Ok okkkkkk, I know that could be weird at first sight but I had a request from a customer to assist in the deployment of UAG 3.9 on Hyper-V in a “Dual DMZ” configuration.
The Back End UAG is deployed on vSphere but the the front-end should run on the DMZ hypervisors who are…. Windows 2019 Core / Hyper-V
So when we look at the files required to perform this installation we need to download 2 files :
- Unifed Access Gateway (UAG) 3.9 PowerShell scripts to get all scripts to deploy the appliance
- Unifed Access Gateway (UAG) 3.9 for Microsoft Azure to have .vhd file so Hyper-V disk format file.
Trying to deploy the .vhd with the script will failed,so the first thing to do is to convert the the .vhd to .vhdx using PowerShell :
And now we can edit the .ini file to deploy the Appliance as a Reverse Proxy for Horizon :
[General] # # UAG virtual appliance unique name (between 1 and 32 characters). # If name is not specified, the script will prompt for it. # name=MyUAG # # Full path filename of the UAG Hyper-V .vhdx virtual machine image # The file can be obtained from VMware # source=C:\UAGs\euc-unified-access-gateway-18.104.22.168-15751318_OVF10.vhdx # # Hyper-V datastore folder # ds=E:\Hyper-V\Virtual Hard Disks # # Hyper-V Network names. # netInternet=DMZ netManagementNetwork=Internal netBackendNetwork=Internal dns=22.214.171.124 defaultGateway=126.96.36.199 deploymentOption=twonic ip0=188.8.131.52 netmask0=255.255.255.0 ip1=192.168.56.78 netmask1=255.255.255.0 # # vSphere Network names. For pre 3.3 UAG versions, a vSphere Network Protocol Profile (NPP) must be associated with every referenced network name. This specifies # network settings such as IPv4 subnet mask, gateway etc. UAG 3.3 and newer no longer uses NPPs and so for static IPv4 addresses a netmask0, netmask1 and netmask2 # value must be specified for each NIC. Normally a defaultGateway setting is also required. # honorCipherOrder=true [WebReverseProxy1] instanceId=Horizon-WRP proxyDestinationUrl=https://<IP or FQDN of Back End UAG/LTM> proxyDestinationUrlThumbprints=sha1=4dcbd70edd4be8e4g1ac4b60b3c790603c8881c8 proxyPattern=(/broker/xml(.*)|/xmlapi(.*)|/ice/(.*)|/r/(.*)|/portal(.*)|/)
Once edited for our environment we can launch the deployment :
And check at the end that everything’s ok :