Preparing the INI File for Deployment
You now learn how the INI file is used to deploy and configure a Unified Access Gateway using PowerShell and how to edit the contents of the INI file for your Unified Access Gateway deployments.
1. Configuring the General Deployment Settings
A INI file containing all the configuration settings is required to deploy the Unified Access Gateway appliance.
In this exercise, you use the uag-2NIC.ini file and fill out the respective parameters for your deployment.
You deploy a new Unified Access Gateway appliance called UAG02, which has two NICs where NIC one is Internet-facing and NIC two for backend and management.
1.1. Open the UAG-2NIC.ini File for Editing
- Click the File Explorer icon on the task bar.
- Click Desktop.
- Click UAG Resources.
- Right-click the uag-2NIC.ini file.
- Click Edit with Notepad++.
1.2. General Settings (1/2)
On the General section, provide the following settings on the INI file:
UAG02for the name field.
- Enter the path and name of the OVA File for the source parameter, the OVA file located on
C:\Users\Administrator\Desktop\UAG Resources\UAG Files.
vi://[email protected]:[email protected]/Nested_Datacenter/host/Host_Clusterfor the target field.
Note: You can replace 'VMware1!' with 'PASSWORD' and the script will prompt for the password during the PowerShell execution.
thinfor the diskmode field.
datastore2_ESXi01for the ds field (ds refers to data store).
twonicfor the deploymentOption field.
1.3. General Settings (2/2)
Continuing the General section configuration, set the following values for the parameters on the INI file:
STATICV4for the ipMode field.
192.168.110.1for the defaultGateway field.
192.168.110.10for the dns field.
192.168.110.20for the ip0 field.
Note: ip0 is the Internet-facing NIC.
172.16.0.20for the ip1 field.
Note: ip1 is the internally facing NIC.
255.255.255.0for the netmask0 and netmask1 fields.
DMZ_VM_DPortGroupfor the netInternet field.
Internal_VM_DPortGroupfor the netManagementNetwork and netBackendNetwork fields.
1.4. Configuring TLS/SSL Certificates for Unified Access Gateway Appliance
The SSLCert and SSLCertAdmin contain the information regarding the SSL Certificated for the administration and Internet interfaces.
C:\AW Tools\airwlab.com.pfxfor the pfxCerts field under SSLCert (this certificate is for the Internet interface).
C:\AW Tools\airwlab.com.pfxfor the pfxCerts field under SSLCertAdmin (this certificate is for the administration interface).
The certificate password is requested during the deployment.
1.5. License Edition
VMware Unified Access Gateway is offered in three editions based on the Horizon or Workspace ONE licenses, each Unified Access Gateway edition includes the following features:
- Edge service - Horizon, Content Gateway and Tunnel Edge Service.
- Pass through - No edge authentication.
- TLS Port sharing.
- All features from Standard Edition
- Identity Bridging - Cert and SAML to Kerberos / Headers.
- DMZ AuthN / Edge auth- user and device auth - Certificate/Smart Card, SecurID, RADIUS.
- Web Reverse Proxy - without AuthN.
- All features from Advanced Edition
- High Availability
- End Point Compliance
- Web Reverse proxy - with AuthN
For this deployment
licenseEdition=Enterprise is set on the INI file under [General] section, as this will be the license used on this exercise.