none
Network Configuration for UAG Array with DirectAccess linking to ADFS

    Question

  • I am implementing a UAG Array for DirectAccess of company assets, and need to provide portal access for non-company assets.

    I have a 2 node Multicast NLB UAG Array, with the standard single internal VIP and two sequential External VIPs for DirectAccess.

    We would like to use ADFS for SSO to the portal, but that trunk requires an external IP assignment for that link. What network confuration changes do I need to add ADFS?

    Any assistance would be helpful...

    JK


    • Edited by Joshkea Tuesday, November 12, 2013 10:44 PM
    Tuesday, November 12, 2013 9:43 PM

All replies

  • Hi,

    If you already have two IPv4 public addresses used by DirectAccess, you cannot setup a portal trunk on theses adresses. So you need an additionnal Ipv4 public address to introduce a portal trunk linked to it

    Best regards


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    • Proposed as answer by BenoitSMVP Tuesday, November 12, 2013 10:45 PM
    Tuesday, November 12, 2013 10:45 PM
  • So just add an additional external VIP to the NLB config and use that for the adfs link? Why didn't I think of that? Thanks!
    Wednesday, November 13, 2013 6:24 AM
  • Ouch, Miss the point. You need more.

    With NLB, you need one more DIP per UAG node and onr more VIP. Sorry, i read your message too fast.


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    Wednesday, November 13, 2013 8:36 AM
  • Right. So I currently have an external ipv4 DIP assigned to each UAG server and a second NIC on each with an assigned internal DIP. Then I have the NLB config with what I stated above. So I need to add 1 additional VIP to the NLB config and that should be it. Or do I need more DIPs? Thanks again
    Wednesday, November 13, 2013 4:02 PM
  • Hi

    I would say that DirectAccess VIP and DIP cannot be reused. So you need :

    -One public VIP for the NLB

    -One public DIP per UAG nodes composing your Array


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    Wednesday, November 13, 2013 4:58 PM