I am trying to setup the UAG content gateway using the more secure Relay-Endpoint Deployment Model – via 2 fresh UAG’s set up with 3 nics each. The relay is in the DMZ, and the endpoint is internal.
See here: [https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2001/Migrating_CG_to_UAG/GUID-AWT-ARCHITECTURECGONUAG.html](https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2001/Migrating_CG_to_UAG/GUID-AWT-ARCHITECTURECGONUAG.html)
The documentation is pretty poor for this configuration and I cannot find much about it online.
I was able to eventually get the relay UAG up and running, and it connects to Workspace one without issue, my problem lies in the endpoint UAG.
My questions are:
1. Does anyone know how the relay UAG is configured to communicate with the endpoint UAG? I have 443 opened to the endpoint from the relay already.
2. In the relay UAG admin page, there is a Content Gateway Hostname section – is this the hostname for the relay or the endpoint UAG?
3. Do I need to add the Content Gateway Configuration GUID to the endpoint UAG as well (It was already added on the relay).
4. Workspace one has a section to add the Content Gateway Endpoint Address, does this need to be published in external DNS? I published it internally but it made no difference – I don’t see a reason this would need to be external.
Any help here would be great – support won’t help as it is a new configuration – even though they are forcing us off of the windows-based content locker.
View Reddit by theitguyshelp – View Source