You must create a DNS entry to resolve a connection to a website through the Per-App VMware AirWatch Tunnel from Android and Windows 10 devices. When using the Basic configuration, the VMware AirWatch Tunnel server hosting the Per-App Tunnel component must be able to resolve the requests. If you are using the Relay-Endpoint configuration, the relay server must be able to resolve the request. Configure the resolution by either:
- Directly giving the host server or relay server access to the internal DNS.
- Deploying the dnsmasq service. See the Workaround for more information.
- Navigate to the /etc/hosts file on the AirWatch Tunnel server.
- Edit the file to add any websites you want to access through the AirWatch Tunnel.
- Verify the dnsmasq service is installed on the server.
- For CentOS/RHEL systems, execute the following command as a root/sudo user. This service is preinstalled on the AirWatch Tunnel appliance.
yum install dnsmasq
- By default, dnsmasq does not run automatically upon install or reboot of the system. Configure the service to run automatically.
- For CentOS/RHEL 7 or AirWatch Tunnel appliance, run these commands as a root/sudo user:
systemctl enable dnsmasq.service
systemctl start dnsmasq.service
- For CentOS/RHEL 6, run these commands as a root/sudo user:
service dnsmasq start
- Check with your Linux administrator on how to set the service to initialize every time the server is rebooted.
- Modify the parameters in the /opt/airwatch/tunnel/vpnd/server.conf file:
- Uncomment and enter the IP address of the Linux box that is hosting the Tunnel server.
- If applicable, uncomment and add secondary DNS server.
- Note: Do not use 127.0.0.1 or the localhost entry because it will cause the device to attempt to use itself to resolve the DNS entries.
- Restart the vpnd service.