Configuring Web Reverse Proxy to access non-SSL website (HTTP/Port 80)

At this point, the Unified Access Gateway has been deployed and you are able to access the Unified Access Gateway administration console to add and change configurations of your Unified Access Gateway appliance.

This exercise shows you how Unified Access Gateway can be used as a Web reverse proxy, and can act as either a plain reverse proxy or an authenticating reverse proxy in the DMZ. In this exercise, you learn how to set up a plain reverse proxy.

1. Access to the Reverse Proxy Settings

Acessing Reverse Proxy Settings
  1. Click the Show toggle by Edge Service Settings, clicking on it will cause it to switch to Hide.
  2. Click the Gear icon next to Reverse Proxy Settings.

1.1. Add Reverse Proxy Settings

Adding Reverse Proxy Settings

Our goal on this chapter is to enable external access to the Intranet website through the Unified Access Gateway Appliance, using the Reverse Proxy feature.

Click Add to create a new reverse proxy instance in to the reverse proxy settings, that instance will contain the configuration required to access the intranet.

1.2. Define Features Used by Reverse Proxy

Enabling Reverse Proxy Settings

In this step, click Enable Reverse Proxy Settings only. The toggle will switch to YES.

The Unified Access Gateway identity bridging feature can be configured to provide single sign-on (SSO) to legacy Web applications that use Kerberos Constrained Delegation (KCD) or header-based authentication. You will not enable this feature in this exercise, but will be covered in the following module.

1.3. Configuring Intranet Reverse Proxy Settings

Configuring Intranet settings for Reverse Proxy
  1. Enter intranet for the Instance Id, which is a unique name to identify and differentiate a Web reverse proxy instance from all other Web reverse proxy instances.
  2. Enter http://intranet.corp.local for Proxy Destination URL, which represent the address of the Web Application.
  3. Enter (|/intranet(.*)|) for Proxy Pattern, which specifies that the matching URI paths will forward to the destination URL.
  4. Click Save

Additional parameters can be configured for this type of reverse proxy, more information available here.

1.4. Close the Reverse Proxy Settings

Configuration saved sucessfully

Click Close.

2. Validating Reverse Proxy Configuration

Validating reverse proxy configuration for intranet
  1. Click on the arrow down for the Reverse Proxy Settings
  2. Click on the refresh icon for the Edge Service Settings
  3. Confirm the intranet proxy status is GREEN

After you added the reverse proxy settings for intranet, the Unified Access Gateway appliance tests the communication between appliance and intranet and the status turn GREEN if a connection is possible, otherwise it will show RED.

NOTE - It may take a few minutes for the intranet proxy to show as GREEN.  If you do not see it, click the refresh icon in Step #2 until you see the status change to either GREEN or RED.

3. Access Intranet through Reverse Proxy

Intranet access through Reverse Proxy
  1. Click the New Tab button to open a new tab.
  2. Enter https://uag-internet.corp.local/intranet/ in the address bar and press ENTER.
    NOTE: The uag-internet.corp.local hostname resolves to the Internet facing NIC that you deployed the Unified Access Gateway on (

The result is a sample intranet page hosted on an internal IIS Server.

  • Access to the intranet site is going through UAG over port 443 as result of the TLS port sharing configuration enabled by default during deployment.
  • Access to the Admin UI is going through UAG port 9443 to uag-intranet.corp.local (


Add your comment

E-Mail me when someone replies to this comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.