Deploying Unified Access Gateway Appliance

Now that you have configured the ini file for your UAG deployment, you will run the uagdeploy.ps1 PowerShell script and provide this ini file as the configuration to automate the deployment.

1. Open PowerShell window

Open PowerShell

Click on the PowerShell icon

2. Deploying Unified Access Gateway Appliance via PowerShell

Running the script

As the scripts starts a couple questions will be asked, follow the steps below in order to provide the correct information.

  1. Enter cd '.\Desktop\UAG Resources' then press ENTER.
  2. Enter .\uagdeploy.ps1 .\uag-Cert-to-Kerberos.ini VMware1! VMware1! false false no then press ENTER.The first VMware1! is the root password for the UAG appliance
    The second VMware1! is the admin password for the REST API management access
    The first false is to NOT skip the validation of signature and certificate
    The second false is to NOT skip SSL verification for the vSphere connection
    The no is to not join the VMware CEIP program
  3. Enter AirWatch as the password for the SSLcert and SSLcertAdmin fields when prompted.
  4. Enter VMware1! as the password to access AirWatch API

To avoid password request for the certificate, remove the pfxCerts values and provide a PEM certificate, set the pemCerts and pemPrivKey for the SSLCert and SSLCertAdmin sections of the INI file.

The deployment starts and you can follow the progress on the same window or on your vSphere Web Client.

3. Confirm the PowerShell Script Deployment Completes

Deployment finished
  1. Confirm the UAG deployment completed successfully.  The Completed successfully text will be shown in the output.
  2. Click Close.

After successfully finalized the deployment the script will automatic Power on the VM UAG-CERT.

The Received IP address presented by the script log is a temporary IP, the final IPs for NIC one and NIC two will be assigned to the UAG appliance during the first start. You can return to the vSphere Web Client to validate that as described on the next step.

4. Validate Unified Access Gateway Deployment

Validating UAG Appliance status

Return to the vSphere Web Client tab in Google Chrome.

  1. If you do not see the UAG-CERT VM under Nested_Datacenter, you may need to click Refresh.
  2. Click on UAG-CERT.
  3. Click the Summary tab.
  4. Click on View all 2 IP addresses.
  5. The IP Addresses should show:
    192.168.110.20
    172.16.0.20

Note - In case the UAG appliance have not finalized the configuration during the first startup, you will receive a error message from vSphere Web Client.  If that happen wait for the Appliance to finalized and refresh the whole Chrome Browser.

5. Login on UAG Admin UI

UAG Admin UI Login
  1. Click the New Tab button to open a new tab
  2. Browse to https://uagmgt-int.airwlab.com:9443/admin or click on the UAG Internal Admin Console bookmark
  3. Enter admin for the username
  4. Enter VMware1! for the password (created for the Admin API in Deploy OVF Wizard)
  5. Click Login

6. Validate Configuration Settings

Select Configuration Settings

A successful login will redirect you to the following screen.

Click Select

7. Confirm ITBUDGET Reverse Proxy Instance is Running

General Settings

Following the steps below to see that a Web Reverse Proxy instance named ITBUDGET has been automatically configured, later you will enable Identity Bridging feature for this Instance.

  1. Click SHOW, after you click it will switch to HIDE
  2. Click on the arrow down

NOTE: It will take a couple minutes for the VMware Tunnel Service to come up and show Green on this screen.

8. Testing Tunnel Proxy Connection

Open All Settings

Return to Workspace ONE UEM Console to perform a Test Connection between Tunnel Proxy and Workspace ONE UEM API, AWCM and Device Service.

  1. Click on Groups & Settings.
  2. Click on All Settings,

 

8.1. Perform Test Connection for Tunnel Proxy

Configure the VMware Tunnel settings
  1. Click System
  2. Click Enterprise Integration
  3. Click VMware Tunnel
  4. Click Configuration
  5. Click Test Connection

8.2. Test Connection Result

Test Connection

If you see all test connection results green, your environment is correctly setup and you are read to move to the next step.  Click Cancel or the X button to close the screen.

0 Comments

Add your comment

E-Mail me when someone replies to this comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.