Preparing VMware Tunnel and Reverse Proxy INI Settings for Deployment

This section will cover the required INI settings to configure VMware Tunnel Service and Web Reverse Proxy during the Unified Access Gateway appliance deployment.

1. Configuring the General deployment settings

A INI file containing all the configuration settings required to deploy the Unified Access Gateway Appliance.

In this exercise you will use the uag-Cert-to-Kerberos file and fill out the respective parameters for your deployment.

You will be deploying a new Unified Access Gateway Appliance called UAG-CERT, that has two NICs where NIC one is set to internet facing and NIC two for Backend and management.

2. Open the UAG-Cert-to-Kerberos File for Editing

Editing UAG-2NIC.ini
  1. Click the File Explorer icon from the task bar.
  2. Click Desktop.
  3. Click UAG Resources.
  4. Right-click the uag-Cert-to-Kerberos file.
  5. Click Edit with Notepad++.

3. General and Network Settings (1/2)

General Settings 1/2

On the General section the settings are already filled out of you, which includes the settings related to the deployment location and network configuration of the Unified Access Gateway Appliance.

The SSLCert and SSLCertAdmin contain the information regarding the SSL Certificated for the Admin and Internet interfaces.

4. Configuring VMWare Tunnel Settings

AirWatch settings

Right below General Section, you will find the AirWatch section, which contain the required parameters to enable VMware Tunnel Edge Service on your Unified Access Gateway Appliance.

  1. Enter apiuser for the apiServerUsername.
  2. Enter  Group ID for the Organization Group defined for this exercise that you review during Find you Group ID section.
  3. Enter https://v9.airwlab.com for apiServerUrl.
  4. Enter https://pool##.airwlab.com for airwatchServerHostname - replace the URL with the one you received via e-mail.

During the Unified Access Gateway Deployment, the PowerShell scripts will ask you to enter the password for the apiServerUsername, which is VMware1!.

5. Validating Web Reverse Proxy Configuration

WRP

A Web Reverse Proxy instance called ITBUDGET is already added to your INI file, you will use this instance later to enable Identity Bridging and perform Certificate to Kerberos authentication.

6. Save changes to the uag-Cert-to-Kerberos INI File

Click the Save icon to save your changes.

0 Comments

Add your comment

E-Mail me when someone replies to this comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.