we noticed this error when upgrading from 19.02 to 19:07
thanks
regards
I have ICMP opend in the FW so i can ping from everywhere
we also "had" this tunnel problem.
we tried a lot of different things, but the final solution for this was a full reinstallation of workspace one (all ws1 related applications), with the removal of all ws1 related certificates, including the public signed ones (we did not touch the database). since the ws1/vmware dev-team changed a lot if things in the background, we guess some migration failed and a broken certificate was the reason for those errors.
right now i can at least access the tunnel configuration again. tunnel proxy is working, but sadly per-app vpn is not. our support ticket in this case can fill a very small book and escalated bejond 2nd support line now.
Hi,
I will answer my self
We have now been able to save the tunnel configuration. Next step is to see if it works all the way from the mobile device.
I had to import our internal root and intermediate certificate.
The support team never mention that on our session, they collected logs and changed some IIS services to start with another user and changed the API to Api.
When I told them we got it to work with our certificat I got this answer.
"I wanted to inform you that when you use the internal CA to issue certificates for the console server and if the console server was being used as API endpoint as well, in that case, you have to add the certificate chain as trusted CA for tunnel in order for it to trust the API endpoint and accept the configuration shared by it."
/Stefan