Deploying the Unified Access Gateway Appliances

Now that you had reviewed the INI files for both Unified Access Gateway deployments, you can run the uagdeploy.ps1 Powershell script to deploy each appliance.

Since you are deploying two appliances, the script will be executed twice, passing the correspondent INI file for each deployment.

1. Launch PowerShell

Launch PowerShell window

Click the PowerShell icon located on the Windows task bar.

 

2. Navigate to the Unified Access Gateway Resources Directory

Navigating to the UAG Directory

Navigate to the Unified Access Gateway Resources Directory under the desktop user folder by entering cd '.\Desktop\UAG Resources' and then press Enter.

3. Deploying UAG-HA1 appliance

Running the script

As the script starts, a couple of questions ask you to provide the following information.

  1. Enter .\uagdeploy.ps1 .\uag-HA1.ini VMware1! VMware1! false false no
  2. The first VMware1! is the root password for the Unified Access Gateway appliance.
    The second VMware1! is the admin password for the REST API management access.
    The first false is to NOT skip the validation of signature and certificate.
    The second false is to NOT skip SSL verification for the vSphere connection.
    The no is to not join the VMware CEIP program.
  3. Enter A1rW@tch! as the password for the SSLcert and SSLcertAdmin fields when prompted.

To avoid a password request for the certificate, remove the pfxCerts values and provide a PEM certificate, and set the pemCerts and pemPrivKey for the SSLCert and SSLCertAdmin sections of the INI file.

The deployment will begin and you can follow the progress in the same window or in your vSphere Web Client, which you opened at the beginning of this set of exercises.

4. Confirm that the PowerShell Script Deployment Completes for UAG-HA1

Deployment finished

After successfully finalizing the deployment, the script will automatically power on the UAG-HA1 VM.

The Received IP address presented by the script log is a temporary IP. The final IPs for NIC 1 and NIC2 are assigned to the Unified Access Gateway appliance during the first boot. You can return to the vSphere Web Client to validate that as described in the next step.

5. Deploying UAG-2 appliance

Running the script

Now, you will deploy the second appliance, called UAG-HA2, passing the uag-HA2.ini file as parameter.

  1. Enter .\uagdeploy.ps1 .\uag-HA2.ini VMware1! VMware1! false false no
  2. The first VMware1! is the root password for the Unified Access Gateway appliance.
    The second VMware1! is the admin password for the REST API management access.
    The first false is to NOT skip the validation of signature and certificate.
    The second false is to NOT skip SSL verification for the vSphere connection.
    The no is to not join the VMware CEIP program.
  3. Enter A1rW@tch! as the password for the SSLcert and SSLcertAdmin fields when prompted.

To avoid a password request for the certificate, remove the pfxCerts values and provide a PEM certificate, and set the pemCerts and pemPrivKey for the SSLCert and SSLCertAdmin sections of the INI file.

The deployment starts and you can follow the progress on the same window or on your vSphere Web Client, which you opened at the beginning of this set of exercises.

6. Validate the Deployment

Validating UAG Appliance status
  1. Click VM and Templates.
  2. Click UAG-HA1.
  3. Click View all 2 IP addresses.  Note the IP Addresses displayed for the VM.

Repeat steps #2 and #3 for UAG-HA2, the IP addresses for this appliance should be different from UAG-HA1.

Note: If the Unified Access Gateway appliance does not finalize the configuration during the first startup, you receive an error message from vSphere Web Client. If that happens, wait for the appliance to finalize, and refresh the entire Google Chrome browser.

7. Log In to the Unified Access Gateway Administration Console

UAG Admin UI Login
  1. Click the New Tab button to open a new tab.
  2. Browse to https://uagha-1.airwlab.com:9443/admin or click the UAG Internal Admin Console bookmark.
  3. Enter admin for the username.
  4. Enter VMware1! for the password (created for the Admin API in the Deploy OVF Wizard).
  5. Click Login.
  6. Repeat steps 1-5, opening a new tab and log in on the second appliance using the following URL https://uagha-2.airwlab.com:9443/admin

8. Confirm the Unified Access Gateway Administration Console Login on the Internal Network

Succesfull login

A successful login redirects you to the following screen on both Appliances, where you can import settings or manually configure the Unified Access Gateway appliance individually.

  1. Click Select under Configure Manually in the UAGHA-1 administration console.
  2. Click the tab to return to the UAGHA-2 administration console.
  3. Click Select under Configure Manually in the UAGHA-2 administration console.

0 Comments

Add your comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.