VMware Unified Access Gateway – High Availability

Release date: May 12th 2019

Welcome to my VMware Unified Access Gateway series. This topic will cover setting up High Availability. In order to achieve HA, I will deploy a second UAG. I first make a copy of the ini-file, which I adjust with different network settings. I use this new ini-file when I deploy my second UAG. Before I begin, I will create a DNS-record for my new UAG

UAG_HA-01

 

I make a copy of my existing ini-file and edit it prior to deploying a new UAG. As I mentioned previously, although I originally design and planned for a 3 nic deployment, I will only use two nics due to the fact that I don’t have a management VLAN/PG in my lab.

UAG_HA-02

 

The deployment and configuration is very much the same procedure as I used with my primary UAG.

Before I start deployment in powershell I set ExecutionPolicy to unrestricted:

“Set-ExecutionPolicy Unrestricted”

To start the deployment I run this command:

“.\uagdeploy.ps1 .\view-uag02.ini PASSWORD PASSWORD false false no”

UAG_HA-03

 

After deployment, I power up the appliance.

UAG_HA-04

 

Next I verify the ip-address and connectivity

UAG_HA-06

UAG_HA-05

 

Next, I log in to the Admin-gui: https://172.16.0.76:9443/admin with the password I set during deployment: admin/PASSWORD

UAG_HA-07

 

The first time I log in I will be asked to change the password I used during deployment: “PASSWORD”

UAG_HA-08

UAG_HA-09

 

Once the password is changed, I select Configure Manually

UAG_HA-10

 

The first thing I want to configure is the UAG Name, this is done within System Configuration

UAG_HA-11

UAG_HA-12

 

Next I verify the network settings I configured in my ini-file

UAG_HA-13

UAG_HA-14

 

If I click show on the Edge Service Settings, I can verify my Horizon Settings

UAG_HA-15

UAG_HA-16

UAG_HA-17

 

To configure HA, I select the High Availability Settings

UAG_HA-18

 

I enter the Virtual IP i decided on during planning. I also enter the Group ID: 1. I enter these settings on UAG1 afterwards.

UAG_HA-19

 

I also register this UAG as a gateway in Horizon. In the Servers-section under View Configuration, I add this UAG under Gateways.

UAG_HA-20

UAG_HA-21

 

Once the UAG is connected and communication established, it will turn green and I can verify the gateway details

UAG_HA-22

UAG_HA-23

 

In vSphere, I create an anti-affinity rule to make sure my UAG’s are newer on the same host

UAG_HA-24

 

Finally, I will test my UAG by logging on from outside my lab. As I don’t have any certificates configured yet, there will be an error on the Horizon web-page

UAG_HA-25

 

In Horizon Administrator I can verify that I’m connected to UAG02

UAG_HA-26

 

I have exported my ini-file to pdf and attached here: view-uag02_ini

 

VMware Unified Access Gateway Documentation

VMware Unified Access Gateway

 

Disclaimer: Every tips/tricks/posting I have published here, is tried and tested in different it-solutions. It is not guaranteed to work everywhere, but is meant as a tip for other users out there. Remember, Google is your friend and don’t be afraid to steal with pride! Feel free to comment below as needed.