VMware Workspace ONE Community
EMMJunkie
Enthusiast
Enthusiast
‎08-07-2020 08:58 AM
Jump to solution

Network Ranges - Workspace ONE Access

Environment:

Workspace ONE is a Cloud based Tenant and I have a Connector v19.03 installed ingesting AD Users/Groups + Horizon entitlements.

Have created 2 x Network Ranges within Workspace ONE Access, as per the attached file.

have a single access policy (default) as per the attached file.

Use Case:

Looking to have users that access Workspace ONE internally regardless of device type to use Username/Password.

Looking to have users that access Workspace ONE externally regardless of device type to use Username/Password + VMware Verify.

Acctual:

If a user logs in and they are on the internal network, they do get to use Username/Password with no problem at all.

A user on the external network, tries to access Workspace ONE, they get redirected to. the connector internal URL, why would this happen?

Labels (1)
Labels
Preview file
104 KB
Preview file
104 KB
0 Kudos
1 Solution

Accepted Solutions
EMMJunkie
Enthusiast
Enthusiast
‎08-09-2020 03:55 PM
Jump to solution

Managed to work out the Network Ranges for a SaaS instance of Workspace ONE Access, from an internal network and external network perspective *External = Internet*

Setup internal and external network:

The internal network was actually my network external IP address (ISP Address), with an amended Built-in Identity Provider and an amended WorkspaceIDP, and for the policy for internal, I had to include Password for Cloud Deployment for authentication, as I was just looking for username/password.

The external network was using the default Network Range, with an amended Built-in Identity Provider and an amended WorkspaceIDP, and for the policy for external, I had to include Password for Cloud Deployment + VMware Verify authentication, as I was looking for username/password + a 2nd factor.

Attachments added for information.

View solution in original post

Preview file
45 KB
Preview file
42 KB
Preview file
36 KB
0 Kudos
1 Reply
EMMJunkie
Enthusiast
Enthusiast
‎08-09-2020 03:55 PM
Jump to solution

Managed to work out the Network Ranges for a SaaS instance of Workspace ONE Access, from an internal network and external network perspective *External = Internet*

Setup internal and external network:

The internal network was actually my network external IP address (ISP Address), with an amended Built-in Identity Provider and an amended WorkspaceIDP, and for the policy for internal, I had to include Password for Cloud Deployment for authentication, as I was just looking for username/password.

The external network was using the default Network Range, with an amended Built-in Identity Provider and an amended WorkspaceIDP, and for the policy for external, I had to include Password for Cloud Deployment + VMware Verify authentication, as I was looking for username/password + a 2nd factor.

Attachments added for information.

Preview file
45 KB
Preview file
42 KB
Preview file
36 KB
0 Kudos