bjosoren's IT-Tech blog

IT-Tech blog about different tried and tested solutions based on vmware, microsoft, linux and more tips and tricks

VMware Unified Access Gateway – High Availability

Release date: May 12th 2019

Welcome to my VMware Unified Access Gateway series. This topic will cover setting up High Availability. In order to achieve HA, I will deploy a second UAG. I first make a copy of the ini-file, which I adjust with different network settings. I use this new ini-file when I deploy my second UAG. Before I begin, I will create a DNS-record for my new UAG

UAG_HA-01

I make a copy of my existing ini-file and edit it prior to deploying a new UAG. As I mentioned previously, although I originally design and planned for a 3 nic deployment, I will only use two nics due to the fact that I don’t have a management VLAN/PG in my lab.

UAG_HA-02

The deployment and configuration is very much the same procedure as I used with my primary UAG. Before I start deployment in powershell I set ExecutionPolicy to unrestricted: 

Set-ExecutionPolicy Unrestricted

To start the deployment I run this command:

.\uagdeploy.ps1 .\view-uag02.ini PASSWORD PASSWORD false false no
UAG_HA-03

After deployment, I power up the appliance.

UAG_HA-04

Next I verify the ip-address and connectivity

UAG_HA-06
UAG_HA-05

Next, I log in to the Admin-gui: https://172.16.0.76:9443/admin with the password I set during deployment: admin/PASSWORD

UAG_HA-07

The first time I log in I will be asked to change the password I used during deployment: “PASSWORD”

UAG_HA-08
UAG_HA-09

Once the password is changed, I select Configure Manually

UAG_HA-10

The first thing I want to configure is the UAG Name, this is done within System Configuration

UAG_HA-11
UAG_HA-12

Next I verify the network settings I configured in my ini-file

UAG_HA-13
UAG_HA-14

If I click show on the Edge Service Settings, I can verify my Horizon Settings

UAG_HA-15
UAG_HA-16
UAG_HA-17

To configure HA, I select the High Availability Settings

UAG_HA-18

I enter the Virtual IP i decided on during planning. I also enter the Group ID: 1. I enter these settings on UAG1 afterwards.

UAG_HA-19

I also register this UAG as a gateway in Horizon. In the Servers-section under View Configuration, I add this UAG under Gateways.

UAG_HA-20
UAG_HA-21

Once the UAG is connected and communication established, it will turn green and I can verify the gateway details

UAG_HA-22
UAG_HA-23

In vSphere, I create an anti-affinity rule to make sure my UAG’s are newer on the same host

UAG_HA-24

Finally, I will test my UAG by logging on from outside my lab. As I don’t have any certificates configured yet, there will be an error on the Horizon web-page

UAG_HA-25

In Horizon Administrator I can verify that I’m connected to UAG02

UAG_HA-26

I have exported my ini-file to pdf and attached here: view-uag02_ini

VMware Unified Access Gateway Documentation

VMware Unified Access Gateway

Disclaimer: Every tips/tricks/posting I have published here, is tried and tested in different it-solutions. It is not guaranteed to work everywhere, but is meant as a tip for other users out there. Remember, Google is your friend and don’t be afraid to steal with pride! Feel free to comment below as needed.

%d bloggers like this: