Running VMware Unified Access Gateway on Hyper-V

Ok okkkkkk, I know that could be weird at first sight but I had a request from a customer to assist in the deployment of UAG 3.9 on Hyper-V in a “Dual DMZ” configuration.

The Back End UAG is deployed on vSphere but the the front-end should run on the DMZ hypervisors who are…. Windows 2019 Core / Hyper-V

So when we look at the files required to perform this installation we need to download 2 files :

  • Unifed Access Gateway (UAG) 3.9 PowerShell scripts to get all scripts to deploy the appliance
  • Unifed Access Gateway (UAG) 3.9 for Microsoft Azure to have .vhd file so Hyper-V disk format file.

Trying to deploy the .vhd with the script will failed,so the first thing to do is to convert the the .vhd to .vhdx using PowerShell :

And now we can edit the .ini file to deploy the Appliance as a Reverse Proxy for Horizon :

[General]
#
# UAG virtual appliance unique name (between 1 and 32 characters).
# If name is not specified, the script will prompt for it.
#
name=MyUAG
#
# Full path filename of the UAG Hyper-V .vhdx virtual machine image
# The file can be obtained from VMware
#
source=C:\UAGs\euc-unified-access-gateway-3.9.0.0-15751318_OVF10.vhdx
#
# Hyper-V datastore folder
#
ds=E:\Hyper-V\Virtual Hard Disks
#
# Hyper-V Network names.
#
netInternet=DMZ
netManagementNetwork=Internal
netBackendNetwork=Internal

dns=172.34.56.10
defaultGateway=172.34.56.254
deploymentOption=twonic

ip0=172.34.56.78
netmask0=255.255.255.0

ip1=192.168.56.78
netmask1=255.255.255.0
#
# vSphere Network names. For pre 3.3 UAG versions, a vSphere Network Protocol Profile (NPP) must be associated with every referenced network name. This specifies
# network settings such as IPv4 subnet mask, gateway etc. UAG 3.3 and newer no longer uses NPPs and so for static IPv4 addresses a netmask0, netmask1 and netmask2
# value must be specified for each NIC. Normally a defaultGateway setting is also required.
#

honorCipherOrder=true

[WebReverseProxy1]
instanceId=Horizon-WRP
proxyDestinationUrl=https://<IP or FQDN of Back End UAG/LTM>
proxyDestinationUrlThumbprints=sha1=4dcbd70edd4be8e4g1ac4b60b3c790603c8881c8
proxyPattern=(/broker/xml(.*)|/xmlapi(.*)|/ice/(.*)|/r/(.*)|/portal(.*)|/)

Once edited for our environment we can launch the deployment :

And check at the end that everything’s ok :

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *