Deploying Unified Access Gateway Appliance

You will be using the PowerShell script to deploy the Unified Access Gateway using an .ini file that has already been configured with you to setup a similar configuration to what you configured in Module 3 as a starting point.  You will use this starting point to configure Kerberos Delegation and Identity Bridging.

1. Open PowerShell window

Open PowerShell

Click on the PowerShell icon

2. Deploying Unified Access Gateway Appliance via PowerShell

Running the script

As the scripts starts a couple questions will be asked, follow the steps below in order to provide the correct information.

  1. Enter cd 'C:\Users\Administrator\Documents\HOL\Unified Access Gateway' then press ENTER.
  2. Enter .\uagdeploy.ps1 .\uag-ReverseProxy.ini VMware1! VMware1! false false no then press ENTER.
    The first VMware1! is the root password for the Unified Access Gateway appliance.
    The second VMware1! is the admin password for the REST API management access.
    The first false is to NOT skip the validation of signature and certificate.
    The second false is to NOT skip SSL verification for the vSphere connection.
    The no is to NOT join the VMware CEIP program.
  3. Enter VMware1! as the password for the SSLcert and SSLcertAdmin fields when prompted.

To avoid password request for the certificate, remove the pfxCerts values and provide a PEM certificate, set the pemCerts and pemPrivKey for the SSLCert and SSLCertAdmin sections of the INI file.

The deployment starts and you can follow the progress on the same window or on your vSphere Web Client.

3. Confirm the PowerShell Script Deployment Completes

Deployment finished
  1. Confirm the Unified Access Gateway deployment completed successfully.  The Completed successfully text will be shown in the output.
  2. Click Close.

After successfully finalized the deployment the script will automatic Power on the VM UAG-2NIC.

The Received IP address presented by the script log is a temporary IP, the final IPs for NIC one and NIC two will be assigned to the Unified Access Gateway appliance during the first start. You can return to the vSphere Web Client to validate that as described on the next step.

NOTE: Deploying the Unified Access Gateway may take a several minutes to complete.  Please be patient while the task is fully completed.

4. Validating the deployment

Validating UAG Appliance status

Return to the VMware vSphere Web Client in Google Chrome.

  1. Click on the VM and Templates tab.
  2. Click on UAG-2NIC.
  3. Click the Summary tab.
  4. Click on View all 2 IP addresses.
  5. Confirm the IP Addresses listed are 192.168.110.160 and 192.168.120.160.  
    These are the IPs you specified in the INI file used by the PowerShell script.
  6. The the IP Addresses have not populated, you may need to click the Refresh button and check again.

NOTE: In case the Unified Access Gateway appliance has not finalized the configuration during the first startup, you will receive a error message from vSphere Web Client.  If this happens, wait for the Appliance to finish deploying and refresh the whole Chrome Browser.

You will continue with configuring Kerberos and other tasks while you wait for the Unified Access Gateway appliance to finish deploying and enabling the various services that were configured as part of the PowerShell deployment.

0 Comments

Add your comment

E-Mail me when someone replies to this comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.