iOS Tunnel 1.2 is unable to connect to internal resources on AirWatch 7.3 and 8.0 environments - Resolved in AirWatch 8.0 FP8 and 8.1

Symptoms

This issue affects AirWatch 7.3 and AirWatch 8.0 prior to 8.0 FP8. Any iOS device that has AirWatch Tunnel v1.2, whether it is a new enrollment or updated directly from another version, fails to connect to internal resources.

Resolution

This issue has been given identifier IVPN-192. This issue has been resolved with version 8.0 FP8 and 8.1 of the AirWatch Admin Console and Tunnel Server.

This issue can be resolved in AirWatch 7.3 and versions of AirWatch prior to 8.0 FP8 by performing the following steps.  Note that all commands list below must be executed as root/sudo, and then if the Tunnel is upgraded or reinstalled to a version that is below 8.0 FP8, the steps must be performed again.

 

For AirWatch 8.0:

  • Download the attached vpnserv.zip file
  • Extract the vpnserv_8_0 file and upload it to the Tunnel Server.  DO NOT upload this file directly to the path /opt/airwatch/vpnd/
  • Rename the vpnserv_8_0 file to vpnserv
  • Navigate to the directory in which you just uploaded the new vpnserv file
  • Modify the owner and group of the file by executing the following command:
     chown nobody:nobody vpnserv
  • Modify the permissions of the file by executing the following command:
     chmod 700 vpnserv
  • Stop vpnd services by executing the following command:
     stop vpnd
  • Rename the existing vpnserv file by executing the following command:
     mv /opt/airwatch/vpnd/vpnserv /opt/airwatch/vpnd/vpnserv.old
  • Copy the new file to the appropriate directory:
     cp <path of new vpnserv file> /opt/airwatch/vpnd/vpnserv
  • Start vpnd services by executing the following command:
     start vpnd

 

For AirWatch 7.3:

  • Download the attached vpnserv.zip file
  • Extract the vpnserv_7_3 file and upload it to the Tunnel Server.  DO NOT upload this file directly to the path /opt/airwatch/vpnd/
  • Rename the vpnserv_7_3 file to vpnserv
  • Navigate to the directory in which you just uploaded the new vpnserv file
  • Modify the owner and group of the file by executing the following command:
     chown nobody:nobody vpnserv
  • Modify the permissions of the file by executing the following command:
     chmod 700 vpnserv
  • Stop vpnd services by executing the following command:
     stop vpnd
  • Rename the existing vpnserv file by executing the following command:
     mv /opt/airwatch/vpnd/vpnserv /opt/airwatch/vpnd/vpnserv.old
  • Copy the new file to the appropriate directory:
     cp <path of new vpnserv file> /opt/airwatch/vpnd/vpnserv
  • Edit the /opt/airwatch/vpnd/server.conf file by following the steps below:
    • Execute the following command to edit:
          vi /opt/airwatch/vpnd/server.conf
    • Find the line that matches the following:
          vpn_mode perapp
    • Press the "i" key to activate INSERT mode
    • Add ",tun" to the end of the line mentioned in the previous step so the text matches the following:
          vpn_mode perapp,tun
    • Deactivate INSERT mode by pressing the ESC button
    • Save the changes by typing "wq" and pressing the ENTER key
  • Start vpnd services by executing the following command:
     start vpnd

 

Have more questions? Submit a request

0 Comments

Article is closed for comments.