syarbrou
Enthusiast
Enthusiast

Tunnel without Tunnel App?

I have an app in iOS and Android that we need the Tunnel app as part of to allow the app to access a DB in our network.  Works fine.  Users seem to find installing an additional app challenging and don't read the requirements so when the app fails and it tells them it's failing because you need to install the Tunnel app they ignore it and remove the app.  OK venting done.  Can you utilize the WS1 SDK to bake in tunneling (not proxy) capabilities where the app will work like VMWare Web and just tunnel in automatically without additional apps being installed?  What is the best way to do this?

Thanks.

Steve

Labels (1)
0 Kudos
5 Replies
bp16
Contributor
Contributor

Why not just push out the tunnel app and tunnel profile to these devices from the web console?

0 Kudos
syarbrou
Enthusiast
Enthusiast

You know, that has come up a number of times.  There were a couple reasons why I haven't opted to do that:

1. I am trying to get adoption of MDM on BYOD and felt that force installing anything on their device may return a negative response as opposed to giving them the choice.

2. We only have one app that uses Tunnel today so auto installing it seemed overkill if the user didn't opt to use that one app.

Thanks.

Steve

0 Kudos
bp16
Contributor
Contributor

Went through the same thing myself. Decision in the end was anyone who wants access to company resources on their phone needs to mdm managed.

0 Kudos
chengtmskcc
Expert
Expert

We are in a similar boat where accessing any MS O365 apps on Android Enterprise enrolled device will also require the use of the VMware Tunnel app due to the authentication requirement. The chance of users calling in to complain about apps not working would be a lot higher than those who complain the app being installed automatically for their 'benefits'.

0 Kudos
AntonThirifays
Enthusiast
Enthusiast

Hi Syarbrou,

Tunnel leverages per-app VPN. For this to work, you'll need the tunnel app. This would be the same if you used Palo Alto or F5 appliances for instance for the same purpose, in which case you'd have to install and launch on the clients the GlobalProtect Mobile app for Palo Alto or the F5 Access app for F5.

VMWare Web leverages the WS1 SDK to connect to internal resources, the connection is hence different as you go through your MAG / UAG to connect to backends in that case.

Hope it  helps

Anton

0 Kudos