Unified Access Gateway Deployment via vSphere Admin UI

In this section, you explore the vSphere Admin UI and learn how to deploy an OVF Template by configuring the necessary fields for the Unified Access Gateway. You deploy the Unified Access Gateway in a Single NIC configuration, meaning that the Internet-facing, internal-facing, and management networks all reside on a single NIC.

1. Deploying the OVF Template

Deploying UAG OVF Template
  1. Click the VMs and Templates button.
  2. Right-click the vSphere Appliance named vc.corp.local.
  3. Click Deploy OVF Template...

2. Uploading OVF Template

Uploading OVF Template
  1. Select Local File.
  2. Click Browse.

2.1. Select the OVF File

Select OVF
  1. Click Desktop.
  2. Click UAG Resources.
  3. Click UAG Files.
  4. Select the euc-unified-access-gateway-3.4.#.#-#####.ovf file.
  5. Click Open.

2.2. Continue after OVF File Selected


Click Next.

3. Select Name and Location

Select Name and Location
  1. Select Nested_Datacenter.
  2. Click Next.

4. Select a Resource

Select a resource
  1. Select Host_Cluster.
  2. Click Next.

5. Review Details

Review details

Review the details here. These items are updated as you complete the OVF Template wizard.

Click Next.

6. Select Configuration

Select configuration
  1. Select Single NIC.
  2. Click Next.

Note: The dropdown menu provides a short description of each configuration and sizing of the Unified Access Gateway VM. In this exercise, the Single NIC configuration means that all traffic to the Unified Access Gateway is received on the same interface regardless of the source, and the Admin UI runs on the same NIC over port 9443.

Selecting Two NICs directs traffic from external networks to the public interface, and traffic from within the network to an internal interface. The Admin UI runs on the same internal interface.

Selecting Three NICs directs traffic from external networks to the public interface, and traffic from within the network to an internal interface. In this configuration, the Admin UI runs on a separate, dedicated Network Interface. When selecting multiple NICs, you must then configure the corresponding network values for each NIC in the Setup Networks and Customize Template sections later in the wizard.

Users who require multiple NICs typically follow this same protocol for other web application servers within their organization. For more information on deploying the Unified Access Gateway with multiple NICs, see Deploying and Configuring VMware Unified Access Gateway.

7. Select Storage

Select storage
  1. Select Thin provision.
  2. Select datastore2_ESXi01.
  3. Select Next.

8. Select Networks

Select networks
  1. For this appliance, select DMZ_VM_DPortGroup for the destination of each source.
  2. Click Next.

Note: A Single NIC configuration was already selected, meaning the Internet, management, and backend traffic all go through a Single NIC. However, this step of the wizard asks for three destination networks, which leads to some confusion when you are configuring the Unified Access Gateway for the first time. Since this is a single NIC deployment, you just need to select the same network for all the source networks.

9. Customize Template 1 of 5

Customize Template 1 of 4
  1. Uncheck the Join CEIP check box.
  2. Click the Networking Properties dropdown arrow.
  3. Scroll down.

10. Customize Template 2 of 5

Customize Template 2 of 4
  1. Enter for DNS server addresses.
  2. Enter STATICV4 for IPMode.
  3. Enter for Default Gateway address.
  4. Enter for the NIC 1 (eth0) IPv4 address.
  5. Scroll down.

11. Customize Template 3 of 5

Customize Template 3 of 4
  1. Enter for NIC1 (eth0) IPv4 netmask.
  2. Enter UAG01 for the Unified Gateway Appliance Name.
  3. Click Password Options.
  4. Scroll down.

12. Customize Template 4 of 5

Customize Template 5 of 4
  1. Enter VMware1! for the admin user, which enabled REST API access.
  2. Reenter VMware1! to confirm the password.
  3. Enter VMware1! for the root user password of the UAG VM.
  4. Reenter VMware1! to confirm the password.
  5. Click Next.

13. Customize Template 5 of 5

Select License Edition
  1. Select Enterprise as UAG edition to deploy
  2. Click Next

VMware Unified Access Gateway is offered in three editions based on the Horizon or Workspace ONE licenses, each Unified Access Gateway edition includes the following features:

  • Standard
    • Edge service - Horizon, Content Gateway and Tunnel Edge Service.
    • Pass through - No edge authentication.
    • TLS Port sharing.
  • Advanced
    • All features from Standard Edition
    • Identity Bridging - Cert and SAML to Kerberos / Headers.
    • DMZ AuthN / Edge auth- user and device auth - Certificate/Smart Card, SecurID, RADIUS.
    • Web Reverse Proxy - without AuthN.
  • Enterprise
    • All features from Advanced Edition
    • High Availability
    • End Point Compliance
    • Web Reverse proxy - with AuthN

14. Ready to Complete

Ready to complete

Review all the settings entered in the Network Mapping and Properties to ensure there are no errors.

Click Finish.

15. Accessing the Task Console

Accessing the Task Console

You can follow the status of the OVF deployment through the Task Console.

  1. Click the Home icon.
  2. Click Tasks.

16. Monitoring OVF Import and Deployment

Monitoring OVF Import and Deployment
  1. Wait until the Deploy OVF package and Deploy OVF Template complete.
  2. Click Back.

16.1. Handling a Failed OVF Deploy (If Needed)

Deployment error

If your Import OVF package task fails with the error "Failed to deploy OVF package" on the Tasks Console, you should restart the deployment by returning to step Deploying the OVF Template.

17. Power on Unified Access Gateway Appliance

Power on UAG Appliance
  1. Select the euc-unified-access-gateway-xxxx virtual machine.
  2. Click the Power on icon.
  3. Click the Refresh icon.
  4. The UAG VM Screen becomes blue as soon the initialization finishes.
  5. The IP address will be assigned to this VM.

Note: Do NOT continue to the next step until the VM receives the associated IP address!  This may take 1-2 minutes.


Add your comment

E-Mail me when someone replies to this comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.