Content Gateway on UAG using Relay-Endpoint Deployment Model

I am trying to setup the UAG content gateway using the more secure Relay-Endpoint Deployment Model – via 2 fresh UAG’s set up with 3 nics each. The relay is in the DMZ, and the endpoint is internal.

See here: [https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2001/Migrating_CG_to_UAG/GUID-AWT-ARCHITECTURECGONUAG.html](https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2001/Migrating_CG_to_UAG/GUID-AWT-ARCHITECTURECGONUAG.html)


The documentation is pretty poor for this configuration and I cannot find much about it online.


I was able to eventually get the relay UAG up and running, and it connects to Workspace one without issue, my problem lies in the endpoint UAG.

My questions are:


1. Does anyone know how the relay UAG is configured to communicate with the endpoint UAG? I have 443 opened to the endpoint from the relay already.
2. In the relay UAG admin page, there is a Content Gateway Hostname section – is this the hostname for the relay or the endpoint UAG?
3. Do I need to add the Content Gateway Configuration GUID to the endpoint UAG as well (It was already added on the relay).
4. Workspace one has a section to add the Content Gateway Endpoint Address, does this need to be published in external DNS? I published it internally but it made no difference – I don’t see a reason this would need to be external.

Any help here would be great – support won’t help as it is a new configuration – even though they are forcing us off of the windows-based content locker.


View Reddit by theitguyshelpView Source

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *