Communication between Zscaler and VMware AirWatch
Communication between Zscaler and AirWatch enables Zscaler service to automatically push the VPN profile, containing the iOS policy, that you configured in the Zscaler App Portal to the AirWatch service. You can then use the AirWatch console to push the VPN profile to iOS devices in your organization, ensuring enforcement of the iOS policy from the Zscaler App Portal.
If you update your iOS policy in the Zscaler App Portal, you must use the AirWatch Admin Console to push the updated VPN profile containing the updated policy to your iOS devices.
Following requirements must be met before configuring:
- AirWatch must be deployed.
- All configurations related to user or group and enrollment must be completed.
- Ensure that you have configured an iOS policy for your organization in the Zscaler App Portal.
This article provides details about the following three processes that are essential for establishing communication between Zscaler and AirWatch.
- Retrieving API key from the AirWatch Console
- Configuring AirWatch in the Zscaler App portal and retrieving Mobile Admin information
- Entering Zscaler Mobile Admin information in the AirWatch Admin Console
Retrieving API key from the AirWatch Console
Perform the following steps to retrieve the API key from the AirWatch Admin Console:
1. Log in to the AirWatch MDM Console.
2. Navigate to Group & Settings > All Settings > System > Advanced > API > Rest API.
3. Note the API Key corresponding to the AirWatchAPI Service. This API key would be required while configuring AirWatch in the Zscaler App portal.
Configuring AirWatch in the Zscaler App portal and retrieving Mobile Admin information
Perform the following to configure AirWatch in the Zscaler App portal and retrieve Mobile Admin information:
1. Navigate to Policy > Zscaler App Portal in the Zscaler admin portal.
2. Select the Administration tab.
3. Select AirWatch Configuration. This option is seen only if Zscaler has enabled AirWatch integration for the concerned organization.
4. Fill the fields described in the table below.
|AirWatch API Key||Paste the API key retrieved from the AirWatch MDM console (previous procedure).|
|AirWatch UserName||Enter the user name that you use to log into the AirWatch MDM console.|
|AirWatch Password||Enter the password that you use to log into the AirWatch MDM console. If the AirWatch profile password is changed, the password in the Zscaler App Portal must be changed as well.|
|Mobile Admin URL||Automatically populated by the Zscaler service. Mobile Admin URL is associated with the URL of the Zscaler admin portal.|
|Username||Automatically populated by the Zscaler service. Mobile Admin Username is prepopulated with newconnect@ and the domain name of your organization. If your organization's domain name is acme.com, in Mobile Admin Username, you can see firstname.lastname@example.org.|
|Mobile Admin Password||Enter a password of your choice.|
5. Select Save.
Entering Zscaler Mobile Admin information in the AirWatch console
Perform the following steps to enter the Zscaler Mobile Admin information in the AirWatch Admin Console:
1. Navigate to Devices > Profiles > List View > ADD > Add Profile in the AirWatch Admin Console.
2. Select Apple iOS as the required platform. Add a New Apple iOS Profile page opens.
3. Fill the required fields under the General tab.
4. Select the VPN payload and then select Configure.
5. Under Connection Info, select Websense as the Connection Type. Websense can be configured correctly by providing valid credentials. For more information on Websense and AirWatch communication, refer to the Websense Knowledge Base Article. Make sure to fill in the fields mentioned in the table below.
|Server||Enter the URL retrieved from the Mobile Admin URL field of the Zscaper App portal.|
|Username||Enter the user name retrieved from the Mobile Admin URL field of the Zscaper App portal.|
|Password||Enter the pass word you entered in Mobile Admin Password field of the Zscaper App portal.|
6. Select Save & Publish.